屏蔽不使用新式验证 (ADAL) 的应用Block apps that do not use modern authentication (ADAL)

适用于:经典控制台中的 IntuneApplies to: Intune in the classic console
正在查找有关 Azure 中的 Intune 的文档?Looking for documentation about Intune on Azure? 请转到此处Go here.

使用应用保护策略且基于应用的条件访问依赖使用现代验证(即实现 OAuth2)的应用。App-based conditional access with app protection policies rely on applications using modern authentication which is an implementation of OAuth2. 虽然目前大部分 Office 移动和桌面应用都使用新式验证,但也有第三方应用和旧版 Office 应用使用其他验证方法(如基本身份验证和基于表单的身份验证)。Most current Office mobile and desktop applications use modern authentication, however there are third-party apps and older Office apps that user other authentication methods like basic authentication and forms based authentication.

若要阻止向这些应用授予访问权限,我们建议执行以下操作:To block access to these apps we recommend the following:

 Set-SPOTenant -LegacyAuthProtocolsEnabled $false
重要

基于应用的 CA 不得与基于 Azure Active Directory (Azure AD) 证书的身份验证结合使用。App-based CA must not be used with Azure Active Directory (Azure AD) certificate based authentication. 一次只能配置其中一种。You can only have one of these configured at a time.

另请参阅See also

仅允许 Intune 支持的应用访问 O365 服务Allow only apps supported by Intune to access O365 services

要提交产品反馈,请访问 Intune Feedback