Quest On Demand Recovery - Restoring an Azure Conditional Access Policy

In this demo, we're going to take a look at backing up and restoring conditional access policies. So first, let's take a look at the conditional access policy we created. In Azure Active Directory Admin Center, click onto Azure Active Directory, click on Security, and then select conditional access. We have created one conditional access policy called 0365MFA, which requires a user to provide multi-factor authentication when using any cloud app. Let's make sure our policy is working correctly. We will log in to Office 365 with our user as S. Smith to verify that the user is being asked for secondary credentials. Looks like our policy is working correctly. Back at the Quest On Demand portal, we need to configure a couple items. So first of all, we need to make sure our backups are scheduled. So if we enable the schedule we create a backup every one hour automatically. We also need to set a retention time. In our case it is one year. And we need to make sure that we select the option to backup MFA settings and conditional access policy. Even though backup is being created every hour, you also have the option to create a backup manually. In the tasks pane you can see the progress of the backup. You can click on that link, and it'll take you to a page looking at the details of that particular task. Now let's go back to the Azure admin portal and delete the 03365MFA policy that we created. We can now try to log in as S. Smith to see if the user is prompted for multi-factor authentication. And as you can see, they are not. In order to restore the policy we need to unpack one of the backups. So from the On Demand portal we will select unpack backup. I'll select the latest backup. And also be sure to check the option to unpack conditional access policies. The status of the task can be seen in the task pane. You can click on the link to get more details about this particular task. Once the unpacking process has completed, we can go to the dashboard. We can see there were 327 objects in the backup that were unpacked. We can also see that there are two differences, One changed object and one hard deleted object. On the differences page, we can see a comparison of the online backup to what is currently in Active Directory. And here we have our 0365MFA policy that was deleted. In order to restore this, we select it and we click Restore. We can now click View Details to look at the details of the task. And the task is completed, which means the conditional access policy has been restored. If we return to the Azure Active Directory admin portal, refresh the screen, we can see that our 0365MFA policy has been restored. So let's verify everything has been restored successfully. We will log in as S. Smith and make sure that our 0365MFA policy is in effect. And as we can see, he's being prompted to enter the code. For more information on Quest on Demand go to Quest.com/on-demand.