Office modern authentication (ADAL) v O365 tenantu (OAuth2ClientProfileEnabled: True) znefunkční ADFS authorization rule „Block all external access to Office 365 except Browser-based apps“.
Block all external access to Office 365 except Browser-based apps | Implement conditional policies in Office 365/Azure AD to block “Rich Client” traffic (allow on ADFS). | This scenario is not yet supported for public preview and we recommend organizations that rely on this scenario to not onboard their tenants for modern authentication. |
If scenario # 3 applies to you, and you enable modern authentication on your tenant, rich clients (Outlook and other Office apps) will be able to bypass your client access filtering policies and in ADFS access resources like Exchange Online and SharePoint online.
Zapnutí ADALu: HKCU\SOFTWARE\Microsoft\Office\15.0\Common\Identity\EnableADAL – REG_DWORD – 1
Vypnutí DALu: HKCU\SOFTWARE\Microsoft\Office\15.0\Common\Identity\EnableADAL – REG_DWORD – 0