This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 55.00000000000001%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAG%3C/text%3E%3C/svg%3E)
Greetings,
I'm afraid that this one can't be blocked by design, but I will ask anyway. Is there a way to block login attempt from Microsoft Azure PowerShell? We are constantly probed from all around the world, and I can't see to figure out how to block this. We are blocking all unused apps via Conditional Access Rules, plus there is a geolocation filter, but it kicks in only after successful authentication.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 38%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
You might consider trying the approach described in
https://call4cloud.nl/2020/11/the-conditional-access-experiment/
hth
Marcin
Thanks, Marcin. I already block all apps, except for o365, but here is the problem: Conditional Access policies are always applied after successful authentication, regardless of the protocol, so you can be probed for password again and again without being blocked. Our users only need email access, but o365 come with these endless ways to auth, which are a huge security risk by design.
This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Thank you for posting this in Microsoft Q&A.
I understand that you want to know way to block "Microsoft Azure PowerShell" for all users.
You can use conditional access policy or script to block Microsoft Azure PowerShell for all users in Entra. I noticed that you have already tried the conditional access policy.
Please follow the steps which mentioned in this document: Blocking Powershell
Hope this helps. Do let us know if you any further queries.
Thanks,
Navya.
Following up to see if the above answer was helpful. If this answers your query, do click Accept Answer And, if you have any further query do let us know.