The Block All policy is intended to prevent all access to M365 by all protocols. Used under very rare circumstances such as when someone needs to be blocked from M365 without an EID lock.
Assignments
User or workload identities
- Included - user(s) requiring block
- Excluded - Global administrator directory role and Surface.Hub.Conditional.Access.Bypass.Group@austin.utexas.edu
Cloud apps or actions
- All cloud apps
Conditions
- Locations - none
- Client apps - all selected
Access controls
Grant
- Block access
Session
- 0 controls selected