You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CloudAppSecurityDocs/caac-known-issues.md
+13-14Lines changed: 13 additions & 14 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -119,27 +119,26 @@ When a session policy is enforced using Edge in-browser protection and the user
119
119
120
120
Example Scenario:
121
121
122
-
A user was originally assigned a CA policy for the Salesforce application, along with an Defender for Cloud apps session policy that blocked file downloads. As a result, downloads were blocked when the user accessed Salesforce in Edge.
122
+
A user was originally assigned a CA policy for Salesforce along with a Defender for Cloud Apps session policy to block file downloads. As a result, downloads were blocked when the user accessed Salesforce in Edge.
123
123
124
124
Although the admin later removed the CA policy, the user still experiences the download block in Edge due to cached policy data.
125
125
126
126
Mitigation Options:
127
127
128
128
Option 1: Automatic cleanup
129
-
1. Reassign the user/app to the CA policy.
130
-
2.Remove the corresponding Defender for Cloud Apps session policy.
131
-
3. Have the user access the application using Edge, this will trigger the policy removal automatically.
132
-
4.Remove the CA policy again.
129
+
1. Add the user/app back into the scope of the CA policy.
130
+
2.Remove the corresponding Defender for Cloud Apps session policy.
131
+
3. Wait for users to access the application using Edge. This will automatically trigger the policy removal.
132
+
4.Remove the user/app from the scope of the CA policy.
133
133
134
-
Option 2: Manual cleanup
135
-
1. Delete the cached policy file
136
-
- Go to: C:\Users\<username>\AppData\Local\Microsoft\Edge\
137
-
- Delete the file: mda_store.txt
138
-
139
-
2. Remove the work profile in Edge
140
-
- Open Microsoft Edge.
141
-
- Navigate to Profile Settings.
142
-
- Delete the work profile associated with the outdated session policy.
134
+
Option 2: Delete the cached policy file (Manual cleanup)
135
+
1. Go to: C:\Users\<username>\AppData\Local\Microsoft\Edge\
136
+
2. Delete the file: mda_store.txt
137
+
138
+
Option 3: Remove the work profile in Edge (Manual cleanup)
139
+
1. Open Edge.
140
+
2. Navigate to Profile Settings.
141
+
3. Delete the work profile associated with the outdated session policy.
143
142
144
143
These steps will force a policy refresh and resolve enforcement issues related to outdated session policies.
0 commit comments