This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ Log in to ask a question

Context-Aware Access for blocking older Operating Systems

mw_slocoe
New Contributor II

‎12-12-2025 07:19 AM

I have created a CAA rule for blocking older Windows and MacOS from logging into Google Apps. It is currently in Monitor Mode but it seems to block what I want to allow. Do I have it misconfigured or am I reading the log wrong?

Config....

2025-12-12 07_11_20-Greenshot.png

Log....

2025-12-12 07_16_31-Greenshot.png

0 Kudos
Reply
2 REPLIES 2

Scott
New Contributor II

‎12-15-2025 09:08 AM

We are not using OS rules for CAA so this is just a guess from me, but did you deploy the endpoint verification extension or helper to devices?  Also it looks like that rule is going to block mobile and Chromebook access for your accounts...which could be intended, but just in case 😀

Reply

Kim_Nilsson
Admin Moderator
In response to Scott

‎12-16-2025 02:01 AM

Yeah, the Endpoint Verification extension is necessary.

Other than that, the rules look OK, with the caveat that @Scott mentions. 🙂

This is what I have to block old versions of macOS. Sorry about the popor image quality. It wasn't possible to print the entire page to PDF, so I had to take a zoomed out screenshot, and then zoom in again in Paint. 🙂

CAA_Any_OS.png

Oh, I also found this interface, which isn't supposed to be available for Education. I still set them all to Warn. 🙂

https://admin.google.com/ac/context-aware/security-advisor

 

--
https://wheretofind.me/@NoSubstitute
Reply
  • © 2023 Google. All rights reserved.
  • Privacy Policy
  • Terms of Service
  • Community Guidelines