How to – Use Azure AD Conditional Access to block user access by device platform (Dynamics 365)


Recently we were exploring Azure AD Conditional Access, through which we can define and enforce the organization’s policies regarding access to its resources.

Get more details here

https://docs.microsoft.com/en-gb/azure/active-directory/conditional-access/overview

Here we will define a simple conditional access policy through which we are restricting a user’s access to Common Data Service through Android OS, but allowing the same through the other device platforms.

Login to Azure Admin Portal

https://portal.azure.com/

Before we can specify a new policy, we need to disable the Enable Security defaults.

Navigate to Azure Active Directory – Properties and click on Manage Security defaults link

Set “Enable Security defaults” to No

Next, Navigate to Security – Conditional Access

Activate the Azure AD Premium trial required to configure conditional access.

Create a new policy.

  • For Users and Groups, we have specified the user “testuser1“. The other options available are guest, external users, directory roles and groups.

  • For Cloud apps or actions, we have selected Common Data Service

  • For Conditions, we have selected only Android as the Device Platform to which the policy should apply.

For Access Controls – Grant we have selected Block Access.

Enable the policy and save.

Let us login through the browser with the testuser1 in windows

Now let us try the same from the Dynamics 365 mobile app from Android.

And the same experience from browser within the Android.

As expected the users is not able to access Dynamics 365 from Android device, and the same user can access from the browser and Dynamics 365 Tablet app from Windows as shown below.

  • What if we update the device platform and select Windows as well?

As expected, the user is not able to access both the browser as well as the app from the windows.

  • What if we want the user to access it from the browser and only restrict it from a mobile app and desktop client?

Update the policy and specify the below Client Apps condition for that

“Modern authentication clients”

As expected, the user can access through the browser but not the app.

The same experience from within the Android phone.

From browser –

From the Dynamics 365 Mobile App –

Thus we saw how easy it is to get the policy defined and enforced using Azure AD Conditional Access.

Understand the best practices with regards to Conditional Access in Azure Active Directory

https://docs.microsoft.com/en-gb/azure/active-directory/conditional-access/best-practices

Hope it helps..

Advertisements

Author: Nishant Rana

I love working in and sharing everything about Microsoft.NET technology !

7 thoughts on “How to – Use Azure AD Conditional Access to block user access by device platform (Dynamics 365)”

Please share your thoughts

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

The CRM Ninja

Thoughts & musings from a Dynamics 365 Ninja!

CRM for You and Me

Customer Relationship Mgt App for the Professional

D CRM Explorer

Learn about Microsoft Dynamics CRM Power Platform customization and implementation and other cool stuffs

Stroke // Jonas Rapp

I know pre-stroke. I will improve who I was.

Power Melange

Power Melange By Shalinee

Clavin's Blog

Power Automate - Power Apps - SharePoint Online - Azure - Nintex - K2 - Artificial Intelligence

Sat Sangha Salon

An Inquiry in Being

The Indoencers

The Influencers & Influences of Indian Music

Monika Halan's blog

Hand's-free money management

D365 Demystified

A closer look at Microsoft Dynamics 365.

Microsoft Mate (msftmate) - Andrew Rogers

Experienced consultant primarily focused on Microsoft Dynamics 365 and the Power Platform

Knowhere365

Specific topics by Django Lohn on the whole Microsoft365 Stack

Manmit Rahevar's Blog

One Stop Destination for Microsoft Technology Solutions

MG

Naturally Curious

Brian Illand

Power Platform and Dynamics 365

Steve Mordue MVP

A Microsoft Business Applications MVP

Subwoofer 101

Bass defines your home theater

SQLTwins by Nakul Vachhrajani

SQL Server tips and experiences dedicated to my twin daughters.

Everything D365

Discovering Azure DevOps and D365 Business Applications

Tech Wizard

Lets do IT Spells

Two Bite Tips

Valuable Tips To Grow Your Business

XRM Tricks (Power Platform & Dynamics CRM )

Power Platform & Dynamics CRM

CRM TIPS BY PRM

Mail to crmtipsbyprm@gmail.com for queries and suggestions

nijos.dev

Giving back to the community what I have learned

xrm CRM Dynamics

Dynamics CRM Technical & Functional Info

Dynamics 365 Blogs - Explained in unique way

Sometimes you need to look at things from different perspective.

CRM Keeper

Dynamics 365 Customer Engagement, CRM, Microsoft CRM, Dynamics CRM

EVOLVED365

Step into the world of a Dynamics 365 Consultant

Dianamics PCF Lady

Diana & Dynamics 365 & Power Platform

Sara Lagerquist

No Code Customization Concepts

innovativeaj

developer, designer, writer, fun loving, patriotic, humble and a sweet person inside out :) love and respect people who have a great sense of humor.

Temmy Wahyu Raharjo

Dreaming to be a clean coder and TDD minded programmer.

Transform 365

We blog about problems we face and code we write to help others

%d bloggers like this: