How to – Use Azure AD Conditional Access to block user access by device platform (Dynamics 365)


Recently we were exploring Azure AD Conditional Access, through which we can define and enforce the organization’s policies regarding access to its resources.

Get more details here

https://docs.microsoft.com/en-gb/azure/active-directory/conditional-access/overview

Here we will define a simple conditional access policy through which we are restricting a user’s access to Common Data Service through Android OS, but allowing the same through the other device platforms.

Login to Azure Admin Portal

https://portal.azure.com/

Before we can specify a new policy, we need to disable the Enable Security defaults.

Navigate to Azure Active Directory – Properties and click on Manage Security defaults link

Set “Enable Security defaults” to No

Next, Navigate to Security – Conditional Access

Activate the Azure AD Premium trial required to configure conditional access.

Create a new policy.

  • For Users and Groups, we have specified the user “testuser1“. The other options available are guest, external users, directory roles and groups.

  • For Cloud apps or actions, we have selected Common Data Service

  • For Conditions, we have selected only Android as the Device Platform to which the policy should apply.

For Access Controls – Grant we have selected Block Access.

Enable the policy and save.

Let us login through the browser with the testuser1 in windows

Now let us try the same from the Dynamics 365 mobile app from Android.

And the same experience from browser within the Android.

As expected the users is not able to access Dynamics 365 from Android device, and the same user can access from the browser and Dynamics 365 Tablet app from Windows as shown below.

  • What if we update the device platform and select Windows as well?

As expected, the user is not able to access both the browser as well as the app from the windows.

  • What if we want the user to access it from the browser and only restrict it from a mobile app and desktop client?

Update the policy and specify the below Client Apps condition for that

“Modern authentication clients”

As expected, the user can access through the browser but not the app.

The same experience from within the Android phone.

From browser –

From the Dynamics 365 Mobile App –

Thus we saw how easy it is to get the policy defined and enforced using Azure AD Conditional Access.

Understand the best practices with regards to Conditional Access in Azure Active Directory

https://docs.microsoft.com/en-gb/azure/active-directory/conditional-access/best-practices

Hope it helps..

Advertisements

Author: Nishant Rana

I love working in and sharing everything about Microsoft.NET technology !

Power Spark

Power Spark By Shrangarika

Van Carl Nguyen

Exploration of Power Platform

My Trial

It is my experience timeline.

Power⚡Thomas

Sharing my knowledge and experience about the Microsoft Power Platform.

Arpit Power Guide

a guide to powering up community

Welcome to the Blog of Paul Andrew

Sponsored by Cloud Formations Ltd

Deriving Dynamics 365

Deriving Solutions and features on Power Platform/Dynamics 365

The CRM Ninja

Thoughts & musings from a Dynamics 365 Ninja!

buycrm.shop

D CRM Explorer

Learn about Microsoft Dynamics CRM Power Platform customization and implementation and other cool stuffs

Stroke // Jonas Rapp

I know pre-stroke. I will improve who I was.

Microsoft Dynamics CRM / 365

Balu Gajjala

Power Melange

Power Melange By Shalinee

Clavin's Blog

Power Automate - Power Apps - SharePoint Online - Azure - Nintex - K2 - Artificial Intelligence

Sat Sangha Salon

An Inquiry in Being

The Indoencers

The Influencers & Influences of Indian Music

Lets think Innovative

Kokulan's Blog

Monika Halan's blog

Hand's-free money management

D365 Demystified

A closer look at Microsoft Dynamics 365.

Microsoft Mate (msftmate) - Andrew Rogers

Experienced consultant primarily focused on Microsoft Dynamics 365 and the Power Platform

Knowhere365

Specific topics by Django Lohn on the whole Microsoft365 Stack

KKIT365

Manmit Rahevar's Blog

One Stop Destination for Microsoft Technology Solutions

MG

Naturally Curious

Microsoft Technologies and D365 Blogs by Prasanna Vadlamudi

Prasanna Vadlamudi

Brian Illand

Power Platform and Dynamics 365

Steve Mordue MVP

A Microsoft Business Applications MVP

Subwoofer 101

Bass defines your home theater

justanotherbuzzword.wordpress.com/

Neel Bhatt

SQLTwins by Nakul Vachhrajani

SQL Server tips and experiences dedicated to my twin daughters.

Codemender

Everything D365

Discovering Azure DevOps and D365 Business Applications

Tech Wizard

Lets do IT Spells

Jan Kodet

Minh Trung 's Weblog

stoovo

twobitetips.com/

Regina Properties For Sale | Russ Parry REALTOR® | RE/MAX Crown Real Estate

Russ Parry REALTOR®

mobiupdates.com

XRM Tricks (Power Platform & Dynamics CRM )

Power Platform & Dynamics CRM

CRM TIPS BY PRM

Mail to crmtipsbyprm@gmail.com for queries and suggestions

Microsoft Dynamics CRM Blog

nijos.dev

Giving back to the community what I have learned

Power Platform Learning

Learn and Share

xrm CRM Dynamics

Dynamics CRM Technical & Functional Info

SharePoint and other geeky stuff

Dynamics 365 Blogs - Explained in unique way

Sometimes you need to look at things from different perspective.

CRM Keeper

Dynamics 365 Customer Engagement, CRM, Microsoft CRM, Dynamics CRM