Use Azure AD Conditional Access to block access by country (Dynamics 365)


In the previous post, we covered conditional access based on the device platform, here we’d look into how we can use the network location to block the access.

We can either use IP ranges or Countries / Regions for defining the location.

Login into the Azure Portal

https://portal.azure.com/

Navigate to Azure Active Directory – Security – Named locations to define the location.


Here we are adding a new countries location record.


For the new location, we have selected India and UAE.


Next click on Conditional Access to define a new policy.


For Users and groups, we have selected a user named testuser1.


For Cloud Apps or actions, we have selected Common Data Service.


For Conditions, we have specified Locations condition with the Restricted Locations record that we had created earlier.


For Access Controls, we have selected Block access.


Enable and create the policy.


Before the policy was enabled, test user1 was able to access Dynamics 365.


After enabling the policy if we try accessing Dynamics 365 from either UAE or India location, we’d get the below message.


Same for the Dynamics 365 for Phones app.


Test user 3 to which policy doesn’t apply can still access Dynamics 365.


Hope it helps..

Author: Nishant Rana

I love working in and sharing everything about Microsoft.NET technology !

7 thoughts on “Use Azure AD Conditional Access to block access by country (Dynamics 365)”

Leave a Reply to Phani Rajasekhar Cancel reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.