One feature that was requested for a really long time by many of my customers was the ability to control access to portal.office.com. Until now this was a big miss since users could open this portal regardless of your conditional access policies created for your other Office 365 services. Off course the services accessible via […]READ MORE
Office 365 Portal, and more now controllable by Azure AD Conditional Access
Back in October I wrote a blog about Conditional Access, Exchange Online and session controls. With Conditional Access in Azure AD you are able to “make” Outlook on the web (aka OWA) selectively read only or block access to attachments. In this video we will look unrestricted access to Outlook on the Web, Read Only […]READ MORE
Session controls in Conditional Access now also controlling Exchange Online
I have had and still have customers that want to restrict access via Outlook Web App (OWA) to Exchange Online. For instance, they want to block download of attachments when users access their mailbox via OWA. Until recently this could be done via the OWA Mailbox Policy in Exchange (Online), by setting the DirectFileAccessOnPublicComputersEnabled and […]READ MORE
Global- , Exchange-, SharePoint-, Conditional Access Admins -> action required!
Yesterday I was triggered by a colleague of mine that administrators of services in Azure or Office 365 are automatically required to login via Multi-Factor Authentication (MFA) when accessing the service in the future. When logging in to one of my tenants indeed a new conditional access policy listed in the conditional access blade of […]READ MORE
New in Intune location-based device compliance for Android
Released this week in Intune is location-based compliance. In other words, based on your location your device is marked as compliant or not, based on the location you get access to services in Azure or Office 365 or not. A location can be based on the following IPv4 variables; IPv4 Range (eg. 192.168.1.0/24) IPv4 Gateway […]READ MORE
Tune your Microsoft Intune device compliance behavior
Last year Microsoft was planning to mark devices that were not evaluated by a compliance policy as non-compliant. The default behavior is that if a device is not evaluated by a compliance policy that it is being marked as compliant and therefor the user has access to services controlled by Conditional Access in Azure AD, […]READ MORE
Intune Company Portal for Macos in preview
Microsoft released almost two weeks ago Conditional Access for Macos operating systems as part of Azure AD, which allows you to control that you only allow access from devices that are managed by Microsoft Intune and that are compliant. At the same time Microsoft released the preview of the Company Portal for the same device […]READ MORE
Action required: Check your Conditional Access policies!
Due to an incident (IT85607) while moving the Conditional Access policies from “Preview phase” to “general availability” in Azure Active Directory, the Conditional Access policies in Microsoft Intune might be disabled. Since the two are basically the same you need to check your Conditional Access policies are still configured correctly.READ MORE
More Android Compliance rules arrived in Intune
In one of my tenants the new compliance rules for Android arrived last night. So as from now we are able to block users to access corporate data that have Android devices that have enabled USB Debugging, enabled the installation of apps from Unknown Sources and when users have disabled the option “Scan device for […]READ MORE
How to force the usage of Managed Browser via AD FS
After the last blog about conditional access of Outlook Web App and SharePoint Online is forcing that the Managed Browser is used when accessing the service. This last part can be done via Active Directory Federation Service (AD FS). With AD FS you are able to allow or block access based on attributes of the […]READ MORE
Conditional Access for OWA and SharePoint web access arrive to Intune
The last couple of weeks I had the privilege to test a feature that has just has been announced today to be released to Microsoft Intune . Conditional access to Outlook Web App and SharePoint Online web access for mobile devices. (CA for web services like OWA and SharePoint for Windows (mobile and PC) is coming […]READ MORE
Subscribe to my YouTube channel!
About Peter Daalmans
Peter tries to speak every year on several events like TechDays Netherlands, ExpertsLive, IT/Dev Connections, BriForum, Midwest Management Summit, TechEd Australia, TechEd New Zealand and in 2017 Peter had the honor to speak at Microsoft Ignite. See more here.
Author of four books about Configurtion Manager and Microsoft Enterprise Mobility +Security