Forum Discussion
Solved
Allow SSPR only from Azure Joined Windows Devices
Hi everyone,
We want to use SSPR only from specific devices. I don't talk about registration.
The point is to use https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-windows and deny SSPR from devices by using conditional access.
Any ideas?
Rahamim.
- Don't think this functionality exists at the moment. At best you can restrict registration to a known location using CA, but that's about it.
3 Replies
Hi. You can enable the SSPR CSP policy and deploy it to a group containing only Azure AD devices.
As for using CA to deny SSPR, what is the exact scenario?
- I want to allow users to reset their password from their Azure joined computers only. Not from a smart phone or a non Azure joined devices.
- Don't think this functionality exists at the moment. At best you can restrict registration to a known location using CA, but that's about it.
