Forum Discussion
Exclude Teams from conditional access
Well Teams uses SPO at the backend, so are you OK with blocking access to any files-related functionality? And how exactly do you envision preventing external access, do you mean blocking Guest users or?
Yes, i know that. So is there a way to do this?
The idea was, when employees are not in the internal office network, they cannot use SharePoint & OneDrive but can use Teams for communication.
For that scenario, I would recommend simply adding IP restriction in the SPO/ODFB admin portal.
VasilMichev In my case, I have a specific group that will have access to Teams externally, but even creating the specific exclusion for it, it is being blocked. I saw that Sharepoint Online and Exhange Online also affect Teams, however the off-line release for this group is only for Teams and not the other applications. I have a case that looks like this:
https://answers.microsoft.com/en-us/msoffice/forum/all/microsoft-teams-and-conditional-access/6c36e213-9386-41a1-a076-7c325a4e82a2
Is there a method to solve this problem?
External access to other cloud applications can be restricted through conditional access policies, yes, but at the expense of the related functionality being restricted in the Teams client for external users.
Without external Exchange access the user will have no channel or private chat functionality.
Without OneDrive for Business access, the user will not be able to privately share any files.
Without SharePoint Online access, the user will not be able to access Teams and channel files.
Another consideration is that if 2FA is enabled for SharePoint, OneDrive, or Exchange, then it should be enabled for Teams also, otherwise the corresponding functionality will be restricted.
