Forum Discussion

dilanmic's avatar
dilanmic
Iron Contributor
Oct 07, 2022

Control the Application behavior within the organization network

Hi All,   one of my client is having below concerns and wanted to know whether these would be possible scenarios.   1)  Can we block user from accessing to Shared drive and RDP within Organizatio...
  • Jonhed's avatar
    Oct 09, 2022
    Could you elaborate on what the goals are?

    1) Where are these shared drives and servers? Are they managed by the company?
    Conditional access only works on applications and resources that use Azure AD. Resources can be both on-premise and in the cloud, but this does not work with regular file servers and RDP access.
    This would normally be managed via firewalls and local/domain authentication.
    If you want to block RDP to resources outside of the company network, I would block 3389 in the firewall.
    If you want to block access to shared drives such as Box or Dropbox, I would block this with a proxy or firewall.

    2) You can extend conditional access to on-premises applications by using Azure AD Application Proxy.
    https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy

Resources