Home

Use Conditional Access to Restrict Microsoft Teams

%3CLINGO-SUB%20id%3D%22lingo-sub-102409%22%20slang%3D%22en-US%22%3EUse%20Conditional%20Access%20to%20Restrict%20Microsoft%20Teams%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-102409%22%20slang%3D%22en-US%22%3E%3CP%3EHell%20everyone.%20I%20wrote%20a%20new%20blog%20post%20about%20how%20to%20restrict%20access%20to%20Microsoft%20Teams%20using%20Azure%20AD%20Conditional%20Access.%20To%20me%2C%20this%20opens%20up%20a%20new%20world%20of%20possibilities%20and%20use%20cases%20with%20the%20product.%20Let%20me%20know%20your%20thoughts%2C%20feedback%2C%20input%20and%20comments%20and%20if%20you%20find%20this%20valuable%20or%20useful%20-%20or%20would%20like%20for%20me%20to%20expand.%20Thanks%20so%20much!%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fblogs.technet.microsoft.com%2Fskypehybridguy%2F2017%2F08%2F31%2Fmicrosoft-teams-restrict-usage-with-azure-ad-conditional-access%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fblogs.technet.microsoft.com%2Fskypehybridguy%2F2017%2F08%2F31%2Fmicrosoft-teams-restrict-usage-with-azure-ad-conditional-access%2F%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-102409%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAccess%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%20Management%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-103449%22%20slang%3D%22en-US%22%3ERe%3A%20Use%20Conditional%20Access%20to%20Restrict%20Microsoft%20Teams%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-103449%22%20slang%3D%22en-US%22%3E%3CP%3EI%20don't%20have%20an%20answer%20for%20the%20other%20question.%20Can%20you%20describe%20in%20more%20detail%20please%3F%20I'll%20look%20into%20labbing%20this%20up%20and%20writing%20a%20blog%20on%20it%20if%20it%20makes%20sense.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-103116%22%20slang%3D%22en-US%22%3ERe%3A%20Use%20Conditional%20Access%20to%20Restrict%20Microsoft%20Teams%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-103116%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%2C%20any%20idea's%20regarding%20the%20other%20question%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-102810%22%20slang%3D%22en-US%22%3ERe%3A%20Use%20Conditional%20Access%20to%20Restrict%20Microsoft%20Teams%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-102810%22%20slang%3D%22en-US%22%3E%3CP%3EGood%20question.%20As%20I%20mentioned%20in%20the%20blog%20post%2C%20once%20you%20go%20off%20network%20(roam%20from%20WiFi%20to%20cellular)%20you%20will%20still%20have%20access%20to%20the%20app%20for%20up%20to%20an%20hour%20until%20the%20next%20authentication%20refresh%20happens%2C%20at%20which%20point%20you%20will%20be%20challeged%20to%20authenticate%20and%20as%20Conditional%20Access%20kicks%20in%20-%20you'll%20be%20denied%20(see%20screenshots%20in%20blog%20post).%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-102700%22%20slang%3D%22en-US%22%3ERe%3A%20Use%20Conditional%20Access%20to%20Restrict%20Microsoft%20Teams%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-102700%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Matt%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhat%20will%20happen%20when%20a%20user%20roams%20from%20the%20wifi%20to%20cellular%3F%20The%20article%20is%20awesome%2C%20just%20received%20a%20question%20from%20a%20customer%20regarding%20this%20topic.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOther%20question%3A%20Is%20it%20possible%20to%20add%20users%2Fgroups%20from%20other%20tenants%20or%20do%20we%20need%20to%20configure%20B2BCollobaration%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ebest%20regards%2C%3C%2FP%3E%3CP%3EJurgen%20Hannink%3C%2FP%3E%3C%2FLINGO-BODY%3E
Matt Soseman
Microsoft

Hell everyone. I wrote a new blog post about how to restrict access to Microsoft Teams using Azure AD Conditional Access. To me, this opens up a new world of possibilities and use cases with the product. Let me know your thoughts, feedback, input and comments and if you find this valuable or useful - or would like for me to expand. Thanks so much! https://blogs.technet.microsoft.com/skypehybridguy/2017/08/31/microsoft-teams-restrict-usage-with-az...

4 Replies

Hi Matt,

 

What will happen when a user roams from the wifi to cellular? The article is awesome, just received a question from a customer regarding this topic.

 

Other question: Is it possible to add users/groups from other tenants or do we need to configure B2BCollobaration?

 

best regards,

Jurgen Hannink

Good question. As I mentioned in the blog post, once you go off network (roam from WiFi to cellular) you will still have access to the app for up to an hour until the next authentication refresh happens, at which point you will be challeged to authenticate and as Conditional Access kicks in - you'll be denied (see screenshots in blog post).

Thanks, any idea's regarding the other question?

I don't have an answer for the other question. Can you describe in more detail please? I'll look into labbing this up and writing a blog on it if it makes sense.

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
38 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
13 Replies