Forum Discussion
Restrict email access to Exchange Online
Conditional access is not only tied to devices, you can have criteria such as location (IP range). Incidentaly, they just added this blade in the new Azure portal so you can see fresh screenshots here: https://blogs.technet.microsoft.com/enterprisemobility/2016/12/15/conditional-access-now-in-the-new-azure-portal/
Thanks VasilMichev Was playing with that new options yesterday. It does block OWA and the Win10 build-in mail app, but does not block Outlook. Maybe I`ve done something wrong in my setup, but I`ve not been able to block Outlook on non-managed (not domain joined) Windows devices yet.
I have enabled modern authentication for Exchange Online.
It now shows me a message access is blocked when I try to connect using Outlook, but is does that on a domain joined device as well. So I have no access to Exchange Online anymore with my test users.Try using an IP range, the "device is domain joined" requires device registration if I remember correctly.
Is says "This does not include Azure AD join".
When I use a trusted IP, it allows me to connect, but when using a laptop outside of the internal network it will block access and that is something we don`t want.
