Onboard a Intranet website with Session controls

%3CLINGO-SUB%20id%3D%22lingo-sub-1884864%22%20slang%3D%22en-US%22%3EOnboard%20a%20Intranet%20website%20with%20Session%20controls%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1884864%22%20slang%3D%22en-US%22%3E%3CP%3EHello%20Team%2C%20Customer%20would%20like%20to%20give%20a%20read%20only%20experience%20users%20who%20are%20accessing%20intranet%20website%20(%3CA%20href%3D%22https%3A%2F%2Fcontosoinranet%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fcontosoinranet%2F%3C%2FA%3E)%20on%20non-trusted%20PCs%20(Non%20Hybrid%20Join%20PCs).%20All%20users%20are%20having%20Azure%20Active%20Directory%20P1%20license%20assigned.%20Is%20there%20any%20resource%20you%20can%20guide%20me%20to%20achieve%20this%20%3F%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1884864%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ECloud%20App%20Security%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1885832%22%20slang%3D%22en-US%22%3ERe%3A%20Onboard%20a%20Intranet%20website%20with%20Session%20controls%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1885832%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F462639%22%20target%3D%22_blank%22%3E%40Suneshes%3C%2FA%3E%26nbsp%3BI%20am%20assuming%20your%20intranet%20is%20based%20on%20SharePoint.%20If%20so%2C%20please%20check%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsharepoint%2Fcontrol-access-from-unmanaged-devices%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsharepoint%2Fcontrol-access-from-unmanaged-devices%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Microsoft

Hello Team, Customer would like to give a read only experience users who are accessing intranet website (https://contosoinranet/) on non-trusted PCs (Non Hybrid Join PCs). All users are having Azure Active Directory P1 license assigned. Is there any resource you can guide me to achieve this ? 

2 Replies

@Suneshes I am assuming your intranet is based on SharePoint. If so, please check https://docs.microsoft.com/en-us/sharepoint/control-access-from-unmanaged-devices

It the intranet is on an on-premises system,
1. Use Azure AD App Proxy to provide access to the website
2. Create a Conditional Access Policy to evaluate the device and configure the session control