Sep 17 2018 08:23 AM
Hi,
I have been watching the Microsoft Cloud App Security deep dive: Learn how to deploy and manage - BRK3008 session from Ignite last year and the presenter says that you can unsanction subdomains in SharePoint. I have this requirement and wondered if anyone could advise me on how to achieve this as I only want to allow access to the corporate SharePoint online and not any other tenants. I can see in my discovered apps that I have two subdomains but there is not option (three dots) to unsanction one of them. Also, because SharePoint is a connected app it has automatically sanctioned it and there doesn't seem to be a way of unsanctioning the SharePoint online tenant I want to restrict.
Thanks,
Stuart
Sep 20 2018 01:00 AM
Hi Stuart,
Cloud Discovery currently allows you to mark cloud apps as unsanctioned while per your question it is not supported for specific sub-domains.
Could you please provide some more details on your scenario? Are you looking for marking these Sharepoint instances as unsanctioned in MCAS portal or are there additional use cases?
Thanks,
Danny.
Sep 20 2018 05:43 AM
Hi Danny,
My scenario is that we have a corporate SharePoint Online domain that I want my users to be able to use, so I want this sanctioned. I then see that there are a couple of other subdomains which I believe are being accessed by other people in the organisation. I don't want these sanctioned.
If I create a blocking script it seems that I have to sanction SharePoint Online domains, which is what I'm trying to avoid.
Kind regards,
Stuart
Sep 20 2018 07:29 AM
SolutionSep 20 2018 07:29 AM
Solution