May 09 2022 02:53 AM
Hallo zusammen,
gibt es in der Endpoint-Verwaltung die Möglichkeit, dass sich Mitarbeiter z.B. nur zwischen 8:00 Uhr bis 19:00 Uhr am PC anmelden können? Danach sollen sie automaisch abgemeldet werden.
On-Prem wären das die Anmeldezeiten. Bei Intune / Endpoint hab ich es leider nicht gefunden.
Gruß
robse
May 09 2022 03:49 AM
May 09 2022 05:28 AM
May 09 2022 08:09 AM
May 09 2022 12:39 PM
Hi Martin,
thank you for the information. Than i have to find another solution. 😞
Regards,
Robert
May 09 2022 10:39 PM
hi @Robse030 ,
what you can try as a solution (not officially supported by Microsoft) is to disable the computer object in azure ad . So the users are not allowed to logon anymore.
you can create a logic app which disable and enable all your computer object at a specific time.
I don’t know if this is working but maybe it is a solution.
kind regards,
rene
May 10 2022 05:59 AM - edited May 10 2022 06:03 AM
@Mr_Helaas very creative! You've pointed me into another (perhaps not supported) direction. I'm wondering if "Deny Local Log On" could work in this scenario.
@Robse030 you'll have to test this in your dev tenant:
This would effectively block all (standard) users from login-on to your Windows device locally.
As with @Mr_Helaas solution, you'll also need to have another policy that removes Users from "Deny Local Log On" and automate this process.
Have a look at Policy CSP - UserRights - Windows Client Management | Microsoft Docs
That being said, I'm not sure if I'm crossing the line here with (sort of) unsupported solutions... but I tricked myself into thinking outside the box...