Intune - Admin Network Restrictions

Copper Contributor

Hi, I'm fairly new to Intune and was hoping someone could point me in the right direction on this.

 

 

I am trying to create a policy that blocks all outgoing/incoming access (internet/email/RDP) when users are on an admin or priviliged account instead of their normal O365 account.

 

I have searched through and found plenty on blocking websites based on groups that the computers belong. However I havent seen anything on blocking based on profile type.  Any help in this regard is appreciated!

2 Replies
You could put those accounts into a new group "O365Admin Accounts" and then use Conditional Access to block some of those apps, see https://docs.microsoft.com/en-us/azure/active-directory/active-directory-conditional-access.
Instead of blocking, you may want consider enforcing MFA for those accounts.

Dean,

 

Thanks for the response! When I say admin accounts I'm talking about local admin accounts on the users local laptop. Does your comment still apply?