cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Only allow certain groups to log into machines - Intune

Callum_W
Copper Contributor

‎May 05 2023 01:44 AM

‎May 05 2023 01:44 AM

Only allow certain groups to log into machines - Intune

Hello, First time poster here.

I was looking to see how (Using Intune) we could restrict interactive login of certain devices to members of groups in Azure AD. 

The requirement is because we keep getting Staff in schools logging into Student laptops/devices in an attempt to work, which breaks a whole host of different lockdown settings. In a perfect world Staff would just use their Staff devices & not log into students!

I know it is possible through Intune to restrict it at a user level (Restrict which users can logon into a Windows 10 device with Microsoft Intune | Peter Klapwijk - In ... ) 

But has anyone had any experience or success with Azure AD groups? if so, how? Maybe I'm looking in the wrong place and instead need to set a Conditional Access policy? any guidance is appreciated!

 

Thanks,

Labels:
2,757 Views
0 Likes
3 Replies
Reply
3 Replies
rubelr

‎Oct 19 2023 04:59 AM

‎Oct 19 2023 04:59 AM

Re: Only allow certain groups to log into machines - Intune

Hello, found any solution or workaround?
I am in exact same situation as you now.
0 Likes
Reply
Callum_W

‎Oct 19 2023 07:33 AM

‎Oct 19 2023 07:33 AM

Re: Only allow certain groups to log into machines - Intune

@rubelr Sadly not. In my case where the client was a school that worked with vulnerable YP's, we ended up going down the route of labelling it as a safeguarding risk if teachers were to log into the devices that were assigned for student use.

Obviously that might not be helpful if you're trying to restrict it for different reasons or settings..! Maybe Microsoft will dish out the capability some day.

0 Likes
Reply
Sebastian Cerazy

‎Feb 16 2024 07:17 AM

‎Feb 16 2024 07:17 AM

Re: Only allow certain groups to log into machines - Intune

Surely that is not too much to ask? The authentication happens in AAD & if the user is member of forbidden group it should give an error message & deny login!
0 Likes
Reply