SOLVED

What are different ways on restricting only domain joined endpoint can access Office365? Thank you!

%3CLINGO-SUB%20id%3D%22lingo-sub-1223739%22%20slang%3D%22en-US%22%3EWhat%20are%20different%20ways%20on%20restricting%20only%20domain%20joined%20endpoint%20can%20access%20Office365%3F%20Thank%20you!%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1223739%22%20slang%3D%22en-US%22%3E%3CP%3EWhat%20are%20different%20ways%20on%20restricting%20only%20domain%20joined%20endpoint%20can%20access%20O365%3F%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20a%20use%20case%20where%20the%20customer%20only%20wants%20their%20domain%20joined%20machine%20and%20mobile%20devices%20to%20allow%20to%20access%20Office365%20resources%2C%20either%20the%20user%20is%20remote%20or%20on-site.%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you%20in%20advance!%3C%2FP%3E%3CP%3ECloudCrazy%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1223739%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EIntune%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMobile%20Application%20Management%20(MAM)%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMobile%20Device%20Management%20(MDM)%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1223947%22%20slang%3D%22en-US%22%3ERe%3A%20What%20are%20different%20ways%20on%20restricting%20only%20domain%20joined%20endpoint%20can%20access%20Office365%3F%20Thank%20y%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1223947%22%20slang%3D%22en-US%22%3EHi%20CloudCrazy%3CBR%20%2F%3E%3CBR%20%2F%3EYou%20need%20to%20check%20Conditional%20access%20for%20this%20scenario.%3CBR%20%2F%3E%3CBR%20%2F%3EYou%20also%20need%20to%20make%20sure%20that%20the%20pcs%20are%20hybrid%20joined%20and%20Compliant%20in%20Intune%2C%20so%20it%20will%20identify%20that%20the%20pc%20is%20domain%20joined%20and%20accessing%20from%20remote%20location.%3CBR%20%2F%3ECheck%20below%2C%20you%20may%20need%20change%20to%20%E2%80%98Block%E2%80%99%20for%20your%20scenario!%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fcloudbymoe.com%2Ff%2Fblock-downloads-for-sharepoint-files-from-non-compliant-devices%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fcloudbymoe.com%2Ff%2Fblock-downloads-for-sharepoint-files-from-non-compliant-devices%3C%2FA%3E%3CBR%20%2F%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Contributor

What are different ways on restricting only domain joined endpoint can access O365? 

 

I have a use case where the customer only wants their domain joined machine and mobile devices to allow to access Office365 resources, either the user is remote or on-site.  

 

Thank you in advance!

CloudCrazy

1 Reply
Highlighted
Best Response confirmed by Nick Hogarth (MVP)
Solution
Hi CloudCrazy

You need to check Conditional access for this scenario.

You also need to make sure that the pcs are hybrid joined and Compliant in Intune, so it will identify that the pc is domain joined and accessing from remote location.
Check below, you may need change to ‘Block’ for your scenario!

https://cloudbymoe.com/f/block-downloads-for-sharepoint-files-from-non-compliant-devices