cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Allow MS Teams via Conditional Access but block other O365 Services

shocko
Frequent Contributor

‎Aug 06 2021 05:42 PM - edited ‎Aug 27 2021 02:42 PM

‎Aug 06 2021 05:42 PM - edited ‎Aug 27 2021 02:42 PM

Allow MS Teams via Conditional Access but block other O365 Services

I have been asked to see if the following is possible:

 

  • Allow access to MS teams from anywhere for Voice/Video (we disable chat, file sharing via policy in the MS Teams admin portal)
  • Block access to Exchange Online, SharePoint Online, OneDrive etc. when accessed from outside our corporate IP range.

Conditional access would normally be the way to go as we have done this with things like 3rd party SAAS app but reading around service dependencies for the O365 service's here it seems that we cannot simply allow MS Teams only if we want teams to work and would need to allow Exchange Online. For example:

- I have a policy to block all SAAS applications integrated with AzureAD from remote access
- I have SAAS application I wish to allow to users off my corporate network so I add it as an exclusion to the policy

 

Now, is this application was MS teams, can I do this or would I need to make the Office 365 app available via conditional access ?


Am I correct in this thinking?

6,306 Views
0 Likes
5 Replies
Reply
5 Replies
adam deltinger

‎Aug 07 2021 12:59 AM

‎Aug 07 2021 12:59 AM

Re: Allow MS Teams via Conditional Access but block other O365 Services

You want to have it all open in some situations or always off? (EXO,OD etc)
0 Likes
Reply
ChristianJBergstrom

‎Aug 07 2021 01:16 AM

‎Aug 07 2021 01:16 AM

Re: Allow MS Teams via Conditional Access but block other O365 Services

@shocko Hi, not sure what you're asking either but Teams are depending on those services. With no EXO there's no scheduling, with no SharePoint/OneDrive there's no file sharing etc. You can read more detailed info here.

 

How SharePoint and OneDrive interact with Microsoft Teams - Microsoft Teams | Microsoft Docs

 

How Exchange and Microsoft Teams interact - Microsoft Teams | Microsoft Docs

0 Likes
Reply
adam deltinger

‎Aug 07 2021 01:48 AM

‎Aug 07 2021 01:48 AM

Re: Allow MS Teams via Conditional Access but block other O365 Services

Overall you can restrict usage like above but rather using licensing restrictions, policy settings and app policys
1 Like
Reply
shocko

‎Aug 27 2021 02:38 PM

‎Aug 27 2021 02:38 PM

Re: Allow MS Teams via Conditional Access but block other O365 Services

All our users will use MS teams at some level either on-prem or remote so restricting using licensing is not an option.
0 Likes
Reply
shocko

‎Aug 27 2021 02:39 PM

‎Aug 27 2021 02:39 PM

Re: Allow MS Teams via Conditional Access but block other O365 Services

Perhaps I explained poorly so I have updated the original description of the problem.
0 Likes
Reply