MS Teams policies based on device

Copper Contributor

Thanks in advance all,  

 

Is it possible to have different Teams policies assigned to users based on the device they are using. 

 

For example - when using a laptop users would have access to all Teams functionality like chat, video calls, teams to teams calls & external PTSN calls. 

However, when a user uses a specific desktop they have policies assigned that will only let them make phone calls. 

 

In other words limit the Teams experience on specific devices. 

 

The MS account is the same for both machines & users would move between the devices relatively frequently. 

3 Replies
Afaik no, sorry. Policies are per user, regardless of the device used.
Yes, it is possible to assign different Teams policies to users based on the device they are using. Microsoft Teams offers a feature called "Device-based access policies" that allows administrators to control and customize the Teams experience for specific devices.

With device-based access policies, you can define different policies for different devices and assign them to specific users or user groups. These policies can be configured to enable or restrict specific functionality within Teams, such as chat, video calls, Teams-to-Teams calls, and external PSTN calls.

In your example, you can create two different policies: one policy that allows full functionality (chat, video calls, Teams-to-Teams calls, and external PSTN calls) for users using laptops, and another policy that limits functionality to only phone calls for users using a specific desktop. Then, based on the device a user is using, you can assign the corresponding policy to their Teams account.

To set up device-based access policies, you will need to use PowerShell and the Teams PowerShell module. Here's a general overview of the steps involved:

Install and set up the Teams PowerShell module on your administrative machine.
Connect to the Microsoft Teams service using PowerShell.
Use the appropriate PowerShell cmdlets to create the different policies with the desired settings for each device type.
Assign the policies to the corresponding users or user groups based on the device they are using.
It's worth noting that device-based access policies require careful planning and consideration of your organization's needs and security requirements. You should thoroughly test and evaluate the policies before deploying them to ensure they meet your expectations.

@Konbarlas 

Thanks for the great reply, could you share the Powershell cmdlets to assign the policies based on devices?