cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Can we restrict users from login on personal laptops? Both OWA and Outlook configuration?

dixitab
Copper Contributor

‎Jun 13 2022 02:28 AM

‎Jun 13 2022 02:28 AM

Can we restrict users from login on personal laptops? Both OWA and Outlook configuration?

With the help of EMS(Enterprise Mobility + Security) license can we resolve below queries. 

 

  1. How do we restrict users from login on personal laptops? Both OWA and Outlook config. 

  2. Mobile - for those who we allow, we must monitor. Rules such as no external email from mobile app must be configured.

  3. Mobile - for those who we block, they should not be able to use OWA and Outlook.@tech community discussion

Labels:
3,251 Views
0 Likes
8 Replies
Reply
8 Replies
Eric Starker

‎Jun 13 2022 11:11 AM

‎Jun 13 2022 11:11 AM

Re: Can we restrict users from login on personal laptops? Both OWA and Outlook configuration?

@dixitab 

Hello! You've posted your question in the Tech Community Discussion space, which is intended for discussion around the Tech Community website itself, not product questions. I'm moving your question to the Security, Compliance and Identity space - please post Security, Compliance and Identity questions here in the future. 

0 Likes
Reply
best response confirmed by dixitab (Copper Contributor)
mikhailf

‎Jun 13 2022 10:47 PM

‎Jun 13 2022 10:47 PM

Solution

Re: Can we restrict users from login on personal laptops? Both OWA and Outlook configuration?

Hello @dixitab,

 

The 1st and the 3rd goals could be achieved by using Conditional Access policies. "Block Access to Office365 apps from devices that are not Azure AD Joined or Azure AD Hybrid Joined". 

Regarding the 2nd question, please provide more details. Do you want that users won't be able to configure any external emails on their phones? In the Outlook app or in native email apps?

0 Likes
Reply
dixitab

‎Jun 14 2022 02:00 AM

‎Jun 14 2022 02:00 AM

Re: Can we restrict users from login on personal laptops? Both OWA and Outlook configuration?

Hello @mikhailf 

 

Thanks for the response.

 

2nd question - Is it possible to configure/add your personal email address in the work profile ? if yes how we can restrict user.

I have one more query -

1- If we allow a few users to access emails on their personal devices (laptop, mobile phone) via owa or on outlook app, is it possible to monitor their activity?

Thanks in advance!

0 Likes
Reply
mikhailf

‎Jun 14 2022 02:50 AM

‎Jun 14 2022 02:50 AM

Re: Can we restrict users from login on personal laptops? Both OWA and Outlook configuration?

Hello @dixitab,

 

2 - please, check this answer: Remove / Block / Prevent Personal Email Accounts in Outlook - Microsoft Tech Community. Probably this can help.

1 - Yes, you can monitor users' activities. You can monitor Sign-in activities using Azure Active Directory -> Sign-in logs. Or you can use Microsoft Sentinel to monitor activities in Office 365.

0 Likes
Reply
dixitab

‎Jun 15 2022 11:20 PM

‎Jun 15 2022 11:20 PM

Re: Can we restrict users from login on personal laptops? Both OWA and Outlook configuration?

@mikhailf 

 

Hey thanks for the reply and apologies for the late response.

0 Likes
Reply
b3118

‎Oct 04 2023 09:45 PM

‎Oct 04 2023 09:45 PM

Re: Can we restrict users from login on personal laptops? Both OWA and Outlook configuration?

@mikhailf  Can we restrict user from adding personal email in windows mail and calendar application using any windows native configuration/ settings ?

Or do we require any third party application ?

Or it can be implemented using any Active Directory (on premise) services ?

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by dixitab (Copper Contributor)
mikhailf

‎Jun 13 2022 10:47 PM

‎Jun 13 2022 10:47 PM

Solution

Re: Can we restrict users from login on personal laptops? Both OWA and Outlook configuration?

Hello @dixitab,

 

The 1st and the 3rd goals could be achieved by using Conditional Access policies. "Block Access to Office365 apps from devices that are not Azure AD Joined or Azure AD Hybrid Joined". 

Regarding the 2nd question, please provide more details. Do you want that users won't be able to configure any external emails on their phones? In the Outlook app or in native email apps?

View solution in original post

0 Likes
Reply