Oct 07 2022 08:41 AM - edited Oct 07 2022 09:06 AM
Hi All,
one of my client is having below concerns and wanted to know whether these would be possible scenarios.
1) Can we block user from accessing to Shared drive and RDP within Organization's network through Conditional access policy or any other way? if user is outside of Organization's network this would be allowed.
2) Can we control on-premises application like SAP through Conditional Access policy or any other way? Please note application does have a web URL.
Thanks in advance
Dilan
Oct 09 2022 06:44 AM
SolutionOct 09 2022 08:24 AM
Oct 09 2022 08:34 AM - edited Oct 09 2022 08:35 AM
Pretty sure a URL is required.
https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/what-is-application-proxy
Also, should have mentioned this, but as is mentioned in the link I sent you, App Proxy is meant to enable safe remote access to on-premises applications, and is not for accessing internal applications from the internal network.
"It's important to understand that Azure AD Application Proxy is intended as a VPN or reverse proxy replacement for roaming (or remote) users who need access to internal resources. It's not intended for internal users on the corporate network. Internal users who unnecessarily use Application Proxy can introduce unexpected and undesirable performance issues."
Oct 09 2022 08:44 AM - edited Oct 09 2022 08:46 AM
Thank you very much.
In this case, Azure AD proxy is not the good solution for my client, since they doesn't have URL access for the application and again purpose of this implementing is they want to control the application login behavior by end users such as only allowed applications can be access within the internal networks. Among those applications, they have SAP application which is Onprem application.
Oct 09 2022 06:44 AM
Solution