On premise Sharepoint 2016 external access based on AD group

chaugen · ‎Dec 19 2018

Is there any way to block or allow external access of an on premise SharePoint site by using an active directory security group? I have accomplished this in the past using ISA TMG 2010 but with that product retiring I need an new solution.

I can easily enough allow external access to the SharePoint site but access is based on the SharePoint permissions. I'd like to block interns from accessing the site when not on the LAN, but have access to the site when they are connected directly to the network.

I have looked at various 3rd party TMG alternatives but not found anything that handles this very well.

chaugen · ‎Dec 22 2018

Azure AD App Proxy allows you to apply Conditional Access Policies. I would go this route. You don't have to open any inbound ports to make this one work, although it will require P1 or P2 licensing for the Conditional Access Policies.

chaugen · ‎Dec 26 2018

Thanks, I'll give that a try.

chaugen · ‎Dec 22 2018

Azure AD App Proxy allows you to apply Conditional Access Policies. I would go this route. You don't have to open any inbound ports to make this one work, although it will require P1 or P2 licensing for the Conditional Access Policies.

View solution in original post

On premise Sharepoint 2016 external access based on AD group

On premise Sharepoint 2016 external access based on AD group

Re: On premise Sharepoint 2016 external access based on AD group

Re: On premise Sharepoint 2016 external access based on AD group

Re: On premise Sharepoint 2016 external access based on AD group

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

On premise Sharepoint 2016 external access based on AD group

On premise Sharepoint 2016 external access based on AD group

Re: On premise Sharepoint 2016 external access based on AD group

Re: On premise Sharepoint 2016 external access based on AD group

Re: On premise Sharepoint 2016 external access based on AD group