Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
SOLVED

Devices in Azure AD visible to all users

Steel Contributor

We were a bit surprised to find out that a regular user can see the list of all devices using portal.azure.com 

 

They can see the name and owner of the device, the OS version, when it was activated. Most actions are greyed out, but Disable and Remove aren't greyed out. We tried the actions on one device and luckily it resulted in an error.

 

Is everyone ok with this info being available to all users, or is it possible to hide this?

Untitled-4.png

 

 

2 Replies
best response confirmed by bart vermeersch (Steel Contributor)
Solution
Have you checked out the option to restrict access to the portal for non-admin users? In Azure AD User Settings you will find the setting for “Restrict access to the Azure AD administration portal”.
Just note that it will not help if regular user use direct link https://aad.portal.azure.com/#blade/Microsoft_AAD_Devices/DevicesMenuBlade/Devices/menuId/ , just verified in several tenants.
1 best response

Accepted Solutions
best response confirmed by bart vermeersch (Steel Contributor)
Solution
Have you checked out the option to restrict access to the portal for non-admin users? In Azure AD User Settings you will find the setting for “Restrict access to the Azure AD administration portal”.

View solution in original post