locked
Azure Active directory conditional Access RRS feed

  • Question

  • hoping someone can assist as I am not sure if this is supposed to work or not (after all the reading).

    I am trying to configure a conditional access policy to prevent someones IPhone's default mail client from connecting to exchange active sync unless you are in a specified country.  I cannot seem to get this to work.

    I have successfully configured the conditional access policy to prevent access to exchange online using a web browser, but I would now like to take it one step further and prevent the iPhone client from connecting to exchange online as well.  I have tried different configurations nothing seems to work.  Any guidance would be appreciated.

    Thursday, July 26, 2018 4:28 PM

All replies

  • There are certain limitations regarding the support for conditional access scenarios while using Exchange Active Sync as it support modern authentication. The limitations are outlined here.

    In your conditional access policy if you select Mobile apps and desktop clients as client app, device based policies are not supported. Reference: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-conditional-access-technical-reference#supported-mobile-applications-and-desktop-clients may be these limitations are blocking you from applying a conditional access policy on a iPhone client.

    -----------------------------------------------------------------------------------------------------------------------------------
    If this answer was helpful, click “Mark as Answer” and Up-Vote. To provide additional feedback on your forum experience, click here 

    Thursday, July 26, 2018 7:33 PM
  • Checking in to see if the above suggestions helped or you need further assistance on this issue. If that answers your query, do click “Mark as Answer” and Up-Vote for the same.
    Tuesday, July 31, 2018 7:00 PM