Today I got an interesting question from one of my customers. The question sounded like this: ‘is it possible to control specific users access to SharePoint and OneDrive data based on network location?’.
My customer tried to fix this on his own, but the only information he found on docs.microsoft were the following links:
The only problem with this approach is that the settings are made inside Microsoft 365’s Admin Center. You can’t create this kind of rules in the Admin Center portal for specific users (not for specific user access anyway).
So, the solution should be somewhere inside Azure Active Directory from the Azure Portal, right?
After some digging and testing I found something that looked very promising -> https://docs.microsoft.com/en-us/sharepoint/control-access-based-on-network-location and after reading it, I immediately send it to the customer.
Basically all you have to do is to open the Azure Portal, go to Azure Active Directory and define a new location. After this, go to Security -> Conditional Access to create and configure a new policy. This new policy should include the users you want to limit and link it to the location you just created. For the full guide, please follow the link I listed above.
The feedback I got from the customer after about two hours was positive. The need tocontrol specific users access to SharePoint and OneDrive data was satisfied.
Another day, another happy customer!