How do I restrict login access to certain devices for specific users?
-
I want to limit the login to 4 devices.
I only want to allow one 365 account and the local admin account to be the only users who can access these 4 machines.
I dont want to block any other devices just these 4.
I have been looking at Conditional Access Policies but I dont see where or how to apply it only to those 4 devices.
I have searched online and in AI but responses are varied and nothing appears to work the way I think it should and I don't want to break the environment.Can someone explain where and how I can do this please?
Is a Conditional Access Policy the best/correct way to do this?The devices are compliant and Entra enrolled.
The 4 devices are sitting in their own Group.
LAPS is setup for the local admin account.
Let me know if you require any further information that I may have overlooked. -
It sounds like you might be interested in Azure Role Based Access Control. Here is the documentation for this feature - https://learn.microsoft.com/en-us/azure/role-based-access-control/
