Azure AD Control Panel, Global Policy, App permissions

[Errrm] Jack 0 Reputation points


We're trying to make a network here, we want to connect computers to the azure environment, I have a few questions about doing so:

  1. Can I set it so users can not access the control panel without being admin etc.
  2. Can I set a global policy, so I can do stuff like the above, and also restrict further access etc.
  3. Can I block, and lock access to certain applications, could I stop users from installing applications? etc.

I'm more looking for what I can lock them out off, such as control panel as we want a fairly locked down network. Thank you.

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
16,626 questions
Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
521 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Alfredo Revilla (MSFT) 21,881 Reputation points Microsoft Employee

    Hello @[Errrm] Jack , yes you can disallow users from accessing the Azure AD portal, authenticating to Azure AD applications, managing or accessing Azure resources or using on-premise applications and more. For more information visit the following topics:

    To control access to the Azure AD portal:

    To control access to Azure AD applications

    To control access or application availability, including on-premise applications:

    To control access to Azure resources:

    Let us know if you need additional assistance. If the answer was helpful, please accept it and rate it so that others facing a similar issue can easily find a solution.