Domain Control on Users and Devices

kaytons 1 Reputation point

We intend to establish full control over which users and devices can access our Microsoft applications and services though we are a cloud environment - all business applications and services are in the cloud (Microsoft and 3rd parties).
how can we implement leverage on Microsoft Azure services to implement access control based on users and devices (corporate and personal)and be able to apply security policies across the users and devices or user groups or device groups?

  1. Join /add devices to our domains based on ownership (corporate, personal, and guest)
  2. Be able to identify corporate, personal, and guest devices and grant discriminating privileges depending on the device a user is using to access our applications and services.
  3. be able to grant discriminating privileges depending on the device and location a user is using to access our applications and services.
  4. Guest access management using the user account and authorized devices.

Note: we intend to leverage on capabilities in Microsoft Azure services without making any additional investment in other products

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,817 questions
Microsoft Entra
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,381 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. JimmySalian-2011 41,916 Reputation points

    Hi Kayton,

    Not sure what license you have but some of the points can be managed leveraged via Microsoft Intune for Mobile Devices, Configuration and Compliance policies can be applied via Intune and it is part of EMS Suite - what-is-intune

    High-Level architecture over here - high-level-architecture

    Also you will need to leverage and implement Azure Conditional Access Policies for other requirements - have a read and explore as it is a vast topic to discuss over here - overview.

    Azure Conditional Access Policy will requires an Azure AD Premium P1 license.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.