Azure conditional access by device name

digisphsdigisphs Member Posts: 1 ■□□□□□□□□□

I want to limit access to Azure P2S VPN by computername. What I did:
I configure one conditional policy to block all users(Pol1).
Second conditional policy(Pol2):

  • All Users
  • In Cloud apps or actions I selected Azure VPN
  • Conditions - Filter for devices - Include filtered devices in policy
    • displayName contains MyComputerName
    • deviceID equals MyDeviceID (I got it using dsrgcmd /status)
  • Access controls -Grant access - Require multifactor authentication

When I am trying to connect with Azure VPN I see in Sign-in logs Pol1 failed. (Block access for all). Pol2 is Not Applied. Why? I specified to check out for Name or ID...

Next step instead of second policy I created a policy that Grant only for following:
Require multifactor authentication
Require domain-joined device

It doesn't work. I joined my computer to Azure AD - doesn't help. I still getting:
Not satisfied
Require multifactor authentication
Require domain-joined device

Sign In or Register to comment.