Conditional Access Policy on SharePoint Online

Next, configure the policy to require that only managed and compliant devices can access SharePoint Online. This policy will be will be stored in Azure Active Directory.

  1. In the Microsoft Intune administration console, click Policy > Conditional Access > SharePoint Online Policy.
  2. 86

  3. Select Enable conditional access policy for SharePoint Online.
  4. 87

  5. Under Device platforms, you can choose to apply conditional access policy to All platforms
  6. For windows PCs, the PC must either be domain joined, or enrolled with Intune and compliant. You can set the following requirements: Devices must be domain joined or compliant.
  7. 88

  8. Under Targeted Groups, click Modify to select the Azure Active Directory security groups to which the policy will apply. You can choose to target this to all users or just a select groups of users.
  9. 89

  10. Under Exempted Groups, optionally, click Modify to select the Azure Active Directory security groups that are exempt from this policy.
  11. 90

  12. When you are done, click Save.
  13. 91

This entry was posted in Microsoft Intune. Bookmark the permalink.

4 Responses to Conditional Access Policy on SharePoint Online

  1. Pingback: Conditional Access policies in Microsoft Intune | Mai Ali's Technical Blog

  2. Troels T says:

    Hi. I have a quick question regarding the SharePoint Online Policy, which I hope you might be able to help med with.

    When I activate the policy by checking the box, I only get to decide the device platforms that will receive the policy. All of the options below, where I can define targeted groups and so on, are missing. Do you have any idea why this might be the case?

    I see the exact same thing in two completely seperate Intune tenants, I am administering, but everywhere I search the internet, everybody else seem to have the “Targeted Groups” configuration available – even TechNet – with no mentioning of any requirements.

    Strangely enough I can define Targeted Groups under the Exchange Online policy on both my tenants, so it’s only SharePoint Online that’s causing trouble.
    I hope you can help me!


    • kris says:

      Today I noticed the same thing is happening for us. I have tried disabling the policy and re-enabling without any luck.

    • Mai Ali says:

      Hi Troels,

      Sorry for late in responding. Please verify that you had on same tenant license of E3 or SharePoint Online to have option of conditional access for SharePoint Online. If you still didn’t find other options, Try to open ticket because it might be misconfiguration from Tenant side.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s