访问例如Sharepoint Online的合规性要求 [英] Compliance requirement to access for example Sharepoint Online
问题描述
嗨
通过条件访问,我可以设置为只有标记为符合条件的设备才能访问云资源,例如Sharepoint Online或Exchange Online.
要使设备兼容,需要将该设备加入Azure AD并注册到Intune.我说的对吗?
但是该设备是否需要加入并注册到此特定租户AAD和Intune,或者如果该设备加入并注册到任何租户AAD和Intune,它是否可以工作?
为了更清楚地说明这一点,我们假设我们拥有CompanyAAA和CompanyBBB.这些公司具有不同的Office 365租户,彼此之间没有任何关系.它们都设置了设备合规性要求,并且碰巧具有相同的要求 合规要求.
如果设备加入并注册到CompanyAAA的AAD和Intune,并且如果公司和设备均符合要求,该设备是否可以访问CompanyBBB的云资源(如果用户具有合法的用户帐户凭据)? /p>
如果这不起作用,设备可以加入到多个AAD吗?
您只能将设备注册为在将设备注册到Azure AD之后启动.仅当注册的设备符合合规性政策时,该设备才会被标记为合规性.
您一次只能将设备注册到一个Azure AD.这是因为期望在任何给定时间,用户都将成为单个组织的一部分.此外,合规性设置对于租户而言是唯一的,因此,如果设备被标记为符合以下条件, 无法标记为符合租户BBB的租户AAA.
Hi
With Conditional Access I can set that only devices marked as compliant, can access cloud resources, for example Sharepoint Online or Exchange Online.
For a device to be compliant, this device needs to be joined to Azure AD and enrolled to Intune. Am I right?
But does the device need to be joined and enrolled to this particular tenants AAD and Intune or does it work if the device is joined and enrolled to any tenants AAD and Intune?
To make this more clear, let's assume that we have CompanyAAA and CompanyBBB. These companies have different Office 365 tenants and have nothing to do with each other. They both have device compliance requirement set and they just happen to have the same compliance requirements.
If a device is joined and enrolled to CompanyAAA's AAD and Intune, can this device access (if the user would have legal user account credentials) to CompanyBBB's cloud resources if the compliance requirements match in both company and the device is compliant?
If this doesn't work, can a device be joined to several AAD's?
You can only enroll a device to Intune after registering the device to Azure AD. A device will be marked as compliant only after the registered device meets the compliance policies.
You can only register a device to a single Azure AD at a time. This is because it is expected that the user will be part of a single organization at any given time. Also compliance settings are unique for tenant so if a device is marked as compliant for tenant AAA that cannot be marked as compliant for tenant BBB.
这篇关于访问例如Sharepoint Online的合规性要求的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
