04-10-2020 10:46 PM
How to restrict personal account access in O365 in tools such as OWA sticky note, One Drive. Access should be restricted business accounts only ,not for personal account. How to implement OMT solution for this.
04-14-2020 09:38 PM
Hello Krishna Chandrashekar,
You can use the custom header option on the WSA. Here is the process:-
WSA> advancedproxyconfig
Choose a parameter group:
- AUTHENTICATION - Authentication related parameters
- CACHING - Proxy Caching related parameters
- DNS - DNS related parameters
- EUN - EUN related parameters
- NATIVEFTP - Native FTP related parameters
- FTPOVERHTTP - FTP Over HTTP related parameters
- HTTPS - HTTPS related parameters
- SCANNING - Scanning related parameters
- PROXYCONN - Proxy connection header related parameters
- CUSTOMHEADERS - Manage custom request headers for specific domains
- MISCELLANEOUS - Miscellaneous proxy related parameters
- SOCKS - SOCKS Proxy parameters
[]> customheaders
Currently defined custom headers:
Choose the operation you want to perform:
- DELETE - Delete entries
- NEW - Add new entries
- EDIT - Edit entries
[]> new
Please enter the custom HTTP header (in the form field: value):
[]> Restrict-Access-To-Tenants: xyz.onmicrosoft.com, abc.onmicrosoft.com
Please enter the list of suffix of domains which will be sent this header, separated by commas:
[]> login.microsoft.com, login.microsoftonline.com, login.windows.net
[NOTE: you can any number of domains, there is no restriction on this]
2. Steps to be performed on the WSA GUI for the this setting to work
a. Create a new Custom URL category and enter the following domains (login.microsoft.com, login.microsoftonline.com, login.windows.net)
b. Under the decryption policy please set the Custom URL category to 'DECRYPT'
Once this setting is enabled on the WSA, then any request to O365 related sites coming from the user who does not belong to the corporate domains mentioned under Restrict-Access-To-Tenants will not be able to access those sites.
Please check https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/tenant-restrictions for more information.
Regards
Shikha Grover
PS: Please don't forget to rate and select as validated answer if this answered your question.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide