{"id":1734,"date":"2015-03-17T16:14:00","date_gmt":"2015-03-17T15:14:00","guid":{"rendered":"https:\/\/sccmfaq.wordpress.com\/?p=1734"},"modified":"2015-03-17T16:14:00","modified_gmt":"2015-03-17T15:14:00","slug":"sccm-2012-r2-microsoft-intune-exchange-conditional-access","status":"publish","type":"post","link":"https:\/\/blog.hosebei.ch\/?p=1734","title":{"rendered":"SCCM 2012 R2  + Microsoft Intune &#8211;  Exchange Conditional Access"},"content":{"rendered":"<p>Hi, here is Martin with a Blogpost about the new Feature that has been shipped to the Microsoft Mobile Device Management Solution Intune: Conditional Echange\/Sharepoint Access. This means, you are now able to restrict the Access to Exchange Online, <del>On-Premise Exchange<\/del> and <del>SharePoint Online<\/del> to Devices, which has to be Intune enrolled.<\/p>\n<p><strong>Update<\/strong>:\u00a0Intune in combination with SCCM currently only allows you to restrict the Access to Exchange Online.<br \/>\n<!--more--><br \/>\nIf your System Center 2012 Configuration Manager has been updated with the new Conditional Access Extension:<br \/>\n<a href=\"http:\/\/hosebei.wordpress.com\/wp-content\/uploads\/2015\/03\/conditionalaccess01.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-medium wp-image-1735\" src=\"http:\/\/hosebei.wordpress.com\/wp-content\/uploads\/2015\/03\/conditionalaccess01.png?w=300\" alt=\"SCCMConsole01\" width=\"300\" height=\"57\" srcset=\"https:\/\/blog.hosebei.ch\/wp-content\/uploads\/2015\/03\/conditionalaccess01.png 915w, https:\/\/blog.hosebei.ch\/wp-content\/uploads\/2015\/03\/conditionalaccess01-300x57.png 300w, https:\/\/blog.hosebei.ch\/wp-content\/uploads\/2015\/03\/conditionalaccess01-768x146.png 768w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><br \/>\nyou will find those new entries in the List:<br \/>\n<a href=\"http:\/\/hosebei.wordpress.com\/wp-content\/uploads\/2015\/03\/conditionalaccess02.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-medium wp-image-1736\" src=\"http:\/\/hosebei.wordpress.com\/wp-content\/uploads\/2015\/03\/conditionalaccess02.png?w=300\" alt=\"SCCMConsole02\" width=\"300\" height=\"225\" srcset=\"https:\/\/blog.hosebei.ch\/wp-content\/uploads\/2015\/03\/conditionalaccess02.png 1002w, https:\/\/blog.hosebei.ch\/wp-content\/uploads\/2015\/03\/conditionalaccess02-300x225.png 300w, https:\/\/blog.hosebei.ch\/wp-content\/uploads\/2015\/03\/conditionalaccess02-768x576.png 768w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><br \/>\nYou are then also able to create a quick Compliance Policy:<br \/>\n<a href=\"http:\/\/hosebei.wordpress.com\/wp-content\/uploads\/2015\/03\/conditionalaccess03.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-medium wp-image-1738\" src=\"http:\/\/hosebei.wordpress.com\/wp-content\/uploads\/2015\/03\/conditionalaccess03.png?w=300\" alt=\"Compliance Policy\" width=\"300\" height=\"210\" srcset=\"https:\/\/blog.hosebei.ch\/wp-content\/uploads\/2015\/03\/conditionalaccess03.png 915w, https:\/\/blog.hosebei.ch\/wp-content\/uploads\/2015\/03\/conditionalaccess03-300x210.png 300w, https:\/\/blog.hosebei.ch\/wp-content\/uploads\/2015\/03\/conditionalaccess03-768x538.png 768w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><br \/>\nBut we wanted to start with Exchange Conditional Access, so we Need to follow the Link on the &#8220;Exchange Online&#8221; Page, which leads us to our Windows Intune Portal:<br \/>\n<a href=\"http:\/\/hosebei.wordpress.com\/wp-content\/uploads\/2015\/03\/conditionalaccess05.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-medium wp-image-1739\" src=\"http:\/\/hosebei.wordpress.com\/wp-content\/uploads\/2015\/03\/conditionalaccess05.png?w=300\" alt=\"Intune - Set up conditional Access\" width=\"300\" height=\"162\" srcset=\"https:\/\/blog.hosebei.ch\/wp-content\/uploads\/2015\/03\/conditionalaccess05.png 1138w, https:\/\/blog.hosebei.ch\/wp-content\/uploads\/2015\/03\/conditionalaccess05-300x162.png 300w, https:\/\/blog.hosebei.ch\/wp-content\/uploads\/2015\/03\/conditionalaccess05-1024x552.png 1024w, https:\/\/blog.hosebei.ch\/wp-content\/uploads\/2015\/03\/conditionalaccess05-768x414.png 768w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><br \/>\nIn my case, I chose to install the On-Premise Connector, you can follow this instructions on TechNet: https:\/\/technet.microsoft.com\/library\/dn646988.aspx<br \/>\nIf you have successfully iinstalled the On-Premise connector, you can then go on and create your Exchange Policy:<br \/>\n<a href=\"http:\/\/hosebei.wordpress.com\/wp-content\/uploads\/2015\/03\/conditionalaccess06.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-medium wp-image-1741\" src=\"http:\/\/hosebei.wordpress.com\/wp-content\/uploads\/2015\/03\/conditionalaccess06.png?w=300\" alt=\"Exchange Policy\" width=\"300\" height=\"214\" srcset=\"https:\/\/blog.hosebei.ch\/wp-content\/uploads\/2015\/03\/conditionalaccess06.png 1273w, https:\/\/blog.hosebei.ch\/wp-content\/uploads\/2015\/03\/conditionalaccess06-300x214.png 300w, https:\/\/blog.hosebei.ch\/wp-content\/uploads\/2015\/03\/conditionalaccess06-1024x730.png 1024w, https:\/\/blog.hosebei.ch\/wp-content\/uploads\/2015\/03\/conditionalaccess06-768x547.png 768w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><br \/>\nIt can take up to 3 hours, until a EAS Synced Device get blocked. But even if the Device was already enrolled with EAS or not, the User will receive a Message, that he can enroll his Device with Intune, and gain Access to his Mail Account again.<br \/>\nThis Link is from the comments (thanks for that!) which does it describes the whole process very vell:<br \/>\nhttps:\/\/technet.microsoft.com\/en-us\/library\/mt595858.aspx<\/p>\n<p>Refer also to this excellent TechNet Blog Post:<br \/>\nhttp:\/\/blogs.technet.com\/b\/microsoftintune\/archive\/2015\/03\/12\/conditional-access-for-exchange-online-using-microsoft-intune.aspx<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hi, here is Martin with a Blogpost about the new Feature that has been shipped to the Microsoft Mobile Device Management Solution Intune: Conditional Echange\/Sharepoint Access. This means, you are now able to restrict the Access to Exchange Online, On-Premise Exchange and SharePoint Online to Devices, which has to be Intune enrolled. Update:\u00a0Intune in combination [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10,24,35],"tags":[],"class_list":["post-1734","post","type-post","status-publish","format-standard","hentry","category-byod","category-mdm","category-sccm-2012"],"_links":{"self":[{"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=\/wp\/v2\/posts\/1734","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1734"}],"version-history":[{"count":0,"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=\/wp\/v2\/posts\/1734\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1734"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1734"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1734"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}