Conditional Access Policy - ServiceAccounts-Office365ManagementTool

The ServiceAccounts-Office365ManagementTool policy is intended to restrict access to M365 for members of O365_Office365Management_ServiceAccounts to certain IP's / IP ranges.

Assignments

User or workload identities

  • Included - members of O365_Office365Management_ServiceAccounts
  • Excluded - Global administrator directory role

Cloud apps or actions

  • All cloud apps

Conditions

  • Locations - ALL except  'chm584 - Work Computer', 'UTEXAS NAT - Public Addresses','scw322 - Work Computer', 'UTEXAS VPN - ITS Systems Private Group'
  • Client apps - all selected

Access controls

Grant

  • Block access

Session

  • 0 controls selected