Last week I created a blogpost “Conditional Access for Outlook Web Access (OWA)” now I will show how it looks like from a user perspective on a AzureAD joined/MDM managed Windows 10 device.

This Conditional Access policy are configured:

When using Microsoft Edge or Internet explorer the user just work a usual – but if the user use another browser like google chrome the experience will be like this:

The user is able to login to

Chrome login

But when starting the mail app the user gets message

Chrome login 01

The same experience is with:

  • Mail
  • Calendar
  • People
  • Newsfeed
  • OneDrive
  • SharePoint
  • Tasks
  • Delve
  • Video
  • Word
  • Excel
  • PowerPoint
  • OneNote

Chrome login 02

The only app that the user can use, without getting applied by the Conditional Policy is:

  • Yammer
  • Sway

This means that we now can control from witch devices we give access to company data.