In the previous article, we run Microsoft IdFix to identify errors such as duplicates and…
Restrict access to Azure AD administration portal
Why do users have access to Azure AD administration portal? You only want administrators to have access and restrict users to access Azure portal. It’s not relevant for standard users to have access. Is there a way to disable user access to the Azure AD portal? Yes, there is. In this article, we will look at how to restrict access to Azure AD administration portal.
Table of contents
User access to Azure AD administration portal
Check how it looks like if a user signs in to the Azure AD portal without restricting access by following the below steps:
- Sign in to Microsoft Azure portal as a User
- Click on Menu > Azure Active Directory
In our example, we will sign in as the user Alison Bell.
- In the Overview screen, the user can see the Azure Active Directory information
- Click in the menu on Users and Groups
- In the All users section, all the users are visible to the user
- In the All groups section, all the groups are visible to the user
- Click in the menu on Roles and administrators
- Verify the user’s role (in our case, it’s the role User)
- Click on Your Role
- The user does not have directory roles assigned
In the next step, we will look at restricting users from accessing the Azure AD administration portal.
Restrict access to Azure AD administration portal
To restrict Azure AD administration portal access, follow these steps:
- Sign in to Microsoft Azure portal as a Global Administrator
- Click on Menu > Azure Active Directory
- Click on User settings
- Select under Administration portal > Restrict access to Azure AD administration portal on Yes
- Click Save
Note: Setting the option Restrict access to Azure AD administration portal to Yes restricts all non-administrators from accessing any Azure AD data in the administration portal.
Give the setting a couple of minutes to apply the changes on Microsoft’s servers.
Verify no access to Azure AD administration portal
Verify restricted access to the Azure AD administration portal by following the below steps:
- Sign in to Microsoft Azure portal as a User
- Click on Menu > Azure Active Directory
You will see a No access message.
That’s it!
Read more: Install and configure Azure AD Connect »
Conclusion
You learned how to restrict access to Azure AD administration portal. By default, the option to restrict access to Azure AD portal is set to No. But we recommend setting it to Yes and restrict user access to Azure AD for non-administrator accounts.
The next time you manage an Azure tenant or create a new Azure tenant, check the restrict access to Azure AD administration portal setting in Azure AD portal and ensure to turn it on.
Did you enjoy this article? You may also like Office 365 disable stay signed in prompt. Don’t forget to follow us and share this article.
This Post Has 0 Comments