How to limit a domain account in hybrid office 365 deployment to only office 365 logon
How to limit a domain account in hybrid office 365 deployment to only office 365 logon. No local domain access or logon privileges.
User existed already and used to have local domain privileges and logon rights.
User now is remote and permanently only requires access to his office 365 email. We want to remove all domain privileges and logon rights. Is there an easy way to accomplish this as some rights may be explicit.
For example can we deny all logons accept office 365?
User existed already and used to have local domain privileges and logon rights.
User now is remote and permanently only requires access to his office 365 email. We want to remove all domain privileges and logon rights. Is there an easy way to accomplish this as some rights may be explicit.
For example can we deny all logons accept office 365?
Vasil Michev (MVP)
How are your users authenticating against O365? Generally speaking, they dont need any local rights to work with O365 services. You can even disable the account, unless you are using AD FS/PTA or any other form of authentication that relies on the on-premises AD.
ASKER
We are in a hybrid setup and using AD sync to authenticate
If just using hash sync, the authentication for O365 isn't relying on windows active directory.
ASKER
Our Office 365 accounts are authenticating using our Active Directory that I know for sure. i want to keep this while limiting this account.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Restricting the logon is exactly what I was looking for. I simply restricted logons to a non existing computer name.