[英]Block user from portal.azure.com
My company is using Azure Active Directory.我的公司正在使用 Azure Active Directory。 We are able to login into the Azure portal using AAD.
我们可以使用 AAD 登录到 Azure 门户。
However, we only want a handful of employees to be able to login into the portal.但是,我们只希望少数员工能够登录门户。 All other employees should be kept out.
所有其他员工都应该被拒之门外。
How do I accomplish this?我该如何实现?
You cant do that if they are part of the AAD, you can however grant them no permissions, so they wont be able to see any resources or do anything on the portal如果他们是 AAD 的一部分,您就不能这样做,但是您可以不授予他们任何权限,因此他们将无法在门户上查看任何资源或执行任何操作
And you really dont have to do anything to acomplish that.而且你真的不需要做任何事情来实现这一点。 Those are default permissions.
这些是默认权限。
To check users permissions go to the portal and navigate to Azure AD blade.要检查用户权限,请转到门户并导航到 Azure AD 刀片。
Portal => AzureAd => Users => pick user => click Azure Resources on the left门户 => AzureAd => 用户 => 选择用户 => 单击左侧的 Azure 资源
Apply the Restrict access to Azure AD administration portal
setting, which will block all access unless a user has Directory Reader
or higher permissions in Azure AD应用
Restrict access to Azure AD administration portal
设置,这将阻止所有访问,除非用户在 Azure AD 中具有Directory Reader
或更高权限
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/users-default-permissions https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/users-default-permissions
As a Global admin:作为全球管理员:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.