You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/external-identities/tenant-restrictions-v2.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -315,7 +315,7 @@ Suppose you use tenant restrictions to block access by default, but you want to
315
315
316
316
## Step 3: Enable tenant restrictions on Windows managed devices
317
317
318
-
After you create a tenant restrictions V2 policy, you can enforce the policy on each Windows 10, Windows 11, and Windows Server 2022 device by adding your tenant ID and the policy ID to the device's **Tenant Restrictions** configuration. When tenant restrictions are enabled on a Windows device, corporate proxies aren't required for policy enforcement. Devices don't need to be Azure AD managed to enforce tenant restrictions V2; domain-joined devices that are managed with Group Policy are also supported.
318
+
After you create a tenant restrictions V2 policy, you can enforce the policy on each Windows 10and Windows 11 device by adding your tenant ID and the policy ID to the device's **Tenant Restrictions** configuration. When tenant restrictions are enabled on a Windows device, corporate proxies aren't required for policy enforcement. Devices don't need to be Azure AD managed to enforce tenant restrictions V2; domain-joined devices that are managed with Group Policy are also supported.
319
319
320
320
### Administrative Templates (.admx) for Windows 10 November 2021 Update (21H2) and Group policy settings
321
321
@@ -330,7 +330,7 @@ To test the tenant restrictions V2 policy on a device, follow these steps.
330
330
331
331
> [!NOTE]
332
332
>
333
-
> - The device must be running Windows 10, Windows 11, or Windows Server 2022 with the latest updates.
333
+
> - The device must be running Windows 10or Windows 11 with the latest updates.
334
334
335
335
1. On the Windows computer, press the Windows key, type **gpedit**, and then select **Edit group policy (Control panel)**.
336
336
@@ -349,7 +349,7 @@ To test the tenant restrictions V2 policy on a device, follow these steps.
349
349
350
350
## Step 4: Set up tenant restrictions V2 on your corporate proxy
351
351
352
-
Tenant restrictions V2 policies can't be directly enforced on non-Windows 10, Windows 11, or Windows Server 2022 devices, such as Mac computers, mobile devices, unsupported Windows applications, and Chrome browsers. To ensure sign-ins are restricted on all devices and apps in your corporate network, configure your corporate proxy to enforce tenant restrictions V2. Although configuring tenant restrictions on your corporate proxy don't provide data plane protection, it does provide authentication plane protection.
352
+
Tenant restrictions V2 policies can't be directly enforced on non-Windows 10or Windows 11 devices, such as Mac computers, mobile devices, unsupported Windows applications, and Chrome browsers. To ensure sign-ins are restricted on all devices and apps in your corporate network, configure your corporate proxy to enforce tenant restrictions V2. Although configuring tenant restrictions on your corporate proxy don't provide data plane protection, it does provide authentication plane protection.
353
353
354
354
> [!IMPORTANT]
355
355
> If you've previously set up tenant restrictions, you'll need to stop sending `restrict-msa` to login.live.com. Otherwise, the new settings will conflict with your existing instructions to the MSA login service.
0 commit comments