SharePoint & OneDrive · Sharing & External Access
Access Control Manager
Manages access control settings including unmanaged device policies, network location restrictions, and app access controls.
Scope: Organization-wide access control policies
Permissions
- Unmanaged devices - Allow, limit, or block access
- Network location - Configure IP-based access restrictions
- App access - Control third-party app access
- Idle session - Set session timeout policies
- Modern authentication - Enforce modern auth requirements
Common use cases
- Securing access from personal devices
- Restricting access to corporate networks
- Blocking legacy authentication
- Preventing data download on untrusted devices
Best practices
- Combine with Conditional Access for full control
- Test policies before broad deployment
- Communicate restrictions to users
- Monitor access patterns for issues
Security considerations
- Blocking unmanaged devices affects BYOD users
- IP restrictions must account for VPNs and remote work
- Legacy auth block may break older apps