![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 37%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EF%3C/text%3E%3C/svg%3E)
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
4,217 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 1%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
Hi, thanks for the additional information.
If I understand you right, you need a Conditional Access rule which is limited to a specific user or device group, right?
That's possible without AADDS (Azure Active Directory Domain Services). You only need to create a new Conditional Access rule as described in your posted doc and apply it in the configuration to a predefined AzureAD Group. The rule will be scoped on the defined group only.
I would recommend setting the newly created rule to Report only (like WhatIf) first. And when you see that the rule works fine, you can force it.
Consider, you need AzureAD P1 to use conditional access features.
If you need further assistance in creating such a conditional access rule, please contact me again.
If the reply was helpful, please don’t forget to upvote or accept it as an answer, thank you.