![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 25%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ3%3C/text%3E%3C/svg%3E)
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,665 questions
Hi,
Thank you for posting in Microsoft Q&A forum.
If you want to prevent Mac users from accessing restricted applications and sites, you can achieve this by setting up a Conditional Access policy, even if the Mac devices are not Azure AD joined. Please refer to:
Use app-based Conditional Access policies with Intune
Create a device-based Conditional Access policy
Once the policy is created and enabled, Mac users (or the selected users/groups) will be blocked from accessing the restricted applications and sites based on the conditions you've set. When they attempt to access those resources, they will be denied access and receive an appropriate message.
Please note that for Conditional Access policies to work effectively, the targeted applications and resources need to be integrated with Azure AD. Additionally, it's important to thoroughly test the policy and its impact on various user scenarios before applying it broadly.
Thanks for your time. Have a nice day!
Best regards,
Simon
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.