Forum Discussion
Solved
Office 365 - Unable to Download, print, or sync when using Chrome or Firefox (but works in IE)
I recently configured Conditional Access in Office 365 by selecting "Allow limited, web-only access" in the SharePoint Admin Center, under "Unmanaged devices). All the devices in question are managed and appear under Azure AD Devices as "Hybrid Azure AD Joined".
My issue is that if I go to Office.com in Chrome of Firefox, and then go to OneDrive, I receive the message stating "Your organization doesn't allow you to download, print, or sync..." However, if I go to Office.com in IE and then go to OneDrive, I do not receive that message, and I have full functionality.
Has anyone encountered this before? If I disable the "[SharePoint Admin Center]Use app-enforced Restrictions for browser access", I have no issues, so I know it's directly tied to that. I just can't figure out why Chrome/Firefox do not work properly. Thank you in advance!
Additional info:
Windows 10 LTSB (1607)
Chrome 70.0.3538 (latest)
Firefox 60.3 (latest)
Received an answer back from Microsoft, with a link to an article - https://docs.microsoft.com/en-us/sharepoint/control-access-from-unmanaged-devices?redirectSourcePath...
The below pasted statement basically means we need to use Edge or IE with Windows 10, in order to have full O365 functionality online (or the users can just use the desktop apps, which all managed devices have). Just wanted to put this in here, in case it can help anyone else in the future!
"Blocking or limiting access on unmanaged devices relies on Azure AD conditional access policies. Learn about Azure AD licensing For an overview of conditional access in Azure AD, see Conditional access in Azure Active Directory. For info about recommended SharePoint access policies, see Policy recommendations for securing SharePoint sites and files. If you limit access on unmanaged devices, users on managed devices who have the following browser and operating system combinations will also have limited access:
Chrome, Firefox, or any other browser besides Microsoft Edge and Microsoft Internet Explorer on Windows 10 or Windows Server 2016
Firefox in Windows 8.1, Windows 7, Windows Server 2012 R2, Windows Server 2012, or Windows Server 2008 R2"
You can also take a look at the Windows 10 Accounts plugin for Chrome to help with this. I thought there was one for Firefox as well, but I'm not able to find it right now.
Chrome - https://chrome.google.com/webstore/detail/windows-10-accounts/ppnbnpeolgkicgegkbkbjmhlideopiji
BenStegink yep, this should do it
Received an answer back from Microsoft, with a link to an article - https://docs.microsoft.com/en-us/sharepoint/control-access-from-unmanaged-devices?redirectSourcePath...
The below pasted statement basically means we need to use Edge or IE with Windows 10, in order to have full O365 functionality online (or the users can just use the desktop apps, which all managed devices have). Just wanted to put this in here, in case it can help anyone else in the future!
"Blocking or limiting access on unmanaged devices relies on Azure AD conditional access policies. Learn about Azure AD licensing For an overview of conditional access in Azure AD, see Conditional access in Azure Active Directory. For info about recommended SharePoint access policies, see Policy recommendations for securing SharePoint sites and files. If you limit access on unmanaged devices, users on managed devices who have the following browser and operating system combinations will also have limited access:
Chrome, Firefox, or any other browser besides Microsoft Edge and Microsoft Internet Explorer on Windows 10 or Windows Server 2016
Firefox in Windows 8.1, Windows 7, Windows Server 2012 R2, Windows Server 2012, or Windows Server 2008 R2"Brandon Hofmann I am sorry but this is false information. I use SPO in chrome just fine with no issue.
