Forum Discussion
Solved
Block Outlook-Client on unmanaged Win10
Hi All,
my customer wants to block the Outlook-Client on unmanaged Win10-Devices (private PCs), but Teams-Client should work.
I´ve done some testing with Conditional Access, MCAS and App-Protection-Policies. But either Outlook-Client AND Teams-Client were blocked or only Teams-Client blocked and with Outlook-Client I got a connection to EXO.
Only Browser is not an option for my customer.
Any Ideas about this question?
Regards,
Markus
now we use Windows Virtual Desktop and block private devices completly.
Thanks for your help.
Best regards,
Markus
Hello MarkusDi
I recommend that you use a Conditional Access policy and set it up to block non-compliant and non-Hybrid Azure AD joined devices. Please note that you would need an Exchange Online authentication policy to strictly forbid legacy authentication apps to connect. Legacy Authentication does not care for Conditional Access policies. Disable Basic authentication in Exchange Online | Microsoft Docs
//Nicklas Ahlberg
Hello NicklasAhlberg
this Policy would block unmanaged devices completly.
But they should be able to use Teams-Client on unmanged devices. "only" the use of outlook-client should be restricted...
Regards,
Markus
You could try to just block Exchange Online app but I am sure it will probably interfere with some Teams, OneDrive and SPO functionality. In this case I would use MAM to deploy an MS Edge policy.
