Forum Discussion
Solved
CAS Access Control - Restrict users using OneDrive Desktop Client
Good day! I created an Access policy in CAS to restrict the access to OneDrive and SharePoint Client only not including Teams Client. OneDrive, SharePoint and Teams are already added in the Condi...
- MCAS can only protect web workloads, so it cannot be used to block the synchronization of OneDrive and SharePoint. To control syncing you need to configure domain join verification inside admin.onedrive.com and that will apply to both SharePoint and OneDrive sync. For more information on that feature read here: https://docs.microsoft.com/en-us/powershell/module/sharepoint-online/set-spotenantsyncclientrestriction?view=sharepoint-ps
You cannot have a more restrictive policy for SharePoint without impacting Teams, because Teams has a dependency on SharePoint. For more information on the dependent services and how you can't have separate restrictions, view this article here: https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/service-dependencies
To block sync in Teams you have to disable it in the library settings as described here:
https://answers.microsoft.com/en-us/msoffice/forum/all/disable-sync-options-on-office-365-group-team-site/87180381-f0fc-411b-9895-8b3ee5df0dde
MCAS can only protect web workloads, so it cannot be used to block the synchronization of OneDrive and SharePoint. To control syncing you need to configure domain join verification inside admin.onedrive.com and that will apply to both SharePoint and OneDrive sync. For more information on that feature read here: https://docs.microsoft.com/en-us/powershell/module/sharepoint-online/set-spotenantsyncclientrestriction?view=sharepoint-ps
You cannot have a more restrictive policy for SharePoint without impacting Teams, because Teams has a dependency on SharePoint. For more information on the dependent services and how you can't have separate restrictions, view this article here: https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/service-dependencies
To block sync in Teams you have to disable it in the library settings as described here:
https://answers.microsoft.com/en-us/msoffice/forum/all/disable-sync-options-on-office-365-group-team-site/87180381-f0fc-411b-9895-8b3ee5df0dde
You cannot have a more restrictive policy for SharePoint without impacting Teams, because Teams has a dependency on SharePoint. For more information on the dependent services and how you can't have separate restrictions, view this article here: https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/service-dependencies
To block sync in Teams you have to disable it in the library settings as described here:
https://answers.microsoft.com/en-us/msoffice/forum/all/disable-sync-options-on-office-365-group-team-site/87180381-f0fc-411b-9895-8b3ee5df0dde