Forum Discussion
Question about settings for Sync button and modern app authentication
The answer to the first question is here: https://support.office.com/en-us/article/prevent-users-from-installing-the-onedrive-sync-client-b59cf952-f5a3-40ae-9159-36d5f869422c
But as you said, it's not a real restriction as they can just download the client elsewhere (not to mention it comes preinstalled with Win10). If you want to restrict the sync, you can use the second option in the portal or the set-spotenantsyncclientrestriction cmdlet.
For the second question, all Microsoft apps should indeed support MA nowadays, but some time ago this was not true. And having support for MA is important for features such as Conditional access, which you can bypass if using legacy auth. Thus many organizations are interested in being able to block such apps. It's the analog of the -LegacyAuthProtocolsEnabled setting for Set-SPOTenant.
The answer to the first question is here: https://support.office.com/en-us/article/prevent-users-from-installing-the-onedrive-sync-client-b59cf952-f5a3-40ae-9159-36d5f869422c
But as you said, it's not a real restriction as they can just download the client elsewhere (not to mention it comes preinstalled with Win10). If you want to restrict the sync, you can use the second option in the portal or the set-spotenantsyncclientrestriction cmdlet.
For the second question, all Microsoft apps should indeed support MA nowadays, but some time ago this was not true. And having support for MA is important for features such as Conditional access, which you can bypass if using legacy auth. Thus many organizations are interested in being able to block such apps. It's the analog of the -LegacyAuthProtocolsEnabled setting for Set-SPOTenant.