Forum Discussion
Solved
Stop downloads on unmanaged devices - conditional access
Hi all,
I want to set a block policy on downloads from sharepoint and onedrive for unmanaged devices - personal or not within the tenant.
I dont want to set this policy for all unmanaged but only select few
For anyone who would like to achieve the same I have managed to get it working.
Here is the config I used in conditional access (selecting Sharepoint online for the target resource)
6 Replies
- And how do you plan to differentiate such devices? Generally speaking, Entra/M365 has zero information on such devices, so it will be difficult to target only few of them specifically. If you can come up with a (supported) condition to filter them out, you can configure the corresponding Conditional access policy. If not, it will have to be an "all or nothing" approach, for all unmanaged devices.
- To identify the device can this be done in condition to check if the device is compliant or not?
- Again, how do you plan to identify those "select few" unmanaged devices? You can certainly check whether the device is compliant or not, but this is a simple true/false check, so you will have to come up with some other criteria.
