Forum Discussion

AB21805's avatar
AB21805
Bronze Contributor
Mar 04, 2024
Solved

Stop downloads on unmanaged devices - conditional access

Hi all, I want to set a block policy on downloads from sharepoint and onedrive for unmanaged devices - personal or not within the tenant.    I dont want to set this policy for all unmanaged but on...
admin
App
Document Library
files
mobile
onedrive
PowerShell
Responsive
security
SharePoint Online
  • AB21805's avatar
    AB21805
    Mar 05, 2024

    For anyone who would like to achieve the same I have managed to get it working.

     

    Here is the config I used in conditional access (selecting Sharepoint online for the target resource)

     

VasilMichev's avatar
VasilMichev
MVP
Mar 04, 2024
And how do you plan to differentiate such devices? Generally speaking, Entra/M365 has zero information on such devices, so it will be difficult to target only few of them specifically. If you can come up with a (supported) condition to filter them out, you can configure the corresponding Conditional access policy. If not, it will have to be an "all or nothing" approach, for all unmanaged devices.