cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Block file download in O365 for non intune compliant device

Alex_Tsang0107
Copper Contributor

‎Oct 15 2020 07:15 AM - edited ‎Oct 15 2020 07:18 AM

‎Oct 15 2020 07:15 AM - edited ‎Oct 15 2020 07:18 AM

Block file download in O365 for non intune compliant device

Hi all

 

I would like to block some users from download attachment in the non intune compliant device, so I first configured a conditional policy with custom session policy for all browser traffic to MCAS. Then I configured a session policy to find device tag does not equal intune compliant to block the file download.

 

Alex_Tsang0107_0-1602771007024.png

 

Then when I test to download attachment in O365 with Edge browser ina Win 10 and Android which is intune enrolled, but the user agent tag has only Azure AD joined, not intune compliant (but I checked the device is compliant in endpoint manager). So may I know any one tried this setup?

 

Best regards

 

Alex Tsang

 

1,389 Views
0 Likes
1 Reply
Reply
1 Reply
Sarahzin_Shane

‎Oct 23 2020 04:08 PM

‎Oct 23 2020 04:08 PM

Re: Block file download in O365 for non intune compliant device

@Alex_Tsang0107 

 

Hi Alex,

 

Unfortunately, session policies only work for Browser and in this case, the Android would not get this session policy. Are you saying that the Android is popping up as AAD joined instead of Intune compliant? Lastly, for the Browser, is that working?

 

Thank you!

 

Sarahzin

0 Likes
Reply