Sep 08 2020 11:51 PM
is it possible to apply conditional access control on a device with one drive app? if a user is using one drive app and the device is not managed, block downloads.
Sep 09 2020 12:05 AM
@esnecho991 You need to apply app protection policies with condition access to enable DLP in unmanaged devices.
https://docs.microsoft.com/en-us/mem/intune/apps/app-protection-policy
Sep 10 2020 12:33 AM
@Swaminathan_Arumugam that requires intunes on my devices.
how about my user's laptop and mobile pads.
Sep 10 2020 12:47 AM
Sep 10 2020 12:51 AM
@Swaminathan_Arumugam thanks. is there any limitation on the platform where intunes can installed ?
We have servers, Desktop, and Linux machines. how to address that?
Sep 10 2020 12:55 AM
@esnecho991 To achieve this you need to implement CASB
Sep 12 2020 04:55 AM
Are the other devices in your environment hybrid azure ad joined? If you have it, you can create a conditional access rule "Block Unmanaged Device File Downloads".
Users and groups: All users
Cloud App: Office 365 SharePoint Online
Conditions:
- Client Apps: Mobile Apps and desktop clients
- Device state: Configure YES, Include: All device state, Exclude: Device Hybrid Azure AD joined
Access Controls: Block Access