How to block the Outlook desktop application using Windows Information Protection WIP

Brass Contributor

Hi All,


We need to block a group of users from using the Outlook desktop application. We want them to only access company emails using the Internet browser version of Outlook.


I have tried to achieve this by using an Azure Conditional Access policy (with Office 365 Exchange Online). The problem is using Azure Conditional will also effect MS Teams and Skype for Business as explained on


My question is, is there another way we can block the Outlook desktop application using another Intune feature like Windows Information Protection (WIP)?



1 Reply

If you want to block them from accessing Outlook on *any* location, use the Set-CasMailbox cmdlet:


Get-CASMailbox -MAPIEnabled $false


If you want to block it from outside of the corporate network only, Conditional Access or AD FS claims rules are your only options.