Apr 07 2020 03:37 AM
Hi
We are running conditional access with app enforced restrictions set in both Exchange online and SharePoint. and provide access via OWA
Our settings are set to
Exchange online CA Policy - read only
Sharepoint from unmanaged devices , web access- only
These work well and prevent saving of attachments to personal devices and the save location is limited to One Drive.
The issue we have is that when a user attempts to attach a file from an unmanaged device, they are getting an error "The following couldn't be attached xxxxx.doc. Please try again later.
Does anyone know if this is a limitation of applying conditional access or do we have a potential issue.
Thanks
Apr 30 2020 02:00 AM
@Kanoni40 What type of device are you testing on?
I'd like to understand the full case here. Is the behaviour the same for Windows, macOS, iOS and Android? Thanks!
May 04 2020 02:16 AM
Hi Thanks for getting back
Mobile devices are fine as we use MAM app protection policies to secure these devices and this allows for the attachment of files.
On Windows and Macos devices, we restrict access to browser only via conditional access and use "Use App enforced restrictions" In the session control for both Exchange and SharePoint.
SharePoint is set to limited, web access only, so no files can be download synched or printed from an unmanaged device.
Exchange is set to read only with attachments.
When attempting to attach a file from OWA you can browse to any location and select a file. From a local drive this is fine, but from a web resource such as One Drive or SharePoint, the file looks to attach in the normal way, then an error appears stating your organisation does not allow this.
I really want to know if this is expected behaviour or a potential issue with our configuration.
Interestingly with these policies in place the "Move To" option from SharePoint and One Drive is also removed.
Oct 11 2024 06:04 AM