Forum Discussion
Block OneDrive sync on non-domain joined devices
It's simply not supported for AADJ devices, as mentioned for example here: https://docs.microsoft.com/en-us/powershell/module/sharepoint-online/set-spotenantsyncclientrestriction?view=sharepoint-ps
Either remove the restrictions altogether or tell those users to stop bothering you 🙂
It's simply not supported for AADJ devices, as mentioned for example here: https://docs.microsoft.com/en-us/powershell/module/sharepoint-online/set-spotenantsyncclientrestriction?view=sharepoint-ps
Either remove the restrictions altogether or tell those users to stop bothering you 🙂
Thanks for the feedback VasilMichev , I was afraid this might be the case 🙂
If I would get all on-prem AD joined devices from the different forests in an HAAJ state, could I then use a CA policy scoped on OneDrive/SharePoint and 'modern apps' to block sync except for HAAJ or compliant devices?
I know you can remove the sync and/or download button from the web experiece using CA but not sure if you can actually block sync altogether (i.e. when launching onedrive.exe and logging in).
I just want to make sure nobody syncs onedrive/sharepoint data onto an unmanaged device.
That should work. You can also configure IP-based restrictions, either via CA policy or directly from the OneDrive admin center.
