Limit onedrive to only sync to computers in the domain, add exceptions

Copper Contributor

After using Set-SPOTenantPointSyncRestrictLimitedRestrict -Enable -Domain Guids to restrict onedrive to computers in the domain only, add an exception whitelist for individual computers to allow synchronization, exception rules can be for accounts, or for computers, or any other exception, for IP IP

4 Replies

There's no such thing as exceptions, only machines joined to the domain(s) you specify will be allowed.

@Vasil Michev 

Well, thank you for your reply, there are companies to provide mac machine, there are employees private mac machine, how to prevent private mac machine sync onedrive for business information, allow the company's mac machine synchronization

Mac machines are not affected by default, as explained in the documentation:


You need to specify additional switch if you want to block them, otherwise they can still connect regardless of any domain restrictions.

@Vasil Michev 
Do you know a way to add exceptions or bypass this for Azure AD Joined devices.
A customer is currently switchting his clients from his old domains to a single new one and is using autopilot deployment with only azure ad join (not hybrid joined) and therefore the clients are getting blocked (since they are in a workgroup).
I know we could technically go and hybrid join them with domain join configuration profile, but that is not the intended way to go.