OneDrive Sync Restrictions for Mac OSX

Copper Contributor

Here's a fun situation, maybe there will be an answer one day so i'll just lay out a senerio.


An enterprise has windows, mac, mobile devices that all need access to onedrive. 

The enterprise admin is directed to not allow onedrive client sync on non domain joined endpoints.

Typically they would configure OneDrive Sync settings to only allow sync on devices joined to a specific domain guid. That allows the domain joined windows clients to use the onedrive client sync app and mobile devices are unaffected because they do not sync, but the mac osx devices that are domain joined cant sync. This is a big problem for the enterprise admin because only the important people use mac's and now they cant use onedrive to work on their files. 


I think this is because the mac osx onedrive client sync app cant communicate that its domain bound properly to the sharepoint admin center to verify that its installed on a approved domain joined mac.  

On a windows device this check seems to be acomplished with a wmi call by the client but hey there's no wmi on a mac...


So the admin turns to conditional access but can not accomplish allowing the mac's onedrive access because they can only use inverse exclusion conditions on the office365 suite of applications (because you cant target the public onedrive app specifically that way) which would knock out employees who use their additional o365 desktop install licensees on their personal home computers causing more screams from hundreds more people. 


At the end of the story this admin would find themselves on the OneDrive blog praying someone from Microsoft notices their unique fictional problem. 


Please help



0 Replies