cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Controlling access to SPO sites from unmanaged devices

stromnessian
Brass Contributor

‎Feb 16 2022 01:23 PM

‎Feb 16 2022 01:23 PM

Controlling access to SPO sites from unmanaged devices

Hi

 

I've been testing access to SPO sites from unmanaged devices (ref: Control access from unmanaged devices - SharePoint in Microsoft 365 | Microsoft Docs), both for the entire tenant and also individual sites.  Something I noticed was that even with the automatically generated conditional access policies disabled, the restrictions still applied, which came as a surprise to me.  I subsequently deleted the policies and tested again, toggling between AllowLimitedAccess and AllowFullAccess for an individual site, and found that the restrictions applied when set to AllowLimitedAccess.  My understanding was that CA policies were needed for this to work, but I must have been mistaken.  Could someone enlighten me?  Thanks in advance!

1,935 Views
0 Likes
4 Replies
Reply
4 Replies
Andres Gorzelany

‎Feb 16 2022 01:59 PM

‎Feb 16 2022 01:59 PM

Re: Controlling access to SPO sites from unmanaged devices

Hello!
How much time do you let pass since you disabled the CA and tested for restrictions? Because it can take a considerable time for the changes to take effect, at least, on my past tests.

I do not remember if limiting an individual site creates CA policies, have to check on my tenant
0 Likes
Reply
stromnessian

‎Feb 16 2022 02:11 PM

‎Feb 16 2022 02:11 PM

Re: Controlling access to SPO sites from unmanaged devices

Hi Andres

Thanks for your reply. One was set to Off and the other to Report Only weeks ago. I just deleted them today. I’m going to do some more testing…
0 Likes
Reply
Andres Gorzelany

‎Feb 17 2022 05:06 AM

‎Feb 17 2022 05:06 AM

Re: Controlling access to SPO sites from unmanaged devices

Ok let me know how it goes!
0 Likes
Reply
Sruthyy

‎Oct 15 2022 04:13 AM

‎Oct 15 2022 04:13 AM

Re: Controlling access to SPO sites from unmanaged devices

Hi Stromnessian!
I have experienced the same issue when I tested this. Even though, we disable the respective CA policy, the restriction will apply. Try creating a CA policy on your own without modifying the policy created when the unmanaged device restriction was applied. Check out the blog below to know how to create CA policy on your own.
https://blog.admindroid.com/prohibit-unmanaged-devices-accessing-sharepoint-and-onedrive-to-prevent-...
0 Likes
Reply