Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
To ensure users sync OneDrive files only on managed computers, you can configure OneDrive to sync only on PCs that are joined to specific domains.
To allow syncing only on PCs joined to specific domains
Note
These settings apply to SharePoint sites and OneDrive. In a multi-geo environment, this setting can be configured separately for each geo ___location to apply to users with that preferred data ___location.
Go to Settings in the SharePoint admin center{:target="_blank"}, and sign in with an account that has admin permissions for your organization.
Note
If you have Office 365 operated by 21Vianet (China), sign in to the Microsoft 365 admin center, then browse to the SharePoint admin center and open the Sharing page.
Select Sync.
Select the Allow syncing only on computers joined to specific domains check box.
Add the GUID of each ___domain for the member computers that you want to be able to sync.
Note
Make sure to add the ___domain GUID of the computer ___domain membership. If users are in a separate ___domain, the only requirement is adding the ___domain GUID the computer account is joined to.
Important
This setting is only applicable to Active Directory domains. It doesn't apply to Microsoft Entra domains. If you have devices that are only Microsoft Entra joined, consider using a Conditional Access Policy instead. For details, see Enable conditional access support in the OneDrive sync app.
Select Save.
For info about setting this sync app restriction by using PowerShell, see Set-SPOTenantSyncClientRestriction.
For information about blocking or limiting access to SharePoint and OneDrive content from unmanaged devices, see SharePoint and OneDrive unmanaged device access controls for administrators.