Conditional Access On OneDrive File Access Blocks Teams Chat
We put a OneDrive Condtional Access Policy in place to restrict download of files from Sharepoint/OneDrive from unmanaged devices. Since the Teams file system is built on top of Sharepoint, this policy should therefore affect Teams and it does. The problem, however, is it affects Teams at the front door of access. Teams is not just a file repository and file download tool...in fact its easy to argue that isn't even a top 3 use case. Blocking access at the front door restricts unmanaged users from engaging in simple things like Chat, Conversations, Screensharing, Teams meetings, etc. The intent of the conditional access policy is only to block files, not block all these things. It would be much better if the policy did not kill things at the front door, but instead killed access when the Files tab was used.
Sjoerd Derks commented
I can't use the Teams app (tested on Windows). When CA is applied for sharepoint. (block unkown system)
But we wan't to use the Chat and Call funtions on Unkown systems.
It seems this item was the solve for Conditional Access...
My supposition is that the solve was done wrong. It should not block us at the front door, but should instead do its blocking on the Files tab within Teams.