Outlook restrictions on O365


Is there any way to enforce web-based outlook restrictions (no uploads, for instance) with O365 one-click enabled for any domains (i.e those not necessarily owned by the client)?


Perhaps somebody knows more details, but since you had not received any response, here are my two cents.

Not sure if the outlook client uses IMAPS and SMTPS for transferring data exclusively.
But you can overrule the default One Click behavior for Outlook and Outlook (personal) in Application control. This should impact the Web access part. Again not sure if the regular outlook uses IMAP/SMTP or also uses HTTPS for communication.

At least you would be able to add identity and location based policies that could change the behavior of the Outlook Web application.

Thanks, Marco. The restrictions work fine now. There was some caching going on of certificates so when I disabled one-click, it wasn’t actually taking effect. After properly dropping the bypass, Webmail → Outlook under cloud app control can successfully manage what it’s supposed to.