Block Up/Downloading Specific File Types feature enabled for Azure AD too!
The "OneDrive for Business Deny List of File Types for Sync" feature was just released. This will provide "Administrators the ability to define a list of file types that will be actively blocked from sync functions (upload and download)." This is great and can be achieved by using the Set-SPOTenantSyncClientRestriction cmdlet, however on the description page this cmdlet, it is stated that it is available only if you use on-premise AD: "This capability doesn’t support Microsoft Azure Active Directory (AD) Joined or Workplace Joined devices."
Come on Microsoft, on one hand you say to customers to move everything in the cloud and then you release features that work only with on-prem components, but not cloud ones?
stupid product commented
who cares, it doesnt block uploads to the web, useless.
This can be closed.
After more than 24 hours this functionality started working even without running Set-SPOTenantSyncClientRestriction with -Enable parameter (despite MS Support saying that the functionality is available only with on-prem AD).
However, there still is an issue as this feature was implemented only half way. Blocking desired file types from being uploaded into the cloud storage using the OneDrive Sync client is working fine, but the Set-SPOTenantSyncClientRestriction cmdlet does not apply to uploading files using the Web View and user can upload the files using the browser. MS Support said that the web access to OneDrive cannot be disabled while keeping the sync client enabled. Will provide another feedback for the half solution issue.