|Service||Microsoft Docs article||Related commit history on GitHub||Change details|
|SharePoint||Block Download From Sites||https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/block-download-from-sites.md|| +
+ Title: Block the download of files from a SharePoint site or OneDrive (preview)++++
+description: Learn how administrators can block download of files from a SharePoint and OneDrive without using conditional access policies.++
+# Block the download of files from a SharePoint site or OneDrive (preview)+
+As a SharePoint Administrator or Global Administrator in Microsoft 365, you can block download of files from SharePoint sites or OneDrive. This feature does not need Azure Active Directory conditional access policies. This feature can be set for individual sites and cannot be set at the organization level.+
+Blocking download of files allows users to remain productive while addressing the risk of accidental data loss. Users have browser-only access with no ability to download, print, or sync files. They also won't be able to access content through apps, including the Microsoft Office desktop apps. When web access is limited, users will see this message at the top of sites, "Your organization doesn't allow you to download, print, or sync from this site. For help contact your It department."+
+## How to set this policy for a SharePoint site+
+1. To use PowerShell: [Download the latest SharePoint Online Management Shell](https://go.microsoft.com/fwlink/p/?LinkId=255251).+
+ > [!NOTE]
+ > If you installed a previous version of the SharePoint Online Management Shell, go to Add or remove programs and uninstall "SharePoint Online Management Shell."
+2. Connect to SharePoint as a [Global Administrator or SharePoint Administrator](./sharepoint-admin-role.md) in Microsoft 365. To learn how, see [Getting started with SharePoint Online Management Shell](/powershell/sharepoint/sharepoint-online/connect-sharepoint-online).+
+3. Run the following command.+
+ Set-SPOSite -Identity <SiteURL> -BlockDownloadPolicy $true
+ For example, `Set-SPOSite -Identity https://contoso.sharepoint.com/sites/research -BlockDownloadPolicy $true`+
+## Exempting users and groups from the policy+
+ The following parameters can be used with this cmdlet to fine tune it.+
+ `-ExcludeBlockDownloadPolicySiteOwners $true` Exempts site owners from this policy and they can fully download any content for the site.+
+ `-ExcludedBlockDownloadGroupIds <comma separated group ids>` Exempts users from the mentioned groups from this policy and they can fully download any content for the site.+
+## App impact+
+Blocking download may impact the user experience in some apps, including some Office apps. We recommend that you turn the policy on for some users and test the experience with the apps used in your organization. In Office, make sure to check the behavior in Power Apps and Power Automate when your policy is on.+
+> Apps that run in "app-only" mode in the service, like antivirus apps and search crawlers, are exempted from the policy.
+> If you're using classic SharePoint site templates, site images may not render correctly. This is because the policy prevents the original image files from being downloaded to the browser.+
+## Need more help?+
+## Related topics+
+[SharePoint and OneDrive unmanaged device access controls for administrators](/sharepoint/control-access-from-unmanaged-devices).+
+[Policy recommendations for securing SharePoint sites and files](/microsoft-365/enterprise/sharepoint-file-access-policies)+
+[Control access to SharePoint and OneDrive data based on defined network locations](control-access-based-on-network-location.md)
|SharePoint||Manage Loop Components||https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/manage-loop-components.md|| Title: "Manage Loop components in SharePoint"-+
Loop experiences on Microsoft 365 OneDrive or SharePoint are backed by .fluid fi## Loop service requirements
-Loop's near real-time communications are enabled by the core services that run a WebSocket server. Coauthors in the same session need to establish secured WebSocket connections to this service to send and receive collaborative data such as changes made by others, live cursors, presence, etc. These experiences are crucial to Loop, and all the scenarios powered by Fluid framework. So at the minimum, WebSocket will need to be unblocked from the user's endpoint.
+Loop's near real-time communications are enabled by the core services that run a WebSocket server. Coauthors in the same session need to establish secured WebSocket connections to this service to send and receive collaborative data such as changes made by others, live cursors, presence, etc. These experiences are crucial to Loop, and all the scenarios powered by Fluid framework. So, at the minimum, WebSocket will need to be unblocked from the user's endpoint.Just like other Microsoft 365 experiences, Loop also leverages core services across SharePoint and Microsoft 365. To effectively enable Loop experiences or OneDrive and SharePoint files-backed experiences powered by Fluid Framework, follow the instructions in [Office 365 URLs and IP address ranges](/microsoft-365/enterprise/urls-and-ip-address-ranges) to ensure connections to Loop services. ## Settings management
-You'll need the latest version of SharePoint PowerShell module to enable or disable all Fluid Experiences across your Microsoft 365 organization. Microsoft Fluid Framework defaults to ON for all organizations. Because Loop components are designed for collaboration, the components are always shared as editable by others, even if your organization is set to default to view-only for other file types. See the Learn more link next to the setting for more details.
+You'll need the latest version of SharePoint PowerShell module to enable or disable all Loop (powered by the Fluid Framework) experiences across your Microsoft 365 organization. Microsoft Fluid Framework defaults to ON for all organizations. Because Loop components are designed for collaboration, the components are always shared as editable by others, even if your organization is set to default to view-only for other file types. See the Learn more link next to the setting for more details.|Experience|SharePoint organization properties|Notes| ||-||
-|Loop components in Teams and Outlook|`IsLoopEnabled` (boolean)|This property controls Loop experiences across the Microsoft 365 experience.|
+|Loop components in Teams and Outlook|`IsLoopEnabled` (boolean)|This property controls Loop experiences across the Microsoft 365 experience, except for Outlook - see below.||Microsoft Whiteboard on OneDrive|`IsWBFluidEnabled` (boolean)|This property controls Microsoft Whiteboard on OneDrive.| |Microsoft OneNote collaborative Meeting notes|`IsCollabMeetingNotesFluidEnabled` (boolean)|This property controls Microsoft OneNote collaborative Meeting notes.| |**All Microsoft 365 experiences** powered by Fluid Framework.|`IsFluidEnabled` (boolean)|This core property controls all other experiences powered by Fluid Framework. Setting it to `False` will effectively disable all experiences (everything in this table) in the organization powered by Fluid Framework. **Do not use after May - this setting will be deprecated later this year.**|
The feature will be available on Teams Windows Desktop, Mac, iOS, Android, and wTo disable Loop components, run `Set-SPOTenant -IsLoopEnabled $false`. The change will take a short time to apply across your organization.
+## Settings management for Outlook+
+Microsoft is migrating to Cloud Policy as the mechanism to control Loop experiences. This will be phased in over time, so set both the above SharePoint setting `IsLoopEnabled` and the Cloud Policy settings in this section to control all Loop integrations.+
+Outlook integration will stop checking the `IsLoopEnabled` setting in late 2022.+
+Outlook integration will begin checking only these Cloud Policy settings in late 2022:+
+* Create and view Loop files in Microsoft apps that support Loop
+* Create and view Loop files in Outlook+
+See the [Cloud Policy](/deployoffice/admincenter/overview-cloud-policy) setting templates for the settings above for more information.+ ## eDiscovery Loop components, Whiteboard on OneDrive, and OneNote collaborative Meeting Notes are discoverable but have limited eDiscovery workflow support. Currently, these files are stored in the creator's OneDrive for Business and are available for search and collection in both eDiscovery (Standard) and eDiscovery (Premium). However, they do not render in preview and the export format for review is not consumable by existing tools. To view the exported content, upload them to any OneDrive for Business.