We need to keep our users from downloading mail to non managed computers. Our users will need to login using ADFS to access Exchange Online. We are looking for a way of restricting users to not be able to authenticate using ADFS from non domain joined PCs while still allowing them to authenticate from mobile devices. Is this possible?

Hi Mark, you should look into rollup update 2 for ADFS 2.0. Microsoft added that as feature in ADFS RU1. Limiting Access to Office 365 Services Based on the Location of the Client - http://technet.microsoft.com/en-us/library/hh526961(WS.10).aspx RU2 - http://support.microsoft.com/kb/2681584 Good luck! Lutz