Allow syncing only on computers joined to specific domains
To make sure that users sync OneDrive files only on managed computers, you can configure OneDrive to sync only on PCs that are joined to specific domains.
To allow syncing only on PCs joined to specific domains
These settings apply to SharePoint sites as well as OneDrive. In a multi-geo environment, this setting can be configured separately for each geo location to apply to users with that preferred data location.
If you have Office 365 Germany, sign in to the Microsoft 365 admin center, then browse to the SharePoint admin center and open the Sharing page.
If you have Office 365 operated by 21Vianet (China), sign in to the Microsoft 365 admin center, then browse to the SharePoint admin center and open the Sharing page.
Select the Allow syncing only on computers joined to specific domains check box.
Add the GUID of each domain for the member computers that you want to be able to sync.
Make sure to add the domain GUID of the computer domain membership. If users are in a separate domain, only the domain GUID that the computer account is joined to is required.
This setting is only applicable to Active Directory domains. It does not apply to Azure AD domains. If you have devices which are only Azure AD joined, consider using a Conditional Access Policy instead.
For info about setting this sync app restriction by using PowerShell, see Set-SPOTenantSyncClientRestriction.