It’s been a little while since my last Keep it Simple with Intune post, apologies for this but I hope to get back on track with some new posts over the coming months.
Keep it Simple with Intune – #6 is all about configuring OneDrive on your Windows 10 Intune managed devices.
Setting up OneDrive and Known Folder Redirection is a doddle. All that is needed is to set up the OneDrive policies you require and assign to your devices. After a sync, your configuration will be available and assigned.
Here’s a run through with some of the settings you might like to consider – other settings are also available.
In the Azure Portal
In the Azure Portal, navigate to Microsoft Intune\Device configuration\Profiles and click Create Profile.
Enter a Name, appropriate Description. Select Windows 10 and later as the Platform.
From the Profile type drop down, choose Administrative Templates and click Create.
At this stage, you will be presented with all the possible settings which you can apply to your devices.
Click the All products drop down and choose Office and you can then filter for the OneDrive settings.
Here’s a selection of the settings I have applied to my devices, as a starter for your OneDrive policies.
Allow syncing OneDrive accounts for only specific organizations – enabled and the tenant ID needs to be entered
Limit the sync client upload rate to a percentage of throughput – this has been enabled with the default bandwidth value of 70.
Prevent users from changing the location of their OneDrive folder – this has been enabled. The tenant ID needs to be entered here, also, and a value of 1 set to enable this.
Prevent users from syncing libraries and folders shared from other organizations – this has been enabled.
Prevent users from syncing personal OneDrive accounts – enabled
Silently move Windows known folders to OneDrive – this has been enabled. This is the setting which will redirect Desktop, Documents and Pictures into the OneDrive space. Again, you need to enter the tenant ID. You can also set notification for end users so they are aware that the locations have been reassigned to OneDrive, or make this a silent action.
Silently sign in users to the OneDrive sync client with their Windows credentials – enabled.
Use OneDrive Files On-Demand – enabled
With the settings defined, the next step is to assign them to a set of devices. This is easily achieved by clicking the Assignments link and selecting a Group to add
Finally, in the Portal, you can click the Setting link, select Office from the dropdown, and you can view the Enabled settings.
On the endpoints
With the settings defined, the devices will pick up the changes, but we can force through a sync to speed things up. In the Settings app, click Accounts\Access work or school, then click the Connected to “NAME” Azure AD and select Info. Scroll to Device sync status and click the Sync button.
After the sync completes, the OneDrive policies will appear in the list of applied policies.
After a restart of the machine, the OneDrive application kicked in and pop up notifications appeared to notify the end user of the changes taking place. Note the Your IT department backed up your folders notification which is confirmation of the known folder redirection taking place.
and that is as tricky as it gets. Nice and simple.
Take a look at the other blog posts in the series:
- #1 Enable password reset for users
- #2 Push out your customised Start Menu
- #3 Disk Encryption
- #4 Deploying a Win32 app
- #5 Intune session from Charlotte Systems Management User Group