In this post, we’ll see how we can migrate known folders to OneDrive and sync a SharePoint Team site’s library to OneDrive.

If you want to sync SharePoint library, check previous post to copy the SharePoint library ID.

If you do not want to sync SharePoint library, do not follow the SharePoint related configuration.

Existing setup done:

  1. Two Local users created
  2. Azure AD Connect configured
  3. Seamless Single Sign-On (IE) configured
  4. Seamless Single Sign-On (Firefox) configured
  5. Hybrid Azure AD Join configured
  6. Intune enrollment – Domain Joined Windows 10 devices
  7. Azure AD Join
  8. Office 365 Pro Plus Application
  9. Sample SharePoint Team Site

Existing setup:

  1. SkyDC: Machine with ADDS, DNS, DHCP role
  2. SkyCON: Machine where we will install Azure AD Connect
  3. SkyCM: Machine with Configuration Manager Current Branch
  4. SkyTEN1: Domain Joined Windows 10 machine
  5. SkyTEN2: Domain Joined Windows 10 machine
  6. SkyTEN3i: Domain Joined Windows 10 machine (Intune Managed)
  7. SkyTEN4i: Domain Joined Windows 10 machine (Intune Managed)
  8. SkyTEN5i: Azure AD Joined Windows 10 (Intune Managed)
  9. SkyTEN6i: Azure AD Joined Windows 10 (Intune Managed)

There are two methods, PowerShell method and ADMX Profile method. You can choose any method you want.

Copy the Tenant ID which we’ll use in our configuration:

Login to Azure Portal.

Navigate to Azure Active Directory and click on Properties. Copy the Directory ID.

Method 1:

Create a PowerShell script to automatically configure OneDrive. You can read more at: https://docs.microsoft.com/en-us/onedrive/use-group-policy

Replace the value of $tenantID in the script with Directory ID you copied earlier.

Name it appropriately. I have named it as OneDrive-AutoConf.ps1.

<#
Settings are configured using article: https://docs.microsoft.com/en-us/onedrive/use-group-policy
#>

$tenantID = “11111111-2222-3333-4444-555555555555”
$OneDriveRegistryPath = “HKLM:\SOFTWARE\Policies\Microsoft\OneDrive”

#Silently sign in users to the OneDrive sync client with their Windows credentials
$Name = “SilentAccountConfig”
$value = “1”
If(!(Test-Path $OneDriveRegistryPath))
{
New-Item -Path $OneDriveRegistryPath -Force | Out-Null
New-ItemProperty -Path $OneDriveRegistryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null
}
Else
{
New-ItemProperty -Path $OneDriveRegistryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null
}

#Use OneDrive Files On-Demand
$Name = “FilesOnDemandEnabled”
$value = “1”
If(!(Test-Path $OneDriveRegistryPath))
{
New-Item -Path $OneDriveRegistryPath -Force | Out-Null
New-ItemProperty -Path $OneDriveRegistryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null
}
Else
{
New-ItemProperty -Path $OneDriveRegistryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null
}

#Known Folder Migration

#Prevent users from moving their Windows known folders to OneDrive
$Name = “KFMBlockOptIn”
$value = “1”
If(!(Test-Path $OneDriveRegistryPath))
{
New-Item -Path $OneDriveRegistryPath -Force | Out-Null
New-ItemProperty -Path $OneDriveRegistryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null
}
Else
{
New-ItemProperty -Path $OneDriveRegistryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null
}

#Silently move Windows known folders to OneDrive
$Name = “KFMSilentOptIn”
If(!(Test-Path $OneDriveRegistryPath))
{
New-Item -Path $OneDriveRegistryPath -Force | Out-Null
New-ItemProperty -Path $OneDriveRegistryPath -Name $name -Value $tenantID -PropertyType String -Force | Out-Null
}
Else
{
New-ItemProperty -Path $OneDriveRegistryPath -Name $name -Value $tenantID -PropertyType String -Force | Out-Null
}

#Silently move Windows known folders to OneDrive. Display notification when successfully done
$Name = “KFMSilentOptInWithNotification”
$value = “0”
If(!(Test-Path $OneDriveRegistryPath))
{
New-Item -Path $OneDriveRegistryPath -Force | Out-Null
New-ItemProperty -Path $OneDriveRegistryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null
}
Else
{
New-ItemProperty -Path $OneDriveRegistryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null
}

#Prevent users from redirecting their Windows known folders to their PC
$Name = “KFMBlockOptOut”
$value = “1”
If(!(Test-Path $OneDriveRegistryPath))
{
New-Item -Path $OneDriveRegistryPath -Force | Out-Null
New-ItemProperty -Path $OneDriveRegistryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null
}
Else
{
New-ItemProperty -Path $OneDriveRegistryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null
}

Create a PowerShell script to automatically configure OneDrive to sync SharePoint site library. You can read more at: https://docs.microsoft.com/en-us/onedrive/use-group-policy

Replace the value of $LibraryName with the name of the SharePoint Site Library name.

Replace the value of $LibraryID with the library ID of the SharePoint Site Library (check previous post)

Name it appropriately. I have named it as OneDrive-AutoConfSharePoint.ps1.

#Configure team site libraries to sync automatically

$OneDriveRegistryPath = “HKCU:\SOFTWARE\Policies\Microsoft\OneDrive\TenantAutoMount”

#Silently sign in users to the OneDrive sync client with their Windows credentials
$LibraryName = “SharePoint_Library_Name”
$LibraryID = “LibraryID_from_SharePoint_Site_Sync”
If(!(Test-Path $OneDriveRegistryPath))
{
New-Item -Path $OneDriveRegistryPath -Force | Out-Null
New-ItemProperty -Path $OneDriveRegistryPath -Name $LibraryName -Value $LibraryID -PropertyType STRING -Force | Out-Null
}
Else
{
New-ItemProperty -Path $OneDriveRegistryPath -Name $LibraryName -Value $LibraryID -PropertyType STRING -Force | Out-Null
}

Add PowerShell scripts to Intune:

Navigate to Intune -> Device configuration -> PowerShell scripts. Click on +Add.

In Name, provide name of the script. I have given OneDrive Auto Conf. Click Next.

Click on the folder icon to browse for the script.

Select the OneDrive-AutoConf.ps1 script and click Next.

Click on +Select groups to include.

In the Select box, search for office.

Click on the Office 365 Users AAD group (created earlier while deploying Office 365 Pro Plus) and click Select.

Click Next.

Click Add.

In the PowerShell scripts window, click on +Add again.

In Name, provide name of the script. I have given OneDrive Auto Configuration – SharePoint Library. Click Next.

Click on the folder icon to browse for the script.

Select the OneDrive-AutoConfSharePoint.ps1 script.

In Run this script using the logged on credentials, select Yes.

Click Next.

Click on +Select groups to include.

In the Select box, search for office.

Click on the Office 365 Users AAD group (created earlier while deploying Office 365 Pro Plus) and click Select.

Click Next.

Click Add.

You can see both the scripts.

In Client machine:

Sync the policy

Once the script is deployed, you can see that the known folders are now synced with OneDrive for Business. Log off and log in again.

After some time you will see that SharePoint site library is also synced.

Method 2:

As we have deployed Office 365 Pro Plus and the scripts to all the devices. To test method 2, we will create 2 cloud users. We will also create 2 Azure AD joined Windows 10 machines logged in using the created cloud users.

Create Cloud users for method 2:

You can see, I have created two cloud users, CU01 and CU02.

Created one more group Office 365 Users 2 – AAD and added the above created users.

Created 2 more Windows 10 machines and join them to Azure AD using above user IDs.

Created two Windows 10 devices, SkyTEN7i and SkyTEN8i. Joined them to Azure AD.

Deploy the Office 365 Application to above group.

Navigate to Intune -> Client apps -> Apps. Click on the Office 365 Pro Plus application.

Navigate to Assignments and click on Add group.

In Assignment type select Required.

Click on Included Groups.

Click on Select groups to include.

In search box, type office, select Office 365 Users 2 – AAD. Click Select.

Click OK.

Click OK.

Click Save.

Create Windows 10 ADMX Profile policy.

Navigate to Intune -> Device configuration -> Profiles. Click on +Create profile.

Enter profile name and description. I have entered:

Name: Win 10 ADMX Profile

Description: Windows 10 admx profile for OneDrive

In Platform, select Windows 10 and later.

In Profile type, select Administrative Templates.

Click Create.

Navigate to Settings. Search for OneDrive.

Click on Silently sign in users to the OneDrive sync client with their Windows credentials and select Enabled. Click OK.

Click on Use OneDrive Files On-Demand and select Enabled. Click OK.

Click on Prevent users from moving their Windows known folders to OneDrive and select Enabled. Click OK.

Click on Silently move Windows known folders to OneDrive and select Enabled.

In Tenant ID, enter Directory ID.

In Show notification to users after folders have been redirected, select No.

Click OK.

Click on Prevent users from redirecting their Windows known folders to their PC and select Enabled. Click OK.

Click on Configure team site libraries to sync automatically and select Enabled.

Under Libraries, in Name, enter your SharePoint Library Name.

Under Libraries, in Value, enter your SharePoint Library ID (check previous post).

Click OK.

Navigate to Assignments. Click on Select groups to include.

Search for office and select the new group Office 365 Users 2 -AAD. Click on Select.

Click Save.

In Client Machine:

Sync the policy

Once the script is deployed, you can see that the known folders are now synced with OneDrive for Business. Log off and log in again.

After some time you will see that SharePoint site library is also synced.

Leave a comment

Your email address will not be published. Required fields are marked *