Hi there! Welcome to my blog. My name is Ivan. I am a Dutch IT Professional working as Principal IT Consultant. Working on Windows 10 migration project and there is a need to enable automatic sign in of OneDrive for Business client when new user profile has been created. Windows 1709 image is golden installation image that will be used for global deployment. In the past months I have been working on different parts and with Windows 10 1709 the OneDrive client is now fully integrated into the profile.
The challenge I have is to do more automatic configuration. Speed up the profile creation process for smooth and less IT effort to deliver the computer to the end user.
Thanks to Adam Fowler from his post https://www.adamfowlerit.com/2018/02/onedrive-business-auto-sign-windows-10/ I was able to complete the remaining part on my end. The perquisites to have my script are working:
- ADFS infrastructure
- AD internal UPN same as in the cloud
- Office 365 licenses enabled
I have done my homework, ADFS is in place, UPN is fixed, license for O365 enabled so now I only need a script sequence to run some commands to automatically do that. One important settings is from Computer Configuration GPO policy to enable "Silently configure OneDrive using the primary Windows account". This was for me in place before but was missing the part below to really run the setup and make sure modern authentication was enabled for OneDrive within the user profile (HKEY_CURRENT_USER)
Create new CMD file below and make sure it added to RunOnce
- I am using SCCM task sequence to add this to the default profile registers and place the CMD locally on the computer
- This file can also be executed manually or through logon script
OneDrive-Configuration.cmd
%localappdata%\Microsoft\OneDrive\Update\OneDriveSetup.exe taskkill /f /im OneDrive.exe reg add HKCU\Software\Microsoft\OneDrive /v EnableADAL /t REG_DWORD /d 1 /f "%localappdata%\Microsoft\OneDrive\OneDrive.exe"
Setup starts to initialize OneDrive for the user, kills the current OneDrive.exe process, sets the ADAL for modern authentication and starts OneDrive again.
Final end result :). OneDrive is configured and synced.
Rob
This is a nice solution but I just descovered a giant problem with this solution for Shared devices.
Every other user than the primary user gets the OneDrive of the Primary user of the device connected. This, as you can imagine, is a major issue.
So for shared devices this is something to think about when you configure this option.
Ps.: the option is now also available from the Administrative Templates (preview)
Darell
Now I am going to do my breakfast, after having my breakfast coming over aain to
read more news.
ignition poker bonus
An impressive share! I have just forwarded this onto a friend who waas conducting a little homework on this.
And hee actually ordered me lunch becuse
I found it for him… lol. So allow me to reword this….
Thanks for the meal!! But yeah,thanx for
spending the time to talk about thhis subject here on your blog.
aj
thanks for the post,
I tried the same exact method and itdidnt work for me.
does it need to be azure Ad?
ours is onprem.
any suggestion?
Regards