In the previous post, we configured AzureAD Single Sign-On, Following on the same theme in this blog post we will cover the two options for configuring OneDrive Folder Redirection, Using the Options of Group Policy Based Configuration and InTune Configured Redirection. The Basis being prepping your AD Environment for moving from On-Premis AD Authentication to AzureAD Management and InTune Policies.
Configuring OneDrive Redirection – On-Premise
For further information from the Microsoft support article [Here]
First, We will need to download the latest OneDrive Release to obtain the ADMX Templates [Here]
If you already have the latest release of the OneDrive Client installed you can copy the ADM Files from either C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0008\adm or %localappdata%\Microsoft\OneDrive\$BuildVersion\adm
NOTE: If you can’t find the ADMX and ADML Files, I’ve uploaded a copy to the HypervLAB GitHub Repository
Once the folder has been located we need to copy the OneDrive.adml and admx files to the PolicyDefinitions Folder.
\\ad.hypervlab.co.uk\SYSVOL\ad.hypervlab.co.uk\Policies\PolicyDefinitions.
Drop the ADMX file into the root of the PolicyDefinitions Folder and the ADML file under the en-US Folder.
Next, we can create a new GPO Object, My personal preference when building out GPO’s is to have a lot with little in as it makes it’s easier for diagnosis if you have an issue.
Now we need to link the new GPO to the Computers OU.
Select the GPO Policy we created a few moments ago.
Configuring the Group Policy Object
The first configuration change we will want to make is to enable “Silently sign in users to the OneDrive Sync app”.
From the Group Policy Management Editor Navigate to: Computer Configuration > Policies > Administrator Templates > OneDrive.
Double Click on the Policy Settings and Select “Enable”
Next, to save space we will enable “Use OneDrive Files On-Demand” For more information about Files On-Demand have a read of the Microsoft support article [Here]
Finally we want to enable “Silently move Windows known Folders to OneDrive”.
To Configure this policy object we will need to obtain the AzureAD Tennant ID from [aad.portal.azure.com]
Once the policy has been configured, Reboot your Reference Computer and watch the documents move from the local machine to OneDrive.
