Implementing OneDrive On A Per User Basis (Not Computer Basis)
- Silently move Windows known folders to OneDrive
- Silently sign in users to the OneDrive sync app with their Windows credentials
A Use Case
- Hybrid Azure AD Joined and Intune Managed Laptops
- Documents and Pictures folder set-up using Network Folder Redirection to point to a UNC Path e.g. \\servername\%username%\documents
- OneDrive was signed in, but KFM disabled
- If you have line of sight to your UNC path at the point of login, OneDrive KFM will attempt to move your files from your network folder and to your local OneDrive folder. It will then start syncing those to your OneDrive folder. So it's downloading your files locally first, and then uploading them to OneDrive. Incidentally this can cause concern as the files appear deleted from the network drive, and depending on the amount of files you have and network connection, the download of the files can take a long time to complete, and then you have the upload to OneDrive.
- If you have NO line of sight to your UNC path, OneDrive will still implement KFM, but because it's unable to move your files, your Desktop and Documents and Pictures will not include any of the files from your network folder. So KFM would be implemented, but your files remain in your network location.
- Remove network folder redirection for a users Documents and Pictures folders
- Set the Desktop, Documents and Pictures folder paths to the users OneDrive path
- Toast notification that the files are now stored in OneDrive
- Check whether the paths for Documents, Pictures point to a UNC path (if they don't the script will not continue). You can include the Desktop in the script if you wish.
- Sets the Documents and Pictures folder to point to the OneDrive path using Shell32 (meaning no need to logoff and logon for the change to be reflected in file explorer.
- Records the registry values of the Desktop, Documents and Pictures folders before and after
- Attempts to upload a log of the before and after, along with a PowerShell transcript file to a network location.
- Displays a Toast Notification that the change has been completed.
- Creates a tag/detection file so that Intune can detect that the package has completed.
Prep and Packaging in Intune
- Navigate to the Declarations section of the script and modify the values for your log file name and upload location
- Amend the Toast Notification text at the bottom of the Execution section of the script
- Amend the PNG that is displayed as part of the toast notification
- Package the amended script using IntuneWinAppUtil.exe - you can see an example MakeApp.cmd for that
- Create the Win32 App in Intune and set the values using the file IntuneDetails.txt