OneDrive Sync is a Key Component of Office 365
In a previous article I detailed how the OneDrive Sync Client works, explaining some of the improvements Microsoft made to the modern OneDrive Sync Client. The Sync Client is key to providing users with a reliable way to store files in SharePoint Online and OneDrive for Business.
Because of this, it’s important that tenant administrators deploy OneDrive in a way that meets their organization’s requirements. In this article, I explore the administrative options available for deploying and controlling OneDrive Sync Client.
Configuring the OneDrive Sync Client as an Admin
The OneDrive Sync Client is included in all versions of Windows 10 and Windows 11. For older Windows versions and macOS, the software is downloadable from Microsoft. The Sync Client is configured using a series of registry keys on Windows devices. You can push the registry keys to devices manually or by script, but it’s much easier to use Group Policy Objects (GPOs) or Intune Administrative Templates to deploy the desired configuration.
Many organizations still configure devices from Active Directory using GPO. To start controlling OneDrive with GPOs, the OneDrive ADMX templates must be copied from a Windows machine with an up-to-date Sync Client into your Active Directory Central Store. You’ll find the source files at this location:
Once copied, the OneDrive policies are available for both computer and user settings under Policies\Administrative Templates\OneDrive as shown in Figure 1:
For macOS deployments, the Sync Client is managed via a property list (PLIST). Intune and other management tools such as Jamf support deployment of PLISTs to macOS devices. Make sure to read the Microsoft Documentation to keep up with the settings supported for Mac clients.
OneDrive Brings User Profiles to the Cloud
In my previous article on how the OneDrive Client Sync works, I mentioned how Known Folder Move (KFM) adds to the flexibility of the Sync Client. By automatically syncing key folders (Desktop, Documents and Pictures) to OneDrive, solutions like folder redirection can be replaced by the Sync Client. Migrating profiles to OneDrive, (when planned correctly) can improve user experience and lessen the burden on admins.
KFM is easy to configure using Group Policy. The settings to consider for deploying the feature are all available in the ADMX templates, and some key settings to watch out for are listed in Table 1. A full list of the policy settings for the OneDrive Sync Client is available in the Microsoft Documentation.
When configuring KFM, it’s important to consider the limitations of the service as the client will potentially synchronize an unknown number of unknown file types from user workstations. For example, when enabling KFM, you may inadvertently cause PST files to be synchronized from client machines.
PST files should not really be used if you value data governance and compliance, but their use persists in many organizations. Outside of just being bad practice, Microsoft has reduced the retention time for PST versions to 30 days.
Other than PST files, it’s a good idea to set up and communicate which file types you want to block from syncing. This is done in the SharePoint Admin Center under “Settings” -> “Sync” (Figure 2):
When a tenant restriction blocks a file type, users are notified with a pop up from the Sync Client and in the “Sync Issues” list as shown in Figure 3:
Any Sync Client issues are highlighted in this list, so it’s good practice to make sure users know how to identify issues displayed in the client. The OneDrive Sync Health Dashboard covered previously enables administrators to see if users have persistent synchronization problems.
Tackling Common Issues
Anyone working with technology knows nothing is perfect – and the Sync Client is no exception. While OneDrive will do its best to resolve issues, sometimes manual steps need to be taken. The “Sync issues” area of the Sync Client is useful for tracking and resolving issues that occur with synchronization.
Here are some of the common issues to expect when using the Sync Client:
The file or folder already exists in OneDrive
When selectively syncing folders in the Sync Client, this error may occur when you choose not to sync a folder that is present in OneDrive already. To resolve this the folder can be removed from the local machine manually.
Files already exist in this folder
When configuring a OneDrive account for sync, if the local folder already exists and contains files (most likely due to a previous synchronization) this issue will occur. If you are unsure about the files present in this location, select the option to “Use a new location” to choose a new synchronization location. If you are satisfied the existing location is the right synchronization target, select the “Use this location” option.
We couldn’t merge changes in an Office file
When changes are made simultaneously to a file, the Office desktop apps are generally able to handle merging changes using the “Autosave” function. Autosave in the Office desktop apps triggers saving automatically every few seconds to keep files up to date and avoid conflicts. At times, when changes in sections of a document happen simultaneously, when a file is closed abruptly before autosaving completes or when changes are made offline that conflict with online changes, this error may occur.
To resolve this, there are two options as shown in Figure 4. The file can be opened to manually merge changes or to allow “Autosave” to finish complete synchronization. Alternatively, OneDrive can “keep both files” by appending the local computer name to the file name.
You now have two copies of the file “Filename.extension”
When a conflict occurs for non-Office files, the sync client automatically uploads the local file to OneDrive with the computer name as a suffix.
Sync Across Tenants
Many organizations who work closely together share documents using OneDrive across tenant boundaries. The OneDrive “Shared with me” page in the Office 365 portal keeps track of the files you have access to but isn’t the best experience for large sets of files. In these scenarios, it’s possible to add a site, Team or folder to your Sync Client using Azure AD B2B Guest Access. This is called B2B Sync.
For example, if you are added to a Team or SharePoint site as a guest user, you will see the “Sync” option at the top of the page. The external organization is then added to file explorer with its own directory structure containing all the libraries and folders you are syncing as shown in Figure 5:
To remove a tenant from sync, open the Sync Client settings and under the accounts section, remove the location by selecting “Stop sync” (Figure 6):
If syncing external locations is something you don’t want in your environment, it can be disabled by configuring the policy “Prevent users from syncing libraries shared from other organizations”, shown in Figure 7:
To Succeed, Help People Understand OneDrive
The modern OneDrive Sync Client can be a great tool that helps make life easier for users. However, the full functionality will never be actualized if people don’t know about it.
When deploying OneDrive to your organization, the technical configuration is only half the job. Any technical rollout – particularly for concepts that are new to users – should be supported by an appropriate training and communication plan.
This article detailed some of the important technical steps to consider when configuring OneDrive Sync in your organization. OneDrive can tick a lot of boxes for organizations, but it does require thought and planning into how it should and can be used.