Windows Known folders are Desktop, Documents, and Pictures these are created by default for each user. Re-directing these folders to Onedrive provides two advantages:
- When you move/re-direct Windows Known folders to OneDrive, the data stored in those folders is automatically backed up.
- There is no change in the way users are working on these folders.
Table of Contents
Intune Policies for Moving Known Folders to OneDrive
To Configure Known Folders Move to OneDrive using Intune, Configure below three settings:
- Prompt users to move Windows known folders to OneDrive – Use this setting to give users a prompt to move their Windows known folders.
- Silently move Windows-known folders to OneDrive – This will re-direct / move known folders without any user Interaction. If moving the known folders silently does not succeed, users will be prompted to fix the issue and continue. This prompt occurs due to the setting: “Prompt users to move Windows known folders to OneDrive.”
- Prevent users from redirecting their Windows known folders to their PC –
This setting forces users to keep their Documents, Pictures, and Desktop folders re-directed to OneDrive.
Steps for Moving Windows Known Folders to OneDrive Using Intune
- Login on Microsoft Intune admin center
- Click on Devices
- Click on Configuration Profiles
- Click on +Create Profile
- Select Platform: Windows 10 and later
- Profile type: Settings Catalog
- Click Create
- Name: Onedrive KFM Policy
- Description: Provide a useful description.
- Click on + Add settings and Find OneDrive category.
- Locate the following Three Policies and Enable them Using the Toggle Switch.
- Prompt users to move Windows known folders to OneDrive.
- Silently move Windows known folders to OneDrive.
- Prevent users from redirecting their Windows known folders to their PC.
To configure these policies, you’ll need your Tenant ID. To obtain your Tenant ID, go to the Entra ID admin center > Identity > Overview.Tenant ID
Click on Add group to add an Azure AD group containing users or devices. You can also click on Add all users or Add all devices.
Review + Create
Review the deployment and click on Create to start the deployment process.
Now, let’s inspect one of the user devices to verify if our device configuration profile has been successfully applied.
1. Where is the Tenant ID stored in the Registry for OneDrive?
The Tenant ID is stored in the Windows Registry at HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\OneDrive, specifically within the KFMOptInWithWizard registry entry.
2. Other Recommended OneDrive Policies
- Silently sign in users to the OneDrive sync app with their Windows credentials. – If you enable this setting, users who are signed in on a PC that’s joined to Microsoft Entra ID can set up One drive sync app without entering their account credentials
- Use OneDrive Files On-Demand – Enabling this setting doesn’t download all the content stored on your OneDrive online to your device. Instead, it creates a file and folder structure. When you attempt to open a file, it will be downloaded on demand.
3. Full List of OneDrive Policies available in Intune Settings Catalog
At the time of writing this blog post, there are approximately 40 settings in the OneDrive folder of the Settings Catalog within the Intune Device Configuration Profile. For more detailed information about each policy, you can refer to the Microsoft documentation.
- Allow OneDrive to disable Windows permission inheritance in folders synced read-only
- Allow syncing OneDrive accounts for only specific organizations
- Allow users to choose how to handle Office file sync conflicts (User)
- Always use the user’s Windows display language when provisioning known folders in OneDrive
- Always use the user’s Windows display language when provisioning known folders in OneDrive (User)
- Block file downloads when users are low on disk space
- Block syncing OneDrive accounts for specific organizations
- Cause sync client to ignore normal web proxy detection logic
- Coauthor and share in Office desktop apps (User)
- Configure team site libraries to sync automatically
- Configure team site libraries to sync automatically (User)
- Continue syncing on metered networks (User)
- Continue syncing when devices have battery saver mode turned on (User)
- Convert synced team site files to online-only files
- Disable the tutorial that appears at the end of OneDrive Setup (User)
- Enable automatic upload bandwidth management for OneDrive
- Exclude specific kinds of files from being uploaded
- Hide the “Deleted files are removed everywhere” reminder
- Limit the sync app download speed to a fixed rate (User)
- Limit the sync app upload rate to a percentage of throughput
- Limit the sync app upload speed to a fixed rate (User)
- Prevent the sync app from generating network traffic until users sign in
- Prevent users from changing the location of their OneDrive folder (User)
- Prevent users from moving their Windows known folders to OneDrive
- Prevent users from redirecting their Windows known folders to their PC
- Prevent users from syncing libraries and folders shared from other organizations
- Prevent users from syncing personal OneDrive accounts (User)
- Prompt users to move Windows known folders to OneDrive
- Prompt users when they delete multiple OneDrive files on their local computer
- Require users to confirm large delete operations
- Set the default location for the OneDrive folder (User)
- Set the maximum size of a user’s OneDrive that can download automatically
- Set the sync app update ring
- Silently move Windows known folders to OneDrive
- Silently sign in users to the OneDrive sync app with their Windows credentials
- Specify SharePoint Server URL and organization name
- Specify the OneDrive location in a hybrid environment
- Sync Admin Reports
- Use OneDrive Files On-Demand
- Warn users who are low on disk space