Deploy OneDrive apps using Microsoft Endpoint Configuration Manager
Article
You can use Microsoft Endpoint Configuration Manager to deploy the new OneDrive sync app (OneDrive.exe), and the mobile apps for iOS and Android. Before you begin deploying, make sure you have reviewed the planning information and deployment options in the Plan file sync for SharePoint and OneDrive in Microsoft 365.
Deploy the OneDrive sync app for Windows
The OneDrive sync app (OneDrive.exe) can be installed on Windows 7 and later. It can also be installed on macOS. For info about deploying the OneDrive sync app on macOS, see Configure the new OneDrive sync app on macOS.
The new OneDrive sync app can be used with SharePoint Server 2019, but not earlier versions of SharePoint Server. For more information about the restrictions and limitations of the OneDrive sync app, see Invalid file names and file types in OneDrive and SharePoint.
The OneDrive sync app uses Windows Push Notification Services (WNS) for optimum performance and battery life. Make sure you allow access from your network to the endpoints that OneDrive uses. To see all our recommendations for configuring the sync app, see Recommended sync app configuration.
Check if users already have the OneDrive sync app
If the computers in your organization are running Windows 10, they already have the new sync app installed. If the computers have Office 2016 or Office 2013 (Home & Student, Home & Business, Professional, Personal, Home, or University) installed, they might also have the new sync app.
Deploy any administrative settings
To set registry keys on computers in your domain, install OneDrive and copy the OneDrive.admx and OneDrive.adml files from %localappdata%\Microsoft\OneDrive\BuildNumber\adm\ to your Group Policy central store. For more info, see Use OneDrive policies to control OneDrive sync app settings.
Use Microsoft Endpoint Configuration Manager to deploy the OneDrive sync app
In Configuration Manager, select Create Device Collection, and follow the steps in the Create Device Collection wizard.
The script installer deployment type already has a detection method script and will correctly assess the installation. Also, there is an uninstall switch, which means that you can easily remove the OneDrive sync app, if necessary.
Copy the installer to a folder in the Configuration Manager source content share.
In Configuration Manager, select the Software Library workspace. Under Application Management, right-click Applications, and then select Import Application.
Select the sample package.
On the bottom of Configuration Manager, select the Deployment Types tab, right-click the deployment, and to update the Content location, edit the properties.
Right-click the package, select Deploy, and follow the steps in the Deploy Software Wizard.
If you don't use the sample package, run the following command using Microsoft Endpoint Configuration Manager:
(where pathToExecutable is a location on the local computer or an accessible network share).
Note
This command must be run at user logon and using Administrator permissions. It must be run for each user on a machine. For an example of how to deploy an .exe on every user account, see How to deploy the OneDrive sync app with Configuration Manager.
If you run the command with no command-line parameter, users will see the installation status. After installation, OneDriveSetup.exe will automatically execute OneDrive.exe and display OneDrive Setup to users. If you run the command with the /silent parameter, OneDrive.exe will be installed transparently and OneDrive Setup won't appear. You'll need to run OneDrive.exe with an additional command. If you want to control the launch of OneDrive across your organization, we recommend using the /silent parameter.
Deploy the RMS client to enable syncing IRM-protected files
The new OneDrive sync app for Windows now supports syncing IRM-protected SharePoint document libraries and OneDrive locations. To create a seamless IRM sync experience for your users, deploy to your users' computers the latest Rights Management Service (RMS) client from the Microsoft Download Center. Even if these computers have the Azure Information Protection client installed, which includes the RMS client, the OneDrive sync app still needs a separate installation of the RMS client from the Microsoft Download Center.
To silently install the RMS client on computers, use the /qn switch as part of the command-line options of the Microsoft Windows Installer Tool (Msiexec.exe). For example, the following command shows the silent mode installation (assuming the RMS Client installer package is already downloaded to C:\Downloads).
msiexec /qn c:\downloads\setup.msi
You can have the setup file on a network share and use managed software deployment to run the msiexec command.
Note
The sync app does not support IRM policies that expire document access rights.
Use the following URL to start OneDrive Setup on users' computers. When users select to begin Setup, a sign-in window appears for users can enter email address.
odopen://launch
Use the following URL with each user's email address to start Setup and prepopulate user email addresses in the sign-in window.
Run the following command using Configuration Manager script:
%localappdata%\Microsoft\OneDrive\OneDrive.exe
It starts the OneDrive process. If users haven't set up any accounts, it displays OneDrive Setup. To display OneDrive Setup specifically to users who haven't set up an account for your organization, use the command-line parameter:
/configure_business:<tenantId>
Note
When you use Microsoft Endpoint Configuration Manager, make sure you run OneDrive.exe with User permissions (not as an Administrator). For help finding your tenant ID, see Find your Microsoft 365 tenant ID.
Autoconfigure SharePoint site synchronization
If you want to autoconfigure a SharePoint site to be synced, you can use the URL below as a guide to build the path to the SharePoint site you want to sync automatically. You can also use a policy to sync sites automatically. For info, see Configure team site libraries to sync automatically.
<siteId> is the SharePoint site siteId GUID, enclosed in curly brackets. You can get this GUID visiting https://<TenantName>.sharepoint.com/sites/<SiteName>/_api/site/id.
<webId> is the SharePoint site webId GUID, enclosed in curly brackets. You can get this GUID visiting https://<TenantName>.sharepoint.com/sites/<SiteName>/_api/web/id.
<webUrl> is the SharePoint site URL. You can get this URL visiting https://<TenantName>.sharepoint.com/sites/<SiteName>/_api/web/url.
<listId> is the SharePoint site documents library GUID, enclosed in curly brackets. You can get this GUID visiting the document library in the browser, select in the gear icon and choosing "Library Settings". The URL shows the listId GUID at the end of URL, i.e. https://<tenant>.sharepoint.com/sites/<SiteName>/_layouts/15/listedit.aspx?List=%7Bxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx%7D (a GUID with escaped curly brackets).
<userEmail> is the OneDrive's user email address used to sign in into OneDrive.
<webTitle> and <listTitle> are used to compose the name of the local folder where the OneDrive content is synchronized. By default, when you use the "Sync" button when in the browser to synchronize a document library, OneDrive uses the SharePoint site name and the document library name to compose the local folder name, in the form of %userprofile%\<TenantName>\<SiteName> - <DocumentLibraryName>. You could use any other values if you prefer to. If you don't use these parameters, the local folder is named "<TenantName> - Documents", despite of site and library names.
For example, if you want to synchronize https://contoso.sharepoint.com/sites/SalesTeam-01/ProjectX, where "ProjectX" is the documents library to synchronize, to "%userprofile%\Contoso\Sales - Unicorn" folder, you need the following parameters to compose the odopen:// URL:
You will need Client Side Object Model (CSOM) knowledge if you want to automate querying the team site to determine the appropriate siteId, webId, and listId to build the appropriate URL.
Deploy the OneDrive app on mobile devices running iOS or Android
You can use Microsoft Endpoint Configuration Manager to deploy apps to mobile devices. Before you do, however, you need to complete a few prerequisite steps because integration with Intune is required to manage mobile devices in Configuration Manager. For information about managing mobile devices with Configuration Manager and Intune, see Manage Mobile Devices with Configuration Manager and Microsoft Intune.
Deploy the OneDrive app for iOS
In Configuration Manager, on the Home ribbon, select Create Application.
In the Type box, select App Package for iOS from App Store.
Plan and execute an endpoint deployment strategy, using essential elements of modern management, co-management approaches, and Microsoft Intune integration.