Skip to main content
Question

OneDrive config

  • September 13, 2022
  • 6 replies
  • 46 views
D
Forum|alt.badge.img+7

Hi all,

I've been working on the OneDrive deployment some time ago, but it wasn't something we want to use at that time.
Things changed and now we want to look into deploying OneDrive and a nice config to a set of test machines.

Deployed the standalone version to a machine from here.
https://support.microsoft.com/en-us/office/onedrive-release-notes-845dcf18-f921-435e-bf28-4e24b95e5fc0#OSVersion=Mac

Pushed our desired config to the machine and nothing happens...

 

updated our plist to a very simple one:

<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>OpenAtLogin</key> <True/> </dict> </plist>

Still the app won't open at login.

Does it require a user to initially sign-in first or missing something else??

Thanks!

    6 replies

    AntMac
    Forum|alt.badge.img+10
    • AntMac
    • Valued Contributor
    • 83 replies
    • September 14, 2022

    Hi 
    The key you've mentioned is correct for starting onedrive at log in. From my experience yes a user needs to have signed in at least once for it to put the icon in the menu bar.  Just want to confirm as well, which preference domain have you specified? Should be com.microsoft.OneDrive for Standalone or com.microsoft.OneDrive-mac  for Mac App Store variant. 

     

    This is essentially what our PLIST looks like with preference domain com.microsoft.OneDrive :

    <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>DisableHydrationToast</key>
    <false/>
    <key>DisablePersonalSync</key>
    <true/>
    <key>DisableTutorial</key>
    <true/>
    <key>DownloadBandwidthLimited</key>
    <integer>50000</integer>
    <key>EnableAllOcsiClients</key>
    <true/>
    <key>FilesOnDemandEnabled</key>
    <true/>
    <key>HideDockIcon</key>
    <false/>
    <key>OpenAtLogin</key>
    <true/>
  </dict>
</plist>

     

    D
    Forum|alt.badge.img+7
    • DennisMX
    • Author
    • Contributor
    • 69 replies
    • September 14, 2022

    I worked on it yesterday.
    You do need to open and sign-in once (we use Jamf Connect) so hoped it would pickup those credentials..
    Then it basically works.

    AntMac
    Forum|alt.badge.img+10
    • AntMac
    • Valued Contributor
    • 83 replies
    • September 14, 2022

    I worked on it yesterday.
    You do need to open and sign-in once (we use Jamf Connect) so hoped it would pickup those credentials..
    Then it basically works.


    Glad to hear this is working for you. 
    Possibly the Microsoft Company portal with SSO plug in might give you more like the experience you are expecting/hoping for (assuming Azure AD Authentication)? It is in preview at the moment and has a few caveats. More information here:
    Microsoft Enterprise SSO plug-in for Apple devices - Microsoft Entra | Microsoft Docs

    Microsoft Enterprise SSO plug-in in Microsoft Intune | Microsoft Docs

    D
    Forum|alt.badge.img+7
    • DennisMX
    • Author
    • Contributor
    • 69 replies
    • September 21, 2022

    Glad to hear this is working for you. 
    Possibly the Microsoft Company portal with SSO plug in might give you more like the experience you are expecting/hoping for (assuming Azure AD Authentication)? It is in preview at the moment and has a few caveats. More information here:
    Microsoft Enterprise SSO plug-in for Apple devices - Microsoft Entra | Microsoft Docs

    Microsoft Enterprise SSO plug-in in Microsoft Intune | Microsoft Docs


    Thanks for that information AntMac.
    When reading the articles (only read the first part ;) ) it seems like it only works if the machine is enrolled into Intune.

    We solely use Jamf for our macbooks. Intune is only configured for our Windows systems.
    Dual management (Jamf and Intune) on one computer sounds far from ideal

    D
    Forum|alt.badge.img+7
    • DennisMX
    • Author
    • Contributor
    • 69 replies
    • September 21, 2022

    Thanks for that information AntMac.
    When reading the articles (only read the first part ;) ) it seems like it only works if the machine is enrolled into Intune.

    We solely use Jamf for our macbooks. Intune is only configured for our Windows systems.
    Dual management (Jamf and Intune) on one computer sounds far from ideal


    maybe i'm wrong
    https://learn.microsoft.com/en-us/azure/active-directory/develop/apple-sso-plugin#manual-configuration-for-other-mdm-services

    AntMac
    Forum|alt.badge.img+10
    • AntMac
    • Valued Contributor
    • 83 replies
    • September 21, 2022

    My understanding is you can still use the SSO functionality without requiring intune registration using Single Sign on Extension payload set at user level and deployed from JAMF Pro. Would still need to have company portal installed to parse the SSO per Microsoft preview requirements. Just company portal does not auto install if not intune managed or co-managed.  Payload information here: ExtensibleSingleSignOn | Apple Developer Documentation

    More than happy to be corrected if I'm wrong on the above. We have not implemented this one ourselves but is something on the "to it" list. 

    Intune joint registration with JAMF Pro as MDM is pretty common for companies that want/need to use conditional access.   


    Terms & ConditionsCookie settingsAccessibility statement