I've been working on the OneDrive deployment some time ago, but it wasn't something we want to use at that time.
Things changed and now we want to look into deploying OneDrive and a nice config to a set of test machines.
Deployed the standalone version to a machine from here.
Pushed our desired config to the machine and nothing happens...
updated our plist to a very simple one:
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>OpenAtLogin</key> <True/> </dict> </plist>
Still the app won't open at login.
Does it require a user to initially sign-in first or missing something else??
The key you've mentioned is correct for starting onedrive at log in. From my experience yes a user needs to have signed in at least once for it to put the icon in the menu bar. Just want to confirm as well, which preference domain have you specified? Should be com.microsoft.OneDrive for Standalone or com.microsoft.OneDrive-mac for Mac App Store variant.
This is essentially what our PLIST looks like with preference domain com.microsoft.OneDrive :
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>DisableHydrationToast</key> <false/> <key>DisablePersonalSync</key> <true/> <key>DisableTutorial</key> <true/> <key>DownloadBandwidthLimited</key> <integer>50000</integer> <key>EnableAllOcsiClients</key> <true/> <key>FilesOnDemandEnabled</key> <true/> <key>HideDockIcon</key> <false/> <key>OpenAtLogin</key> <true/> </dict> </plist>
Glad to hear this is working for you.
Possibly the Microsoft Company portal with SSO plug in might give you more like the experience you are expecting/hoping for (assuming Azure AD Authentication)? It is in preview at the moment and has a few caveats. More information here:
Microsoft Enterprise SSO plug-in for Apple devices - Microsoft Entra | Microsoft Docs
Thanks for that information AntMac.
When reading the articles (only read the first part ;) ) it seems like it only works if the machine is enrolled into Intune.
We solely use Jamf for our macbooks. Intune is only configured for our Windows systems.
Dual management (Jamf and Intune) on one computer sounds far from ideal
My understanding is you can still use the SSO functionality without requiring intune registration using Single Sign on Extension payload set at user level and deployed from JAMF Pro. Would still need to have company portal installed to parse the SSO per Microsoft preview requirements. Just company portal does not auto install if not intune managed or co-managed. Payload information here: ExtensibleSingleSignOn | Apple Developer Documentation
More than happy to be corrected if I'm wrong on the above. We have not implemented this one ourselves but is something on the "to it" list.
Intune joint registration with JAMF Pro as MDM is pretty common for companies that want/need to use conditional access.