I'm trying to create the Silent KFM option with OneDrive using Mac Configuration Profiles (this is my first Jamf instance, so I may just be missing something simple here).
When I deploy the configuration profile there doesn't seem to be any changes made to the App itself.
Using separate profiles, I was able to give full disk access and put OneDrive into the Insider Ring successfully.
Only when trying to do any kind of KFM option (silent or otherwise) I can't see anything change (for example, if I open the OneDrive app to configure backup manually, nothing is selected). It also won't block people syncing their personal OneDrives (which when I added my own personal one, it broke my Company Portal Registration, easily fixed, but it's an issue that repeats at least on the device I'm testing with).
There are some differences that I've noticed myself with people who have been successful. Most people reference a company specific plist file but mine is generic com.microsoft.onedrive and I'm also testing on an Apple Silicon Mac.
Grabbing the key value pairs from here: https://learn.microsoft.com/en-us/sharepoint/redirect-known-folders-macos
My plist file looks like this:
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>PayloadContent</key> <array> <dict> <key>KFMSilentOptIn</key> <string>TenantID</string> <key>KFMBlockOptOut</key> <true/> <key>DisablePersonalSync</key> <true/> <key>FilesOnDemandEnabled</key> <true/> <key>OpenAtLogin</key> <true/> <key>BlockExternalSync</key> <true/> <key>DisableTutorial</key> <true/> </dict> </array> </dict> </plist>
This is also my first real experience trying something like this. There's no penultimate pressure to get it done, but I am very curious as to what possible things I could be looking at here to try and get it working.
Hey, thank you for the suggestion! Took me a hot minute to figure out the way Json's work with Jamf there, really nice functionality actually.
However, it still didn't work despite pushing properly. The main thing I want really is to automatically sync the desktop and documents folders and not allow people to undo/change it, but it seems very difficult to do at this stage every method results in a similar thing