Onedrive

k84
New Contributor III

Hi,

This has probably been asked before but I thought of asking.

In my environment we have OneDrive which is on the end users machine but hardly used in 85% of the time.
So we need to know if there is a way for it create a OneDrive folder to get it configured per user logged in and then re-diret the desktop, documents & possibly any other folders to OneDrive.

If anyone has any good working practices it would be highly appreciated.

20 REPLIES 20

blackholemac
Valued Contributor III

I’m with you on this one to some degree. Our users are supposed to save to OneDrive by default regardless of platform.

We’ve went the traditional route such as user training, symbolic links, adding to sidebar, etc, but compliance is lacking.

It’s all made worse by some software writing to hard-coded locations in the home folder. Folder re-direction is not encouraged any more by Apple so it’s made all the more difficult.

At best this is a “me-too” post with an idea...seek out @pbowden on Macadmins Slack. https://macadmins.software/slack.html

The OneDrive for Mac Program Manager on the slack channel is @joeleung

The Microsoft Mac guys are VERY responsive to the community and are easily reachable through Slack.

Feel free to post any relevant findings here if possible.

mark_mahabir
Valued Contributor

Automating something like this is on my to-do list.

triding
New Contributor III

If you have an Office 365 subscription in your environment then you can do a folder redirection. But it's not easy! As memory serves you need to get the Azure Tennant ID of your organisation, then you can enter that along with where you want the OneDrive folder to redirect to - ~/Desktop - for example, in the preference keys for One Drive. I did it with a config profile.

Getting the users to actually use that folder though, I agree, that's the tricky part! But we found it was easier with the OneDrive folder on their Desktop, most of them actually used it then.

tnielsen
Valued Contributor

@triding You were able to redirect the desktop folder?

KyleEricson
Valued Contributor

I have a script that does all of this via Self Service.

Hire me as a independent contractor.

k84
New Contributor III

@kericson any possibility of sharing that script

Scotty
Contributor

It might be worth mentioning that when you redirect the desktop, documents, ect to any cloud storage solution a lot of users will not realize/understand that the data is being synced up to a cloud storage solution. We have several departments that various forms of confidential information that we are under contract to not store in a cloud solution. So we don't redirect folders, this ensure the users need to specifically put data there, in theory this will make them think before doing it. just a thought.

jhuls
Contributor III

My stance is that if Apple doesn't support redirection of these folders, don't do it and I've had personal experience with it. I've done some things like this on personal machines and have ran into problems in the past when upgrading the OS and wiped out the links and created new folders. In those cases they had been redirected to an external drive.

I can deal with it when on my own system but there's no way I'm going to deal with this sort of potential problem on our campus systems that include VP's. Good luck!

bvrooman
Valued Contributor

As recently as last week, we were advised by Apple enterprise support to not use symlinks to relocate ~/Desktop, ~/Documents, etc. To quote their engineer, "the operating system or bundled applications may not follow them correctly" in current/future versions of macOS.

The only "supported" option is to change the user record to define a path within a synchronized folder to be the user's Home, but since most similar apps pick somewhere inside the Home folder to put their data, that becomes a bit of a paradox.

talex365
New Contributor II

Was apple specific about what isn't going to follow symlinks correctly? I personally am not terribly concerned about the links being wiped out by an upgrade as the data is still stored locally on the device with OneDrive, you can always just recreate the links (even automatically), but I would be very interested in any known problems people have run into with an approach like this.

If anyone is interested in my script, it's located here

https://github.com/jonoregon360/redirectProfileOneDrivemacOS

KyleEricson
Valued Contributor

@k84 Here is my script I have used it over a year now and also done macOS upgrades without any issues. Apple doesn't support it just like anything since they didn't create they don't support. Is there a risk with this breaking in feature macOS yes like anything it's a script and not an Apple created solution. Here is the script. This is what it does: It removes the old version of OneDrive and installs the newest version from a JAMF policy. It will look in the existing users home folder and rename folders to not conflict with any that are already in OneDrive.

#!/bin/bash
#Created by Kyle Ericson
#Version 2.0
#For new and Existing OneDrive setups

#Get the current user
currentUser=$(python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
");')

#OneDrive Location
oneDriveDirectory="/Users/$currentUser/OneDrive - Replace with your company name"

#Remove OneDrive
sudo killall OneDrive| sudo rm -R '/Applications/OneDrive.app/'
echo "Removing OneDrive from Applications"

#Install OneDrive
/usr/local/bin/jamf policy -event install-onedrive

if [[ ! -d $oneDriveDirectory ]]
then
    echo "Folder not found. You need to setup OneDrive first, then run again"
    exit 1
fi

echo "OneDrive Setup Script Starting" 
cd "$oneDriveDirectory/"

echo "Renaming folders in existing OneDrive to name -old"
mv Desktop Desktop-old
mv Documents Documents-old 
mv Downloads Downloads-old
mv Movies Movies-old
mv Music Music-old
mv Pictures Pictures-old


echo "Move User home folders"
for dir_to_link1 in Desktop Documents Downloads Movies Pictures Music
do
sudo mv -f "/Users/$currentUser/$dir_to_link1" "$oneDriveDirectory" 
done

echo "Create the symbolic links"
for dir_to_link2 in Desktop Documents Downloads Movies Pictures Music
do
sudo ln -s "$oneDriveDirectory/$dir_to_link2" "/Users/$currentUser/$dir_to_link2"
done

echo "Copy old OneDrive content to OneDrive"
sudo Ditto "$oneDriveDirectory/Desktop-old" "$oneDriveDirectory/Desktop" 
sudo Ditto "$oneDriveDirectory/Documents-old" "$oneDriveDirectory/Documents"  
sudo Ditto "$oneDriveDirectory/Downloads-old" "$oneDriveDirectory/Downloads" 
sudo Ditto "$oneDriveDirectory/Movies-old" "$oneDriveDirectory/Movies" 
sudo Ditto "$oneDriveDirectory/Music-old" "$oneDriveDirectory/Music" 
sudo Ditto "$oneDriveDirectory/Pictures-old" "$oneDriveDirectory/Pictures"

echo "Remove old folders"
for dir_to_link5 in Desktop-old Documents-old Downloads-old Movies-old Pictures-old Music-old
do
sudo rm -rf "$oneDriveDirectory/$dir_to_link5" 
done

echo "OneDrive Setup Script has finished"
su $currentUser -c "open /Applications/OneDrive.app" 
exit 0
Hire me as a independent contractor.

thebrucecarter
Contributor II

What mechanism does Apple use to redirect Desktop and Documents to iCloud when that option is chosen? I suppose it is embedded right in macOS somewhere...

KyleEricson
Valued Contributor

@bcarter5876 Agreed Apple is doing the same thing just with their cloud service with some built-in "Apple Black Magic"

Hire me as a independent contractor.

bvrooman
Valued Contributor

For iCloud, Apple is likely just telling a local binary to sync the actual ~/Desktop and ~/Documents folders, rather than moving that directory structure to an otherwise-synchronized location and putting links in the Home folder. It's their software, and they can make it work however they like. Similarly, Microsoft made a choice to not include folder redirection in their Mac client.

I have also gotten OneDrive to work fine by moving folders and replacing them with symlinks myself, and nothing caught fire immediately. Will I use that setup for myself? Maybe. I know how to troubleshoot any issues with apps that don't understand the symlinks, and I know how to put it all back if the whole thing explodes in an OS upgrade. Am I going to put that configuration in front of non-technical senior leadership and just hope they don't run into issues? Not likely, even before Apple said "hey, maybe don't do that."

KyleEricson
Valued Contributor

I have deployed my script to over 50 Macs with no issues. Not worried about it.

Hire me as a independent contractor.

talex365
New Contributor II

We have a large and robust IT staff that can assist with issues like broken symlinks and the like, and we've had some high profile data losses on recent laptops where the user was not exercising proper use of OneDrive. Given Apple's recent decisions regarding T2 chips (and the lack of a recovery port) I think the security of having that automated backup to something other than iCloud outweighs my concerns that Apple may break something later on.

ajfunk
Contributor

@kericson - thank you for providing your script to us. i've been testing it on a few lab Macs at my organization and it looks like i'm encountering an error when renaming the Pictures folder:

mv: rename /Users/[user]/Pictures to /Users/[user]/OneDrive - Company/Pictures: Operation not permitted

The only thing i've found to fix this is to allow Terminal to have full disk access through System Preferences > Security & Privacy, but there's no way (that I know of) to push that setting out during the migration and revoke it after migration.

Have you experienced this in your environment? (i'm testing on Mojave Macs)

KyleEricson
Valued Contributor

You can do a PPPC policy for that and it should work. JAMFPPPC

Hire me as a independent contractor.

ajfunk
Contributor

That worked!

summoner2100
Contributor

At the risk of necroing a thread from the dead.....

Been testing this script for onedrive redirection in Jamf. Been working well, but have noticed a weird discrepancy. If you sign in with icloud, and have icloud drive (except with icloud drive redirect turned off). When you reboot or logout, the symlinks disappear, and it goes back to a local folder in /Users... thoughts? comments?

Edit: Actually discovered what it was. If you have this script run and then sign in with icloud. If icloud drive is enabled (even if you're not using it's folder re-direct) logging out, and restarting, cause the symlinks to be removed on the local side (onedrive folders still there). So to keep this going, disable icloud drive if using onedrive sync with this script.