The Issue
Let me guess – you are either here because you are an IT provider, or part of the IT department for a business, and that business has started moving, or is moving to Office 365 SharePoint. You have setup SharePoint sites, and you want One Drive to login automatically as the Azure user. Well, the process is simple, and we will run through the scenarios below.
The Fix
While doing this, bear in mind your environment. You could be Active Directory, Azure, or Hybrid. You could also have local redirected folders in place, which isn\’t a problem, but you will need to redirect these back to the local profile should you wish to backup the desktop and documents to the users local One Drive.
Intune – I would say this is the preferred method of connecting your users into One Drive on login, and if you are still using on-premise Active Directory, I suggest you go hybrid, and log them into Intune. This will give you direct access to the policies on Microsoft 365, which is of course where your data sits.
Group Policy – aaa
RMM –
Powershell – aaa
Conslusion
‘,’One Drive Automation – Auto Sign In To One Drive via Intune \\ GPO \\ RMM \\ Powershell’,’ One Drive ‘,’publish’,’open’,’open’,”,’one-drive-automation-auto-sign-in-to-one-drive-via-gpo-rmm-powershell’,”,”,’2022-04-04 14:06:13′,’2022-04-04 14:06:13′,”,0,’https://project-iot.co.uk/?p=2427′,0,’post’,”,0),(2429,2,’2021-05-09 13:17:18′,’2021-05-09 13:17:18′,’As a reader of this post, it is highly likely that you know what Active Directory and Azure Active Directory both are. And it is also highly likely that you still require an on-premise domain controller for one or many reasons. Most of the time, this is due to security requirements, and not being able to go fully cloud. Other reasons could be that applications are still in place that are either required to be on-premise, or too expensive to run online.\r\n\r\nIn these scenarios however, we often find that there is a huge advantage of having both on-premise management and cloud, especially with the escalation of remote working in the modern era. This is where a hybrid configuration can be advantageous and provide many more options for device and user management.\r\n
What is Hybrid Active Directory?
\r\nHybrid Active Directory is a simple concept where your devices will appear in both on-premise Active Directory, and Azure Active Directory. This provides a benefit of management using Group Policy and Intune, as well as devices now being able to be controlled using services such as Conditional Access.\r\n
Considerations
\r\nWhilst rolling out a Hybrid join, I recommend to air on the side of precaution. Now, nothing particularly bad can happen as such, however I always recommend testing on a few lab devices first before pushing out into production. You can then also use these lab devices to test policies into the future. Using virtual machines for this is absolutely fine, and will avoid purchasing new devices.\r\n\r\nBe aware of 2 factor authentication platforms such as www.duo.com which may restrict your connection to Azure in this process.\r\n\r\n
\r\n
Environment
\r\nSo as to know what we are all on the same page here, this is what you should have in your current environment in order to start the move to a hybrid model:\r\n
- \r\n
- A Windows 2016 or above Domain Controller. \r\n
- The domain synced with Office 365 using AD Connect. \r\n
- Your Office 365 usernames should match your suffixes on-premise, using ldfix (you probably did this already). \r\n
\r\nYou test machine should be on the domain, and Windows 10 or above.\r\n\r\n \r\n\r\n
Add comment