Call4Cloud | MMP-C | Autopilot | Device Preparation

Once Upon a Time in the Automount of OneDrive Team Sites

Patch My Pc | install & update thousands of apps

In this blog, we’ll explore how to ensure your Team Sites are synced automatically to all your devices and will show up in your OneDrive. While Microsoft offers a solution, it can take up to 8 hours. Today, I’ll show you how to speed up this process significantly.

1. Configure Team Site libraries to sync automatically

For anyone who wants to sync the team site libraries automatically, you can easily configure it in Intune.  You can search for “configure team site” in the administrative templates.

Please Note: It’s not the best practice to sync all those sites to your device; the OneDrive app has its limits even when using the x64 version.

OneDrive 64 Bits and the 300.000 files sync issue (call4cloud.nl)

configure team site libraries to sync automatically with the onedrive client

Looking at the picture above, you only need to have the Sharepoint Site ID. In the past, you could simply click on sync in SharePoint and press “Copy Library ID”

in the past we could simply click on sync in SharePoint and press "Copy Library ID"

But that prompt could not be shown! If that’s the case, we need to create it manually. You could do so by pressing F12 to open the developer pane, clicking on the Network tab, and clicking the clear button to clear previous requests.

Now we have everything in place, press the sync button

We need to add the above settings to this line of text (except the tenant ID, but I hope you know how to find that one!).

tenantId=[TENANTID]&siteId=[SITEID]&webId=[WEBID]&listId=[LISTID]&webUrl=[WEBURL]

Here is an example:

tenantId=02ad5f9c-3696-477b-8cb3-9ba4e0a9ac9c&siteId={87a9f4b2-757b-4663-b19e-d58398f0f1e4}&webId={d1135130-a5e3-41d2-a8f1-a547508eaf04}&listId={265BA069-9F1C-4065-83AC-B7C7A0CE4C28}&webUrl=https://wvdcloud901026.sharepoint.com/sites/Office%5FTemplates&version=1

configuring the office_templates team site to be automatically synced with Onedrive

2. The Eight-hour delay

Okay, that’s not my cup of tea. Users should be able to decide which team sites are important to them. Also, it’s very user-friendly to set up.  

Back to the issue at hand, when you configure the sync through Intune, the whole process could take up to 8 hours. While users often need access to a file or folder within minutes, this is an unacceptable timeframe for most businesses. 

the microsoft documentation mentions that the team sites will be automatically synced within an eight-hour window

https://docs.microsoft.com/en-us/onedrive/use-group-policy#AutoMountTeamSites

Now there’s an easy way to make your ever-loving customers very happy: They’ll have access to their files and folders in Explorer within minutes! 

3. The TimerAutoMount

All we have to do is change the following “Timerautomount” registry key through PowerShell and nothing more!

HKCU\Software\Microsoft\OneDrive\Accounts\Business1

coniguring the timerautomount registry key that speeds up the sync

Option 1: Using Reg.exe in the User Context

You can push a PowerShell script in Intune to make sure this registry key is changed.  But this will only change the key one time!. After a successful Onedrive startup and checking for sites to mount this key will be reset. So you will need to make sure the timerautomount will be changed on each login

PowerShell Script Content: 

reg add "HKCU\Software\Microsoft\OneDrive\Accounts\Business1" /v Timerautomount /t REG_QWORD /d 1 /f 

Please Note: A way better option would be to simply create a scheduled task to make sure this setting is configured on each login. But let’s take a look at some other options!

Option 2:  ProActive Remediations User Context

You could use Proactive remediations in the user context to change those settings.

You will need to run this script using the logged-on credentials because it needs to be deployed in the HKCU, so running it in the system context is not going to do what we want.

Detection Script



$Path = "HKCU:\SOFTWARE\Microsoft\OneDrive\Accounts\Business1"
$Name = "Timerautomount"
$Type = "QWORD"
$Value = 1

Try {
    $Registry = Get-ItemProperty -Path $Path -Name $Name -ErrorAction Stop | Select-Object -ExpandProperty $Name
    If ($Registry -eq $Value){
        Write-Output "Timer Automount Set to zero"
        Exit 0
    } 
    Write-Warning "Timer Automount Not configured to zero"
    Exit 1
} 
Catch {
    Write-Warning "Another Issue Occured"
    Exit 1
}

Remediation Script

$Path = "HKCU:\SOFTWARE\Microsoft\OneDrive\Accounts\Business1"
$Name = "Timerautomount"
$Type = "QWORD"
$Value = 1

Set-ItemProperty -Path $Path -Name $Name -Type $Type -Value $Value 

Option 3: Proactive Remediations System Context

If like me, you’re blocking PowerShell for your regular users… Here’s a quick and easy way to push HKCU changes in the registry while blocking PowerShell. Isn’t that nice

https://call4cloud.nl/2020/03/how-to-deploy-hkcu-changes-while-blocking-powershell

This option above is way better because it will ensure that the “Timerautomount” is reset each hour and can even run in the system context!

Conclusion 

Many users value having easy access to files and folders through Explorer. Microsoft’s solution simply takes an unacceptable amount of time for most businesses. If, like me, you don’t want to wait 8 hours before having access to your files in Explorer, simply look at the abovementioned options and decide what best fits your business. 

13 thoughts on “Once Upon a Time in the Automount of OneDrive Team Sites

    1. Hi,

      When the timerautomount is processed once, it will be deleted. But why not creating a script like this? To make sure it is set to 0 at each logon

      $content = @’
      Windows Registry Editor Version 5.00
      [HKEY_CURRENT_USER\Software\Microsoft\OneDrive]
      “SilentBusinessConfigCompleted”=”0”
      “EnableAdal”=dword:00000001
      “EnableTeamTier_Internal”=dword:00000001
      [HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Business1]
      “EnableADALForSilentBusinessConfig”=dword:00000001
      “TimerAutoMount”=hex(b):01,00,00,00,00,00,00,00
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Identity]
      “EnableAdal”=dword:00000001
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Licensing]
      “EulasSetAccepted”=”16.0,”
      ‘@

      # create custom folder and write PS script
      $path = $(Join-Path $env:ProgramData CustomScripts)
      if (!(Test-Path $path))
      {
      New-Item -Path $path -ItemType Directory -Force -Confirm:$false
      }
      Out-File -FilePath $(Join-Path $env:ProgramData CustomScripts\onedrive.reg) -Encoding unicode -Force -InputObject $content -Confirm:$false

      # register script to run at logon
      $WshShell = New-Object -comObject WScript.Shell
      $Shortcut = $WshShell.CreateShortcut(“$env:ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\config.lnk”)
      $Shortcut.TargetPath = ‘”c:\windows\System32\reg.exe”‘
      $Shortcut.Arguments = “import c:\programdata\CustomScripts\onedrive.reg”
      $Shortcut.WorkingDirectory = ‘”c:\programdata\CustomScripts\”‘
      $Shortcut.Save()

    2. Hey Tom,

      I noticed the webUrl doesn’t end with “&version=1” in the developer tools payload, but you’ve included this in your policy.

      Can you confirm this is necessary for the policy to work properly?

      Thank you,
      Greg

  1. We’re rolling out a new site for a department so I think I’m okay with using the admin template and it taking up to 8 hours, but how can I assign that to the Teams site group?

    Looks like Intune won’t let me target any Microsoft 365 groups for Device Configuration profiles. I also can’t add that M365 group to another security group. Do I need to maintain two groups for this?

    1. That’s correct… Security groups define who can access resources, and are recommended for your groups in Intune. So you can’t use Microsoft 365 groups… sometime like 1,5 years ago that option was removed

      1. With the new query “memberof” (currently in preview) for dynamic users groups, you can bypass this restriction by simply creating a new SG that dynamically fetches members of your M365 Group objectID.

  2. Have been using the Automount and Timerautomount trick for quite some time now with succes.

    However, I am running into an issue. We have several offices. All Site libraries are in one Automount policy.

    If a user has the rights for a certain library, it will synchonize. Perfect!

    But now the request is that a manager wants access to all libraries. Giving him the rights to all libraries and sync all libraries are way too much files to handle for Onedrive.

    I thought I could solve it by splitting up my Automount policies for each office. But then it will give a conflict, because of the same polies.

    How to give this manager the rights to synchronize some sites, and give him access to other sites through webaccess without synchronizing them. Seems impossible?

  3. Hi There,
    Just wanted to say a massive thank you for the first part of this article where you’ve gone and provided a really easy way to get the string for the Tenant ID with the parameters for WebID, SiteID, FolderID etc. There’s plenty of articles out there with powershell scripts [that in my experience haven’t worked or been extremely buggy], or people saying to log a case with MS etc. Your method is by far the easiest and cleanest available

  4. I know this is a bit old but I am now trying to implement this. it is working but giving me mixed results. One weird thing that happens is the correct folders will map but there will be duplicates. The duplicate will have a (1) next to it.

    When I go to the folder in SharePoint I want to map and click sync, I am able to grab the Library ID. Does this method not work properly in 2024?

  5. YMMV, Alex, and I’ve had good success with no duplicates by specifying the “folderId=” and “folderUrl=” in the string:
    reg add “HKU\\Software\Policies\Microsoft\OneDrive\TenantAutoMount” /v “DocLibraryFolderName” /t reg_sz /d “tenantId=xxx&siteId=xxx&webId=xxx&listId=xxx&webUrl=httpsxxx&folderId=xxx&folderUrl=httpsxxx&version=1”

  6. So, the below script works fine and it forces the sync. We have multiple folders that we auto mounted and when we run the below script it will only download one folder at a time. Is there a way to download multiple at once without having to reopen OneDrive each time for the other folders to auto mount:

    $Path = “HKCU:\SOFTWARE\Microsoft\OneDrive\Accounts\Business1”
    $Name = “Timerautomount”
    $Type = “QWORD”
    $Value = 1

    Set-ItemProperty -Path $Path -Name $Name -Type $Type -Value $Value

Leave a Reply

Your email address will not be published. Required fields are marked *

5  +  1  =  

Proudly powered by WordPress | Theme: Wanderz Blog by Crimson Themes.