Tenant setup 16 — Automatic OneDrive
A small setting that's a lifesaver if you use OneDrive — and arguably even if you don't. Auto-login + Known Folder Move. So when an employee saves a file to Desktop and the disk dies, you have it on OneDrive, not in the bin.
This article is part of the series. Full series + screenshots in one document: download PDF. (PDF is currently in Czech.)
Today another small setting that's an absolute lifesaver if you use OneDrive — and actually even if you barely do. This config handles automatic sign-in to OneDrive and redirects the standard folders into OneDrive. Why care? Because the day an employee saves the only copy of an important file to their Desktop and the disk dies, you'll have it on OneDrive, not in the bin. One important caveat: this only works on Entra ID joined devices.
Intune → Devices → Configuration → Create → New Policy → Windows 10 and later → Settings catalog. Name and describe the policy. Click Add settings, search OneDrive, pick the OneDrive category, and select:
- Use OneDrive Files On-Demand
- Silently sign in users to the OneDrive sync app with their Windows credentials
- Silently move Windows known folders to OneDrive (Desktop, Documents, Pictures all True)
- Prevent users from moving their Windows known folders to OneDrive (back to PC) — keeps them on OneDrive
- Continue syncing on metered networks
Set Tenant ID to your tenant ID (find it on the Entra portal home page). Target the policy at a dynamic device group with the rule (device.deviceTrustType -eq "AzureAD") — that will only include Entra Joined devices. Done.