How do I create an Intune configuration profile for OneDrive?
The example below demonstrates how to create an Intune configuration profile for OneDrive that restricts the client to saving data only to the tenant in which the endpoint is enrolled. This setup uses a variable, making deployment scalable across customer accounts without the need to manually gather each tenant ID.
To create a configuration profile for OneDrive, complete the following steps:
Step 1: Create the template Intune configuration profile
First, create the template Intune configuration profile in Azure.
To create the Intune configuration profile:
In Microsoft Intune admin center, navigate to Devices > Manage devices > Configuration.
Select + Create > New policy.
-
In the New policy pane that opens, provide the following details:
Platform: Select Windows 10 or later.
Profile Type: Select Settings Catalog.
Select Create.
-
On the Basics tab:
Name: Enter OneDrive_DefaultConfiguration.
Select Next.
-
On the Configuration settings tab:
Select + Add Settings.
Search for OneDrive at the top.
-
Enable the following options:
Disable animation that appears during OneDrive Setup (User)
Silently move Windows Known folders to OneDrive
Silently sign in users to the OneDrive sync app with their Windows credentials
In the Tenant ID: (Device) field, enter 1234.
Select Next.
On the Scope tags tab, select Next.
On the Assignments tab, select Next.
On the Review + Create tab, select Create.
Step 2: Import the policy to Nerdio Manager
You can now import your configuration policy to Nerdio Manager.
To import the policy to Nerdio Manager:
In Nerdio Manager, at the MSP level, navigate to Policy Management > Configuration profiles.
-
Under the list of configuration profiles, select Import.
-
In the Import policies dialog box, provide the following details:
Selected policies: From the drop-down list, select the policy.
Tags: Optionally, from the drop-down list, select the tag(s) to assign.
-
Changelog: Enter the changelog message.
Select Import.
Step 3: Copy the TenantId variable
Copy the TenantId environment variable to apply it to the policy in the next step.
To copy the TenantId variable:
In Nerdio Manager, at the account level, navigate to Settings > Integrations.
-
In the Variables tile, under Environment variables, select the second copy
icon next to TenantId to copy the $EnvironmentVars.TenantId variable.
For details about variables, see:
Step 4: Apply the variable to the policy
In this step, apply the variable you copied to the previously created template profile.
To apply the variable to the policy:
In Nerdio Manager, at the MSP level, navigate to Policy Management > Configuration profiles.
-
From the action menu next to the configuration profile you wish to edit, select Edit.
In the new dialog box, on the Settings tab, hover over the setting with the 1234 value, and then select the pencil
icon.
Replace 1234 with the {$EnvironmentVars.TenantId} variable you previously copied, and then select Validate.
Select Next.
-
On the Change Log tab, in the Create a new version field, enter the changelog note.
Select Save & close.
Step 5: Assign the policy and test
You can now assign the policy to your customer account(s) and test it on a test device group.
To assign the policy to an account:
In Nerdio Manager, at the MSP level, navigate to Policy Management > Configuration profiles.
Next to the configuration profile you created, select Assign.
-
On the Assignments page, select Add Assignments.
-
In the new dialog box, select the customer account you wish to assign the policy to, and select Confirm.
Select Apply and Close.
To assign the policy to a test device group:
In Nerdio Manager, go to accounts.
Next to the relevant account, select Manage.
Go to Policy Management > Configuration profiles.
Next to the policy, select Assign.
-
Under Assignments > Included groups, select + Action, and then from the Group dropdown, select the test device group.
Select Confirm.
Comments (0 comments)