OneDriveMapper is a free script you can use as a logon or on demand script to map a OneDrive for Business location and/or Sharepoint locations to driveletters, it has been downloaded over 200,000 times and is also listed on Technet.
It was designed to run in scenario’s where using the Onedrive for Business client is not feasible, such as multi-user environments like Citrix or within a RemoteApp. Syncing in such environments is a bad idea as each user potentially has to re-sync data at each login and can potentially access other user’s data.
What does it do?
- Runs at logon or on demand (group policy, RES, etc)
- Maps your OneDrive for Business to a local driveletter
- No Sync, online WebDav connection
- Connects seamlessly without user interaction
- Prompts for user password (only once) if no ADFS used
- On Demand Provisioning of the OneDrive MySite
- Detailed and configurable logging
- Also maps Sharepoint Document libraries directly
- Can also map based on security groups
- Automatically disables and reenables ProtectedMode in IE
- Sets a customizeable label for the Network drive(s)
- Can use custom library names
- Can also run on non domain joined machines or Workplace Joined machines
- Detects changed user names/url’s automatically
- Can map drives inside (Azure) RemoteApps
- Can redirect My Documents to Onedrive for Business
- SSO for MDM Intune AzureAD W10 devices
- Can be deployed as logon script through Intune
- Can easily run from a shortcut as well
- Office 365 licence
- Office 2010 or higher installed if not using Native Auth
- Permission to map drives
- Permission to launch powershell scripts
- Exclude any mappings from scheduled virus scans
- Do not let windows search index mapped locations
- Disabled WebDav (WebClient) File Locking
- Migrate user homedirectories to O365 automatically first
- Remove the WebDav cache if it becomes too large
- Try not to have spaces in sharepoint library names
- Do not configure AADConnect SSO url’s through GPO (https://autologon.microsoftazuread-sso.com and https://aadg.windows.net.nsatc.net), if using the old (IE) auth mode, OnedriveMapper wil do this for you.
How to install
OneDriveMapper_v3.11.ps1 (right click, save as)
- Add https://tenantname-my.sharepoint.com to your Trusted Sites list if mapping to O4B
- Add https://tenantname.sharepoint.com to your Trusted Sites list if mapping to Sharepoint Sites, O365 Groups or Microsoft Teams
- Add adfs.yourdomain.com to your local intranet sites (both http and https) to get SSO if you’re using ADFS (or Okta). Make sure that whatever method you use to set this, runs BEFORE the script runs.
- Ensure Windows Authentication is enabled in Internet Explorer (this is default) if not using Native Auth
- Set $O365CustomerName to your Tenant Name (xxx.onmicrosoft.com)
- Set $driveletter to the driveletter you wish to map to OneDrive for Business and are not using the Cloud Edition
- Set $userLookupMode to what matches your environment
- Set $adfsWaitTime to 0 if not using ADFS
- If you wish to map Sharepoint libraries, change line 114 of the script ($sharepointMappings += XXX) if you’re not using the Cloud Edition
- disable file locking
- Run it on a representative test machine / user and thoroughly check the log it generates in %APPDATA%
- Add the configured script to a Group Policy or deploy as MSI to make it run upon logon for all users, automatically mapping your OneDrive for Business webdav share to a driveletter.
- When using native auth mode, MFA support is still pending
- When using native auth mode, Okta is not supported (until okta helps me out)
- if you use redirection and restartExplorer true, make sure the script runs when the user is fully logged in, restarting explorer during logon can cause hangs. Best practise: don’t enable it, the redirect will work the next logon for roaming profiles
- Native authentication mode does not work Powershell V2 or lower (comes with Windows 7)
I’m not a real programmer, this code is meant as a Proof Of Concept. I do not guarantee this product will work in your setup, and I offer no dedicated support, I try to help everyone on a best-effort basis but also have to work for a living. So make sure you test well and understand the code before you use it. Note that although it is unexpected, if Microsoft at some point decides to block WebDav connections to OneDrive for Business, this script may suddenly become obsolete without prior warning. If Microsoft drastically changes login.onmicrosoft.com, the script may also stop working until I can release an update.