OnedriveMapper changelog


1-4-2015: Added check for ProtectedMode, autodisable it at the start of the script, reset it to the old values after the script is done.

2-4-2015: Added a DriveLabel parameter to set the drive’s label

13-4-2015: Made the DriveLabel permanent, and enhanced messagebox functionality

22-4-2015: You can now specify a username in the script, this is useful if your machine is not domain joined but your company uses ADFS. Same goes for the password. The script can now also map additional libraries under names other than Documents.

8-5-2015: Added functionality to automatically detect the required user URL, instead of using the login name because login names can change, but the OneDrive URL doesn’t change unless specifically requested. (useful if someone marries). Also removed the MaxAttempts setting and added automatic removal of broken driveletters

22-5-2015: Added support for Windows 10!

26-6-2015: Enhanced Windows 10 support for ADFS and Azure Workplace Join. Removed the need to configure ADFS, this is now autodetected. Added builtin support for Sharepoint Document Libraries. Enhanced error and session handling and logging.

08-07-2015: Added checks and logging to verify Sharepoint is in Trusted Sites, Office is installed and Webdav file locking is disabled.

30-07-2015: Added a check if explorer.exe is running before mapping, and an option to restart explorer. exe after running if drives are invisible.

07-08-2015: Added a check for the login splitter MS uses when your account is both known in Office 365 (Azure AD) and as a Microsoft Security Account.

21-08-2015: Fixed a small bug that would cause the script to get stuck in a loop when explorer.exe is not running.

01-09-2015: 2.0 beta: added a better restart for explorer.exe, and added a restart for iexplore.exe, it has been reported that iexplore.exe can’t be running when the script first starts, this causes security issues. Also enhanced the process checks and restarts to only affect the user’s own processes (essential on TS/Citrix)

02-09-2015: Added autofocus to the password input textbox (thanks Shane!), improved the file and drive existence check (thanks Allan!) and added a check in the username detection to ensure the script waits for a redirect.

11-09-2015: changed the autoProtectedMode functionality from an array to a hashtable.

28-10-2015: Fixed a Citrix related bug, revamped ADFS redirection detection and handling, reduced some timeouts and added an IE FirstRun check

14-11-2015: The adfs redirection detection proved…..troublesome for older browsers and different language implementations. I’ve changed it to a more robust method. I’ve also removed the logout in the first part of the script.

23-12-2015: Enhanced the check if the driveletter exists to include the path it was mapped to, so if a driveletter already exists but is not mapped where it should, the script will delete and remap the driveletter. And some minor bug fixes.

19-01-2016: Added support for mapping an unlimited number of Sharepoint libraries in addition to O4B, and a switch to only map sharepoint libraries.

22-01-2016: Added a fix for users who are local admin and have UAC disabled. Normally, drives mapped through group policy would be invisible because they are mapped under an elevated user and explorer is not elevated. Thanks to Jason for researching this!

29-01-2016: Added multi-domain cookie registration (persistent) for when mapping both O4B and Sharepoint in a single run

08-02-2016: Minor bugfixes / detection updates and added option to open a custom URL after running (useful when you have a website opening through GPO but want to use AutoKillIE = $True.

30-03-2016: Added support for Auto-Acceleration in Sharepoint Online / O4B. This also fixes any issues users may have with persistent mappings when they are already signed in when the script runs.

21-04-2016: Added a custom login prompt, more error logging and switched to using IHTML3 Document Interface

28-04-2016: Added support for AD Security Group to Site mappings, changed Elevation Mediation method to Scheduled Tasks, changed logging method to both screen and file, ensured passwords with a $ in them still get passed when using forcePassword.

02-06-2016: added an option to use the Email field in AD instead of the UPN to log in to Office 365, some refactoring for efficiency and a number of bugfixes

26-07-2016: added a password save function to save a user’s password to file when not using ADFS. The cached data will be used until Office 365 throws an error. Also improved the My Documents redirection, the script is hereby no longer dependant on external Libraries to redirect your My Documents library.

29-08-2016: Added a warning when doing redirection while restart_explorer is disabled (whilst required),retry COM object creation if it fails, fixed document redirection if already mapped, removed setAsHomedir option

#V2.39: Folder redirection support for Windows 10, including My Pictures, My Music and My Videos, note: this makes redirection redirect to a subfolder instead of the root by default unless you change $redirectMyDocsName
#V2.39: autodetection of kb2846960 installation status
#V2.39: added msafed=0 parameter to the login url for O365 to avoid prompts to use a Personal account (thanks for suggesting this Dimos!)
#V2.40: Office dependency removed, added automatic detection of user login in Windows 10 Azure Ad Joined devices
#V2.41: SSO when using Windows 10 Azure AD Join (userLookupMode 3)
#V2.42: Additional username detection method added for userLookupMode 3, ESR is no longer required
#V2.43: longer SpO cookie generation wait time and logging of URL
#V2.44: bugfix in username selection mechanism when using forceUserName
#V2.45: longer AutoLogon for option 3 wait time, better SpO cookie generation check (url vs timer based)
#V2.46: handle AzureAD ‘additional verification required’ prompt and use $adfsWaitTime to also wait for AzureAD SSO
#V2.47: added a progress bar (thanks for the example Jeffery Hicks @
#V2.47: added autostart webdav client trick
#V2.48: added automatic version check
#V2.48: added slightly more robust password caching method
#V2.48: added adfs non-UPN signin option
#V2.48: added ADFS password caching
#V2.49: retry in case of 404
#V2.49: progress bar shows a little more detail
#V2.49: cache user login when mode is set to 4
#V2.49: fixed a small bug when asking for password
#V2.50: logging with timestamps
#V2.50: also attempt to do SSO when userlookupMode is set to 1 or 2 instead of 3 (to make AADConnect SSO go more smoothly)
#V2.50: Powershell 2 and lower-friendly method to do web requests (JosL-WebRequest)
#V2.50: Changed display of the progress bar to be less ‘in your face’
#V2.50: Automatically prevent IE firstrun wizard if needed
#V2.51: Automatically remove and re-add AzureADConnect SSO registry keys to work around sso issues with non persistent cookies
#V2.51: only do KB check for < windows 10 and < IE 11 and log OS and IE version
#V2.52: almost all IE object interactions moved to functions
#V2.53: map O4B before browsing to SpO sites to prevent cookie invalidation (in response to MS changes)
#V2.54: implementation of OnedriveMapper Cloud connection
#V2.54: security group matching regex fix
#V2.55: optionally, delete already mapped drives
#V2.56: do not attempt to use AzureAD SSO PT
#V2.56: optionally, retrieve settings/config from Cloud (
#V3.00: cache cloud settings locally in case cloud is down
#V3.00: native AzureAD auth without IE, a new parameter was introduced for this called authMode
#V3.00: auto updater (only for Cloud version)
#V3.01: added debug log file for native auth mode
#V3.01: more logging
#V3.02: new baseURL to avoid issues with users that have a customized O365 App or SpO
#V3.02: support for ADFS SmartLinks
#V3.02: redirect favorites
#V3.02: secondary cookie validation method
#V3.02: manually retrieve cookies from http headers to work around a bug in PS v2
#V3.02: don’t check for hotfixes when using native auth mode
#V3.03: workaround for cookie bug in PS v2 part 2: works for Onedrive, not for Sharepoint Online
#V3.03: fix in autoprovisioning of Onedrive for just licensed users using native auth
#V3.03: check if PS v3 or higher is installed when using Native auth
#V3.04: reset logfile if it becomes too large
#V3.04: optionally, don’t map persistently
#V3.04: userLookupMode 5 was replaced, it now looks at this registry path for your username: HKCU:\System\CurrentControlSet\Control\CustomUID\Office365Login, if you wish to use this mode, populate this key
#V3.04: fixed an issue in password encoding (spaces)
#V3.05: optionally, add a favorites link in explorer to Onedrive for Business
#V3.05: switch auth mode and retry (fallback mode) optionally
#V3.05: compile c# in memory instead of running from disk (works better with AppLocker ‘n such)
#V3.05: automatically uncheck ‘Autodetect proxy settings’ in IE
#V3.05: trusted sites list check changed: also count protocol wildcards as OK vs just https, and no longer check for and
#V3.05: truly hide the window (powershell ‘feature’ override when running from GPO), if $showConsoleOutput = $False
#V3.06: userLookupMode 6 added, which displays a full and customizable login form to the user which asks for username and password
#V3.06: added user login caching for userLookupMode 1 and 2, so the script won’t fail if the user is roaming and the login is cached
#V3.06: fixed a reference to my test domain in Azure AD PassThrough (
#V3.06: fixed a crash when ADFS denies the request in native mode (now properly falls back to IE auth mode if allowed)
#V3.06: first basic support for Azure AD SSO, sometimes throws an STS error for unknown reasons when run in rapid succession
#V3.07: add TLS v1.2 as default method (Powershell uses v1.0 by default)
#V3.07: only handle AzureAD SSO registry keys when running in IE auth mode
#V3.07: urlencode the canary token for native auth
#V3.07: prevent usage of Native auth mode on PsV2 (automatically switch to IE mode)
#V3.07: MSI installer now also overwrites config code in non-default .ps1 files
#V3.07: properly fall back to correct cookie location if the normal location isn’t available
#V3.08: fixed a crash when restarting after auto updating if the progress bar is disabled
#V3.08: fixed a check when auto redirected to Onedrive for Business (smartlink or tenant setting) and using native auth
#V3.08: moved autoDetectProxy to online config and main parameters
#V3.08: changed logic of folder redirection, desktop and favorites now have their own on/off switch
#V3.08: redirectMyDocsTo renamed to redirectToSubfolderName