Category Archives: OneDrive for Business

OnedriveMapper v3 support for Cisco Duo MFA

V3.24 of OnedriveMapper is now available for download.

Cisco DUO MFA support in OnedriveMapper
  • Support for Cisco Duo MFA Push messages and physical tokens
  • Session persistence between logins (reduces login frequency)
  • Progress bar progression fix
  • Tertiary Favorited Sites default doclib detection method
  • Fix for favorited sites with unsafe characters in their URL

Unsharing Orphaned Onedrive for Business sites with active sharing links

When a user leaves the organization, their Onedrive folders/files remain until either the user is permanently deleted or the retention policy covering their data expires.

Many organizations have set up a retention policy in Office 365 to retain data in Onedrive for several years, sometimes even indefinitely.

Few know, that as long as you retain a user’s onedrive, the files and folders that were shared, by default, remain shared and accessible by those they were shared with, including externals.

This is often undesirable, and can easily be remediated by running a very simple unshare-orphanedOnedriveForBusinessSites.ps1 PowerShell function I’m hereby sharing with you 🙂

Above function detects all Onedrive Sites that no longer have an active associated user, and disables any sharing links on them.

The actual line that unshares an individual site could also be used directly if you have an automatic offboarding process.

Onedrive for Business sync error monitoring and auto remediation

With the introduction of Onedrive Sync Heath in the Office portal, we have a much improved view on sync errors of our users. Errors they may not even be aware of.

However, there is no remediation option, so I am sharing a framework based on previous work in Proactive Remediations that can report on the Onedrive client status and trigger a remediation, which looks like this:

Currently, the only remediation method is to restart the Onedrive client, but the script is easily adjusted for additional remediation actions or conditions the community deems useful.

When Paused or Disabled are detected, there is no remediation as this is not technically an error but something the user manually set. This can be adjusted to your local needs easily.

You can find the Proactive Remediation script on Gitlab:

https://gitlab.com/Lieben/assortedFunctions/-/blob/master/remediate-O4BClient.ps1

To use it, follow the steps in my previous article using proactive remediations (LAPS).

the only difference with LAPS config is that the script should run in user context:

The detection and remediation scripts are the same, the script is smart enough to detect if it is running in detection or remediation mode.

Credits go to Rudy Ooms for writing about the different status codes of the Onedrive client 🙂

Redirecting anything to Onedrive for Business

A while ago I wrote a script that can mount Teams Libraries and then redirect any local folder to them.

In many situations, this solution is a little overkill though, so I’ve also created a second version which simply allows you to redirect any local folder (including variable paths!) to any location in a user’s Onedrive folder.

The configuration is set through the registry, an example file is included.

It can be used as a onetimer or as logonscript, and it can also be used to migrate existing content or create hard links for specific local appdata folders.

OnedriveMapper 4.04 with auto reconnect

Version 4.04 OnedriveMapper now automatically reconnects drives (of any type) when the cookie expires. No more ‘broken’ mappings! The script is smart enough to detect if its just a connectivity issue (= do nothing) or an actual drive issue.

All improvements since 4.00:

  1. Auto Remap (automatically reconnect disconnected drives)
  2. Block the IE firstrun wizard properly
  3. Bugfix: properly handle existing shortcuts instead of throwing an error
  4. Increase Converged Drive (single mapping with sub-mappings) reliability
  5. Better cleanup of existing mappings
  6. Always force the ‘keep me signed in’ option
  7. Support for root-level mappings