Let’s discuss Silently Sign in users to the OneDrive Sync App with their Windows Credentials. The Settings Catalog is one of the most important features in Microsoft Intune, as it provides IT administrators with a wide range of configuration options. The OneDrive section plays an important role in managing how user’s access and store their files securely.
In this post, we are focusing on a specific policy: the option to silently sign in users to the OneDrive sync app using their Windows credentials. This policy is designed to smooth the sign-in process, making OneDrive setup faster and easier for employees.
Organizations turn on this setting to make things easier for users. With silent sign-in, employees can start using OneDrive right away without typing their username and password. This setting is designed to make it easier for users to start using the OneDrive sync app without needing to manually sign in.
It allows OneDrive.exe to silently sign in with the user’s Windows credentials. By doing so, it removes the extra step of typing in usernames and passwords, making the setup process easy. When this setting is enabled, users who are signed in on the PC with their primary Windows account can set up OneDrive quickly.
Table of Contents
What Happens if the Setting is Enabled?
If enabled, users signed in with their primary Windows account (used to join the PC to the domain) can set up OneDrive sync without re-entering their credentials. They will still see OneDrive Setup to choose folders and change the folder location.
Silently Sign in users to the OneDrive Sync App with their Windows Credentials
Above we discussed a lot of this about the policy in an organization by enabling this policy to help to silently signing in users with their Windows credentials, employees can get started with OneDrive without typing in their usernames and passwords. This reduces confusion, saves time, and make OneDrive smoother across the organization.
Now, let’s see how this policy can be deployed through the Microsoft Intune Admin Center. First, go to the Devices section. In Devices, select Configurations. In Configurations, click on the + Create policy option.
- Next, fill in the Platform and Profile type details in the Create profile window.
- Set Platform to Windows 10 and later and set Profile type to Settings catalog.
- Then click Create.
- Enable or Disable Physical Computer Location Support for Printers using Intune Policy
- Prevent Users From Installing Printer Drivers Using Intune
- How to Create Intune Settings Catalog Policy
What are Basics
The Basics tab is the quickest step. Here, you need to enter the basic details such as the Name, Description, and Platform information. Since the platform is already set as Windows and you only need to provide a specific name and description for the policy, then click Next.
How to Deal with Settings Picker
This is the second step of the policy creation. Here, you need to click on the Add setting option. A settings picker window will open. In this window, you can either select the category as OneDrive or use the search option to find it.
In the OneDrive section, you will see 89 settings under the contract category. Scroll down until you find the policy “Silently sign in users to the OneDrive sync app with their Windows credentials.”
- Select this policy, then close the settings picker window.
Disable the Policy
If the policy is not configured, users will not be signed in automatically to the OneDrive sync app with their Windows credentials. Instead, they must manually enter their work or school account details to set up sync. This extra step can cause delays, confusion, or errors during setup.
By default, you should understand that a policy can be either enabled or disabled. In this case, the policy is disabled by default. If you want to keep it in the disabled mode, you have to click Next to continue.
Enable the Policy
You can also enable a policy that is disabled by default. To do this, toggle the switch from left to right. Once enabled, the switch will turn blue and display the label Enabled.
Scope Tags
Now you are on the Scope tags section. Scope tags are used to assign policies to specific admin groups for better management and filtering. If needed, you can add a scope tag here. However, for this policy, I chose to skip this section.
Important of Assignments
Next, you’ll reach the Assignments section, which is a very important step. This is where you decide which user or device groups should receive the policy. In this case, I selected the specific group I wanted to apply the policy to. After selecting the group, click Next to continue.
Understand the Review + Create
Review + Create is the last stage of policy creation. In this step, you will see a summary of all the details, including Basics, Configuration Settings, Assignments, and more. You can review all the information, and if anything needs to be changed, you can go back to the previous steps and edit them easily.
- In the Review + Create section, you will see a Create button.
Monitoring Status
After the policy is created, the main concern is whether it has been successfully deployed. Typically, it can take up to 8 hours for the policy to apply. This is the minimum waiting period. However, you can manually sync the policy through the Company Portal, which helps to apply the policy more quickly. To check if the policy has been successfully deployed.
- Sign into the Microsoft Intune Admin Center.
- Navigate to Devices > Configuration Policies.
- In the Configuration Policies list, look for the policy you created.
- Click on the policy to view its deployment status and detail
Understand the Client-Side Verification
To get the client-side verification, open the Event Viewer and navigate to Applications and Services Logs > Microsoft > Windows > Device Management > Enterprise Diagnostic Provider > Admin. Once there, you can search for specific policy results by using the Filter Current Log feature located in the right pane. This helps quickly get the relevant results within the log.
| Policy Details |
|---|
| MDM PolicyManager: Set policy string, Policy: (SilentAccountConfiq), Area: (OneDriveNGSCv2 ~Policy~OneDriveNGSC), EnrollmentlD requesting merqe: (EB427D85-802F-46D9-A3E2- D5B414587F63), Current User: (Device), Strinq: (), Enrollment Type: (0x6), Scope: (0x0). |
How to Remove Policy Group
Start by navigating to the Monitoring status page via Devices > Configuration. Search for the policy by name and click on it to open its monitoring details. Scroll down to the Assignments section and click Edit. This will take you back to the policy’s assignment settings.
- From here, you can remove the group you no longer want the policy to apply to.
For detailed information, you can refer to our previous post – Learn How to Delete or Remove App Assignment from Intune using by Step-by-Step Guide.
Delete the Policy
To delete a policy in Microsoft Intune, first sign in to the Microsoft Intune Admin Center. Navigate to Devices and then select Configuration. Locate and select the specific policy you want to remove. Once you’re on the policy details page, click the 3 -dot menu in the top right corner and choose Delete from the available options.
Need Further Assistance or Have Technical Questions?
Join the LinkedIn Page and Telegram group to get the latest step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community to get the latest news on Microsoft Technologies. We are there on Reddit as well.
Author
Anoop C Nair has been Microsoft MVP from 2015 onwards for 10 consecutive years! He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is also a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.