Office 2019 and OneDrive
We are going to Office 2019 this summer on Windows 10 v1809. Our machines are AD-joined. We don't have Azure AD. We are looking to see how other colleges and universities are handling the saving of documents inside of Office apps to OneDrive. Is there a way to automatically log the user into OneDrive without the need for Azure AD? How do you handle that the user can add another account in Office apps to save the documents to i.e. Hotmail, Outlook, etc.? We would like to preserve a way that the documents can stay with our university and not save to personal accounts.
We are aware of registry changes via GPO like "SilentAccountConfig", "EnableADAL", and "ClientEverSignedIn". But those will only work with Azure AD.
Thanks for your help,
Andy
Answers (4)
you need this one
Comments:
-
Thank you for the response. I am not sure how that link is supposed to help me. - AAnschutz 5 years ago
-
Read the article. For how you described the way you want one-drive to work you want the one for business.
How is OneDrive for Business different from OneDrive?
It's all OneDrive, which means you use the same apps to sync files down to your Windows PC or Mac, or get to your files from your Android or iOS device. You just sign in with your work or school account to use OneDrive for Business, or sign in with your Microsoft account to use OneDrive personal.
OneDrive is online personal storage that you get when you set up a Microsoft account to use services such as Outlook.com or Xbox. Use OneDrive to save documents, photos, and other files in the cloud, share them with friends, and even collaborate on content. When you subscribe to Office 365, you get 1 TB of storage and premium OneDrive features.
OneDrive for Business is online storage for work or school. Your OneDrive for Business is managed by your organization and lets you share and collaborate on work documents with co-workers. Site collection administrators in your organization control what you can do in the your OneDrive library. - SMal.tmcc 5 years ago-
OneDrive for business is actually Sharepoint. it is FAR different than OneDrive for personal use. - sratliff 5 years ago
Currently working at a Uni at the moment. We have Azure AD and have opted for cloud saving.
Just a quick thought, OneDrive comes with Office and Windows 10. Might want to consider disabling OneDrive (Groove) in the Office deployment and stick with the Windows 10 OneDrive.
Not sure of the technical pro's and con's for yourself, but food for thought.
Comments:
-
Thanks for the response. In my Office 2019 installation, I have excluded Groove already. But I didn't exclude OneDrive for Desktop. Since Windows 10 1809 comes with OneDrive already, perhaps I don't need to include OneDrive Desktop as well. Thanks for the thought. - AAnschutz 5 years ago
You're saying that you "don't have Azure AD" but if you are using Office 365, then you have Azure AD. What you probably mean to say is that your on-premises domain is not federated with Azure. We (Dickinson College) are also not federated with Azure, but we did setup Hybrid Azure AD Join for our Windows systems. In this scenario, your systems are bound to the local Active Directory, but the computer accounts are also created in Azure, so when the user authenticates to on-premises AD, they also receive a token for your Azure AD. More information can be found here:
https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-plan
This is a much less disruptive way to get users authenticating to both your on-premises resources and Office 365 resources. It can be limited to specific OUs, so you can stage the rollout, which also makes it great for testing. Federation, is all or nothing and many of us aren't ready for that, yet.
I'm explaining all of this because you need your users to authenticate to your Azure AD instance (Office 365) in order to use OneDrive. In your current configuration that will need to be done manually per user. The most recent version of OneDrive makes this easier because it can now be installed for all users, but they will still need to run through the configuration process the first time. Some of the group policy settings like forcing folder redirection, files on demand, etc. will be applied, but silent account configuration won't be possible without credentials.
Top Answer
Thank you everyone for your insights. We have decided to not include OneDrive at the moment. Once we get through the summer reimaging of labs and classrooms, I will be researching more of this option and see if we will be able to use OneDrive in the future. Thank you once again.