This blog post will provide step-by-step instructions to configure OneDrive auto sign-in using Intune. Enabling auto sign-in ensures that users are seamlessly connected to their OneDrive accounts without having to manually authenticate each time they log on to a Windows device. A similar policy for Outlook is also available, refer to the post for more details on this: Setup Outlook Auto-Login with Intune.
This not only improves the user experience by providing instant access to personal and work files stored in the cloud but also enhances productivity by enabling file synchronization and collaboration immediately after login. We will walk through the required Intune policy configuration, recommended setting, and validation steps to ensure that OneDrive is ready to use as soon as a user signs in.
Below are the details of the Intune Settings catalog policy we will use to configure OneDrive Auto sign-in.
| Profile type | Category | Setting | Status |
|---|---|---|---|
| Settings Catalog | OneDrive | Silently sign in users to the OneDrive sync app with their Windows credentials | Enabled |
Contents
Create OneDrive Auto Sign-in Intune Policy
- Sign in to Intune admin center > Devices > Windows > Configuration > Create > New Policy.
- Platform: Windows 10 and later
- Profile type: Settings catalog
- Click Create.
- On the Basics tab, provide a Name and Description of the policy and click Next.
- On Configuration settings tab, click on + Add settings and use the Settings picker to search using OneDrive keyword and select OneDrive category. Then Select Silently sign in users to the OneDrive sync app with their Windows credentials policy setting.
This setting lets you silently sign in users to the OneDrive sync app (OneDrive.exe) with their Windows credentials. If you enable this setting, users who are signed in on the PC with the primary Windows account (the account used to join the PC to the domain) can set up the sync app without entering the credentials for the account. Users will still be shown OneDrive Setup so they can select folders to sync and change the location of their OneDrive folder. If a user is using the previous OneDrive for Business sync app (Groove.exe), the new sync app will attempt to take over syncing the user’s OneDrive from the previous app and preserve the user’s sync settings. This setting is frequently used together with “Set the maximum size of a user’s OneDrive that can download automatically” on PCs that don’t have Files On-Demand, and “Set the default location for the OneDrive folder.” If you disable or do not configure this setting, users will need to sign in with their work or school account to set up sync.
About Silently sign in users to the OneDrive sync app with their Windows credentials
- Scope tags: Click Next
- Assignments: Assign this policy to an entra security group containing users or devices. It’s a best practice to test the policy on a few users/devices first. If it’s working fine, then extend it further.
- Review + create: Review the policy settings and click on Create.
Monitoring Remove Security Tab Intune Policy
- Sign in to the Intune admin center > Devices > Configuration.
- Select the Device Configuration profile you want to work with, and at the top of the page, you’ll see a quick view of the Success, Failure, Conflict, Not Applicable, and In Progress status.
- Click on View report to access more detailed information.
Sync Intune Policies
The device check-in process might not begin immediately. If you’re testing this policy on a test device, you can manually kickstart Intune sync from the device itself or remotely through the Intune admin center.
Alternatively, you can use PowerShell to force the Intune sync on Windows devices. Restarting the device is another way to trigger the Intune device check-in process.
End User Experience
After the Intune policy is successfully applied, you should notice that OneDrive automatically signs in using the user’s credentials. In my case, it took a couple of minutes for OneDrive to pick up the policy, but it eventually worked. Click on OneDrive icon in the system tray to check and confirm this.
You can also use event viewer to check and confirm if the Intune policy has been applied successfully.
- Open Event viewer on your device and navigate to Application and Services logs > Microsoft > Windows > Devicemanagement-Enterprise-Diagnostics-Provider > Admin.
- Filter the logs for Event ID 814 and search through the events to find the one related to your deployment.
