Last year I did a blogpost on How to deploy OneDrive Known Folder Move with Intune that uses the Intune Management Extension to deploy a PowerShell script – that one is still working and you can see all the detailed information from my blog post on Known Folder Move. I found that in production this works well, but in some cases it takes some time to get the settings on the device. do the the installation of the Intune Management Extensions – and it can be the same issue when using Windows Autopilot reset, that there can go some time before the Intune Management Extention is getting installed on the device again.

So what is the other option than using PowerShell – it is ADMX based policy in Intune that is build in with Windows 10 – this is what this blogpost is about.

To get started you need some information:

You need the onedrive ADMX from you local drive %LocalAppData%\Microsoft\OneDrive\18.192.0920.0012\adm  – where you need to change the OneDrive version number with the one you have on your device.

You need the hole content from the OneDrive.admx file

How to create the policy in Intune:

Start the M365 Device Management Portal 

1. Select Device configuration
2. Select Profiles
3. Select Create profile

1. Name : OneDrive.admx
2. Description : Enter the version number for the OneDrive XML
3. OMA-URI : ./Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/OneDriveNGSC/Policy/OneDriveAdmx
4. Data Type : Select String
5. Value : Copy the content on the OneDrive.admx file

You need to create 4 more row of OMA-URI Settings:

One:

1. Name : OneDrive.admx
2. Description : Enter the version number for the OneDrive XML
3. OMA-URI : ./Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/OneDriveNGSC/Policy/OneDriveAdmx
4. Data Type : Select String
5. Value : Copy the content on the OneDrive.admx file

Two:

1. Name : SilentAccountConfig
2. Description : Silently configure OneDrive using the primary Windows account
3. OMA-URI : ./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC~Policy~OneDriveNGSC/SilentAccountConfig
4. Data Type : Select String
5. Value :

Three:

1. Name : KFMOptInNoWizard
2. Description : Prevent users from redirecting their Windows known folders to their PC
3. OMA-URI : ./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC~Policy~OneDriveNGSC/KFMOptInNoWizard
4. Data Type : Select String
5. Value : 

Four:

1. Name : FilesOnDemandEnabled
2. Description : Enable OneDrive Files On-Demand
3. OMA-URI : ./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC~Policy~OneDriveNGSC/FilesOnDemandEnabled
4. Data Type : Select String
5. Value :

Or we can just to it with a import script:

First we need the .\DeviceConfiguration_Import_FromJSON.ps1 from Github 

Second you need the .json file to import into your Intune from Github

Start by running the DeviceConfiguration_Import_FromJSON.ps1

Then do the authentication. The script will test if you have the AzureAD PowerShell module or the AzureAD preview one. If you do not have installed it – you will be asked to install it and run the script again.

Then you will be asked for the .json file ADMX–OneDrive.admx-KFM.json

Then it will import and create the policy directly in Intune

Then you can see the OneDrive profile in Intune and deploy it to your users

Happy testing