In this blog post, we will discuss the steps to configure Group Policy to automatically sign in users to OneDrive also knows as Silently Configure.
OneDrive is a cloud-based storage service that allows users to store, share and sync files across multiple devices. With the increasing popularity of OneDrive, many organizations are looking for ways to streamline the process of signing in to OneDrive. One way to accomplish this is by using Group Policy to automatically sign in users to OneDrive.
Configuring users to auto sign in to OneDrive is a three way process with the following requirements:
- Azure AD Connect configuration
- Group Policy ADMX template
- Hybrid Azure AD Joined
Without the above three requirements auto sign in will fail.
To enable auto sign in on client machines using group policy we need to copy the OneDrive ADX templates to our Domain Controller central store or local store.
You will find the ADMX template on any Windows 10 or 11 machine that has the latest OnrDrive app installed. The template location is below.
C:\Program Files\Microsoft OneDrive\23.038.0219.0001\adm
Copy the two files below to your central store or local store.
If you don’t have a Group Policy central store, copy the files to your local DC and open the Group Policy management console.
In GPMC, go to
Computer Settings -> Administrative Templates -> OneDrive
The settings that configure Auto login is called:
Silently configure OneDrive using Windows 10 or domain credentials
Double click on the setting and click enabled.
Link the GPO to where your computers are located.
Configure Hybrid Azure AD
The next we need to follow is to enable Hybrid Azure AD joined that will register the machines in Azure AD.
We enable Hybrid Azure AD Joined from the Azure AD console. To do so, login to your Azure AD Connect server and open the console.
From the configuration wizard, click on Configure device options.
From the Device option menu, click on Configure Hybrid Azure AD join.
Select Windows 10.
Close the configuration wizard and start the sync.
For auto login to work the devices needs to be fully registered. To check if a device is fully register open the Azure AD console from the portal.
Click on All devices.
Located your device and make sure the Join Type is set the Hybrid Azure AD Joined.
At this stage, if you log in to your Windows 10 or 11 machine OneDrive should logged the user automatically. This configuration will also configure Microsoft Teams to auto login it as well.
Leave a Reply