OneDrive for Business (OD4B) is a key workload in Office 365 and can be an integral part of your collaboration strategy. OD4B provides a cloud location to store, share, and sync your work files and then work with them from any device. Microsoft has spent a lot of effort to get a rock-solid solution including a well-oiled sync engine together.
3. EVALS / PRIZES
Bring all items to the 6th Info Desk
• Bingo Cards = how you win prizes at the
end of the event.
• The cards must be stamped by ALL the
Sponsors by the last session (4pm)
• Fill out speakers evaluations (located in
the front of the rooms
• Fill out the event evaluations
27 in Curved Samsung
Lenovo IdeaPad
Name your game bundle
4. THANK YOU
EVENT SPONSORS
We appreciated you supporting the
New York SharePoint Community!
• Diamond, Platinum, Gold, & Silver have
tables scattered throughout
• Please visit them and inquire about their
products & services
• To be eligible for prizes make sure to get
your bingo card stamped by ALL sponsors
• Raffle at the end of the day and you must
be present to win!
5. Beer Authority
300 W 40h St
[across the street]
Join us for a round of drinks & some
appetizers
http://www.beerauthoritynyc.com
6. OneDrive for Business Intro
When to use it
Administration
All about sync
Awareness & Insights
Security
Managing
OneDrive for Business
SharePoint Saturday NYC 2017
Survey
10. OD4B Admin Basics
Each user gets it’s own site collection under /personal path
Site collection created first time users accesses it
1 TB of storage per user -> qualifying plans can have more
Comes with O365 SKU’s or purchased separately
Administration closely connected with SharePoint Online settings
13. OneDrive Admin Center
Manage
• Sharing
• Sync
• Storage
• Device Access
• Compliance
• Notifications
Important
• You must allow access to onedrive.com
https://admin.onedrive.com
14. SharePoint Admin Center
• Show or Hide OD4B app launcher tile
• Set default OD4B experience to new or classic
• Show or Hide OD4B sync button
• Allow or Disable OD4B mobile push notifications
• Set secondary administrator for new sites
• Set secondary owner when a user’s manager cannot be
determined
https://domain-admin.sharepoint.com
15. External Sharing
Sharing for OD4B can be MORE restrictive but not LESS restrictive than SPO
If sharing turned off globally in SPO any shared links will stop working
Sharing Options
Only existing external users (sign-in required)
New and existing external users (sign-in required)
Anyone, including anonymous users (on by default)
Your SharePoint Online sharing
settings determine which OneDrive
sharing settings are available
Setting Sharing in OD4B Admin Center
affects SPO
16. Set External Sharing Limitations
Default link type
Direct links
Only users who have specific permission
Internal Links
Only users within your organization
Anonymous access links
Anyone with a link
Anonymous access link expiration
Up to 2 years / 730 days
The following settings apply to both SPO and OD4B
Anonymous access link permission
View & Edit or View Only for files
View, Edit & Upload or View Only for folders
Limit by domain
Allow or block on selected domains
Other
Must accept using same account
Let external users share items they don’t own
19. Sync Client
OneDrive sync client (NGSC)
vs
Groove sync client
NGSC can sync OD4B and SPO libraries
NGSC does not work for on-premises
Can run both clients simultaneously
NGSC support for Mac
20. Sync Client Restrictions (NGSC)
Invalid characters
<, >, :, ", |, ?, *, /,
Strings in filenames
Icon, .lock, CON, PRN, AUX, NUL
COM1-9, LPT1-9
Folder names
_t, _w
“forms” at the root level
Number of items
Performance declines after 100,000 files
Size limit
15 GB
Other
Can’t add network/mapped drive as sync location
Can’t sync Shared with Me view
Can’t sync as an external user
IRM synced as read-only
No differential sync
Checkout & required columns synced as read-only
https://support.microsoft.com/en-us/help/3125202/restrictions-and-limitations-when-you-sync-files-and-folders
21. Sync Administration
Hide the sync button
Helps users install & set up
Allow sync to specific domains
Add GUID of each domain
Block sync of file types
Example: mp3
Do not include periods or punctuation
OneDrive Admin Center
22. Sync Administration
Coauthoring & in-app sharing
Office 2016/2013
Delay updates until 2nd wave
Add GUID of each domain
Prevent changing location of sync folder
Occurs during welcome wizard
Group Policy Set default location of sync folder
Default, the path is under %userprofile%
Prevent sync of personal OneDrive
Microsoft OD account
Handle Office files in conflict
Merge or keep both / always keep both
Set maximum % of upload bandwidth
Prevent remote file fetch feature
Using Microsoft OD account
25. Deployment
Software requirements
Windows 7, 8, 8.1, 10
Sync client included in Windows 10
Plan
Phased is ok
Provide communication
Use enterprise deployment tool
MS System Center Configuration Manager
OneDrive NGSC deployment guide
How to deploy NGSC with SCCM
Deploy admin settings
Use OneDrive.admx and OneDrive.adml
Download with OneDrive Deployment Package
Assisting sign in
odopen://launch
odopen://sync?useremail=email@domain.com
%localappdata%MicrosoftOneDriveOneDrive.exe
26. Deployment - Transitioning
If using Groove.exe (old)
OneDrive sync automatically takes over sync if possible
During a “takeover”
Groove.exe stops sync
OneDrive starts sync without re-downloading
Groove.exe stops running and removes from auto
start
Deploying a takeover
Automatically transition without user interaction
User must be signed in to OneDrive sync
OneDrive.exe /takeover
27. Deployment – Pre-provisioning sites
Build a users OneDrive for Business site before they try to access it
User PowerShell info listed on TechNet
29. Admin Goodness – OD4B Admin Center
Storage
Set default storage for all new and existing users
Set retention of files after user marked for deletion up to 10 years
Notifications
Display device notifications when files shared with them
Email owners when
Other users invite additional external users to shared files
External users accept invitations to access files
An anonymous link is created or changed
30. O365 Admin Center by User
Grant Yourself Access
View Quota
Set Sharing
Initiate Sign-out
31. What if someone leaves?
Access
Default sets ownership to manager declared in user profile
Follows access delegation set in SP Admin Center
Cleanup
If user profile manually deleted the site won’t be deleted
Email sent on initial assignment and 7 days prior to retention
If site is on eDiscovery hold the site won’t be deleted
Deletion of user account in Azure AD is only thing to trigger
33. Device Access – OD4B Admin Center
Control access based on network location
Allow access only from specific IP addresses
One IP address per line
No overlapping IP addresses
Control access from apps that don’t use modern auth
Without modern auth, can’t enforce device-based restrictions
Some 3rd party apps
Office versions prior to 2013
34. Device Access – OD4B Admin Center
Mobile apps
Requires Intune or EMS
Admin account requires Intune
license
35. Data Loss Prevention (DLP)
Managed in O365 Security &
Compliance Center
Helps identify and protect content from
inadvertent disclosure
Runs on search
After you create a DLP policy in the Security &
Compliance Center, it’s stored in a central policy
store, and then synced to the various content
sources
36. Data Loss Prevention (DLP)
Pick info to protect
Build in policy templates
Custom policy
40. Labels (retention)
Managed in O365 Security & Compliance Center
Classify data and enforce retention rules
Apply manually or automatically based on sensitive information or keyword queries
Auto apply requires E5
Content can only have 1 label
Auto apply can take 7 days
Can apply to:
Outlook
OneDrive for Business
SharePoint
O365 Groups
45. Activity Reports
View by
Number of files by
Viewed/edited
Synced
Shared internally
Shared externally
Number of users by
Viewed/edited
Synced
Shared internally
Shared externally
46. Audit Log Search
Unified audit log across SharePoint, OneDrive, Azure AD,
Exchange, Sway, Teams, Yammer
Must turn on audit logging (soon set to default)
Data exists for 90 days
Can take up to 30 minutes
to 24 hours to show up
47. Audit Log Search
Handy things that are audited
Deletes file/folder from second stage
recycle bin
Created an anonymous access link
User initiates sync or is blocked from a
sync
48.
49. • xxxx
Help Contribute &
Stay Informed!
OD4B UserVoice
https://onedrive.uservoice.com/forums/262982-onedrive/category/86090-onedrive-for-
business
Microsoft Tech Community
https://techcommunity.microsoft.com
Office 365 Roadmap
https://fasttrack.microsoft.com/roadmap
Office Blogs
https://blogs.office.com/
Office 365 Admin Center – Message Center
https://portal.office.com/AdminPortal
Office 365 for IT Pros
http://exchangeserverpro.com/ebooks/office-365-for-it-pros