Office 2019 and OneDrive
We are going to Office 2019 this summer on Windows 10 v1809. Our machines are AD-joined. We don't have Azure AD. We are looking to see how other colleges and universities are handling the saving of documents inside of Office apps to OneDrive. Is there a way to automatically log the user into OneDrive without the need for Azure AD? How do you handle that the user can add another account in Office apps to save the documents to i.e. Hotmail, Outlook, etc.? We would like to preserve a way that the documents can stay with our university and not save to personal accounts.
We are aware of registry changes via GPO like "SilentAccountConfig", "EnableADAL", and "ClientEverSignedIn". But those will only work with Azure AD.
Thanks for your help,
you need this one
Currently working at a Uni at the moment. We have Azure AD and have opted for cloud saving.
Just a quick thought, OneDrive comes with Office and Windows 10. Might want to consider disabling OneDrive (Groove) in the Office deployment and stick with the Windows 10 OneDrive.
Not sure of the technical pro's and con's for yourself, but food for thought.
You're saying that you "don't have Azure AD" but if you are using Office 365, then you have Azure AD. What you probably mean to say is that your on-premises domain is not federated with Azure. We (Dickinson College) are also not federated with Azure, but we did setup Hybrid Azure AD Join for our Windows systems. In this scenario, your systems are bound to the local Active Directory, but the computer accounts are also created in Azure, so when the user authenticates to on-premises AD, they also receive a token for your Azure AD. More information can be found here:
This is a much less disruptive way to get users authenticating to both your on-premises resources and Office 365 resources. It can be limited to specific OUs, so you can stage the rollout, which also makes it great for testing. Federation, is all or nothing and many of us aren't ready for that, yet.
I'm explaining all of this because you need your users to authenticate to your Azure AD instance (Office 365) in order to use OneDrive. In your current configuration that will need to be done manually per user. The most recent version of OneDrive makes this easier because it can now be installed for all users, but they will still need to run through the configuration process the first time. Some of the group policy settings like forcing folder redirection, files on demand, etc. will be applied, but silent account configuration won't be possible without credentials.