Microsoft Azure is kicking goals. In their 2020 Annual Report, Microsoft announced that “Today, leaders in every industry—including 95 percent of the Fortune...
You have a fleet of mobile and remote devices for your workplace. You have a great setup for SharePoint for your users. But how can you ensure that your users get the up to date SharePoint sites?
Microsoft Intune, the part of Microsoft’s Endpoint Manager service that takes care of cloud-native management seems like the natural fit.
However, configuring Intune to automatically deploy and sync SharePoint sites for your users can be a little tricky. We are here to help.
[Tip: Checkout Microsoft Intune and Autopilot – Managed SOE in the Cloud for more Intune info]
Microsoft Intune – Conditional Access SharePoint Online
Firstly, we want to check that users have their devices enrolled in Intune to begin with, so that they’re compliant with company policy. For this, check that the device is managed and registered with Azure AD and compliant to some compliance policy.
You can find compliance policies under the Intune dashboard via policies. A policy may include items like require a password to unlock a mobile device, disallowing of simple passwords, and a minimum password length.
From here, you’ll need to configure your SharePoint online policy. This is under Policies/Conditional Access in Intune, where you specify to block OneDrive for Business apps from accessing SharePoint Online if they are noncompliant. If you need to set up groups you’ll need to do this first in Azure AD (via 365 admin centre). End users who aren’t yet enrolled in Intune will now be blocked from access.
More information on this process can be found at Microsoft Tech Community.
How the Solution Works
And onto the actual rollout and syncing of SharePoint sites. Be aware that this only works for users running Windows 10 (1709) Fall Creators Update, so devices must be running this version of Windows or later. It should not be applied to fleets of greater than 1000 devices, too.
Firstly, ensure that OneDrive Files On-Demand is switched on. This is under Intune’s administrative templates. Head to the Configuration profiles page under Microsoft Endpoint Manager and create a profile with Windows 10 or later and select Administrative Templates. Choose a name, then User Configuration and select OneDrive to configure the Files On-Demand policy.
Now, sign in to your SharePoint administration and find the library you want to sync. Click the Sync button, but then select Copy library ID.
Now, you’ll need to switch over to Intune and find Configuration profiles again. Create another profile for Windows 10 and later, then Administrative Templates. Once created, enter a name (e.g. Sales Team SharePoint Library). Under the Configuration Settings, choose User Configuration and OneDrive. Then enable the Configure team site libraries to sync automatically policy. Enter the library name you outlined above and in Value paste the library ID you copied before. Click ok. Under the Assignment tab, choose your group of users (the Scope tab should be left on default). Then, select Review and Create to create it.
Should be done now, right?
Well, not always. There’s a hole in their solution! Yes, it’s true. While the Microsoft instructions are published, there is a known bug that plagues admins trying to sync SharePoint sites to company devices. This issue is that the Library ID field that’s required when setting up sync has a character limit – and many SharePoint library address IDs go over this character limit.
*Note: Another problem with this method is that sync may not be reflected for up to 8 hours.
To fix this, you need to enter Powershell and run a script. While this is a little tedious it is a known working workaround. For all the info, you can check out S01E32 – Automating the Syncing of SharePoint Team Site Libraries – (I.T) by Intune Training on YouTube. The code to go along with the fix lives over on their github.
Deploying SharePoint Sites via Intune
It’s not always easy to configure all aspects of your Microsoft rollout, particularly when there are known existing issues that Microsoft themselves haven’t fixed as yet. If you are running into difficulties managing your Microsoft solution or SharePoint Online migration, then ask us if we can give you a hand.
We’re experienced in configuring all manner of complex rollouts, policies, groupings, etc., and we follow Microsoft best practices. We’ll show you all the best tips and tricks, having you feeling like a pro in no time. Contact us today to find out more.
Subscribe to our newsletter
Enter your email and stay in touch with the latest updates from A1.
You might also like…
- Technology is evolving faster than ever, allowing us to be far more productive at work. We now have a huge range of services...
- What is a Smart Office? Just picture this: You’re on your way to work, comfy in the back of your self-driving Uber, scrolling...
