Reconfiguring the OneDrive for Business Desktop Application

T2T Migrations – Relinking OneDrive for Business

In short, the user must unlink their OneDrive for Business client and relink it – but there will be remnants…

How smooth that is, depends on good upfront communications, the end-user IT maturity, when and how you decommission the users’ access to the source tenant data, and what their identity is set to in the target.

As yet, we have not come across a publicly available tool that a user can run that will fix / migrate their OneDrive for Business profile yet. We’re currently investigating writing a tool for this purpose.  A potential automation option is listed at the bottom of this document.

Notes on unlinking OneDrive for Business

ALL business accounts are unlinked including any other organisations users may be connected as part of ongoing collaboration.

Remnant files

Any files that were set as “Always keep on this device” (locally available) will remain on the Workstation after unlinking.  Meaning the user will inevitably have two copies of the same data when they link up OneDrive again.  This could lead to the users’ working in the wrong files, or dragging the whole lot to their new OneDrive “just in case”

After unlinking, if they had been set as “Clear space” then they will disappear from the Workstation

Typical cutover event:

SMPT Domain Name: remove and re-add

OneDrive client updates UPN changes

If you are taking over the SMTP Domain name(s) and keeping those same UPNs in the target, then you will also be removing those values  from users in the source and updating them with another UPN suffix, probably the MOERA value – username@tenant.onmicrosoft.com At least for a small time whilst you are in post-migration hyper-care period.

When you change a UPN in Office 365, OneDrive for Business client is aware of this and automatically updates itself to reflect this change and continues to work seamlessly for the user.

So before the users’ even get to the point where they will unlink and relink their OneDrive for Business Desktop App, ODfB will actually recognise that the source UPN has changed.

If you change a UPN look carefully you will see that the username settings have been updated in the App. (Just like the URL endpoint gets updated at some point)

Figure 1 UPN Change flows through

Business as usual right?

So on the Monday morning when the users come in, if they don’t immediately unlink their ODfB, and why would they it’s just sitting in the system tray looking normal so the users don’t believe there is anything to do, they will just continue to use the legacy OneDrive data.

If they double click the icon in the system tray etc or go to Windows Explorer they will open their normal cached local folder data.  If they choose view online, it will work perfectly (in their eyes) but they will be taken back to the SOURCE tenant.  Same on mobile devices.

For Mobile Devices we always recommend deleting the Outlook and OneDrive App completely and re-installing from the respective App Store

How to stop this (working as designed) behaviour?

Block Users is the best way.

Remove the Office 365 ODfB Licence

Well you can just remove the licenses, right?  Well actually no.  What we have seen is that once a user has ever been granted a SharePoint / OneDrive licence they can always get back to that data, assuming they were permissioned for it in the first place.  The URL still exists for 30 days (and longer for lithold)

Change the password and block sign-on

Change the password and block the users is your best bet.  The downside to this is that you will need to ensure that you are no longer syncing identities (as the blocked user and password details will flow unless you are doing some good attribute re-writes or filtering).  Also, if you need / want users to have the ability to go back and check old data (a common workaround post migration), then you can’t.

Unlinking OneDrive for blocked users

Timing is everything.

If you block the user for sign in, BEFORE they unlink their OneDrive, then previously they could not actually get to the settings because they can’t actually load OneDrive.

This seems to have been resolved now though with later versions of OneDrive thankfully, otherwise an uninstall and reinstall was required.

Your account has been locked

So, you may have to time the blocking appropriately, if you are to use this method.

Unlinking

We’re assuming here that the users will sign out of all Office Apps as well, like Word etc, and will be creating a new Outlook Profile.  Ideally both of those things should happen first.

  1.  Open Word and go to File \ Accounts and Sign Out
  2. Go to Windows Account Settings (Windows Key + I) \ Accounts \ Access work or school find your username and Disconnect
  3. There may be other Credential type clean-up activities

Unlinking ODfB is as easy as accessing the settings from the task bar.  Right click, More, Settings

Once a user has successfully unlinked their account, their normally BLUE OneDrive folders remain and become normal YELLOW Windows Folders.

LOGOFF

REBOOT Recommended

This is important if the user is taking over the same UPN otherwise the cached credentials from the previous log on and some other Registry information are attempted to be used. 

There was a problem connecting to OneDrive (Error Code: 0x8004de40)

Often it does not go well, and *CAN* you get into a kind of hybrid messed up state that is hard to recover from for the users because they can’t actually get logged on with those creds, and now they can’t unlink again.

This can require and uninstall and reinstall.

Re-Linking OneDrive for Business

Literally after rebooting the user should just be able to start OneDrive for Business in the normal way.

If they had a Personal OneDrive connected, then simply typing “OneDrive” from the start button will just take them to the personal area.  In this case the users might need to right click the white personal OneDrive icon on the task bar, go to settings and add account to activate OneDrive for Business.

After unlinking and relinking

Jane Smith was previously logged into Blanco Nero organisation, and is migrated to Zwarte Witte.

Now you can see the new folder structure and the new organisation name in the Blue Folder for the migrated user “Jane Smith”.

On the cutover weekend her Mailbox and ODfB files were migrated to Zwarte Witte.  On Monday morning she logged in, unlinked her OneDrive, rebooted and logged in with here jane.smith@blanconero.co.uk credentials.

Obviously the downside here is the remaining Yellow Folders from the previous Source tenant.

Users need to be sure to work in the NEW files and folders, not the old ones.

Ideally you really want to steer the users away from “dragging and dropping” “cut or copy / paste” these files into their migrated OneDrive, as that might literally double the size.

Right now though, that has to be delta with by comms.

Root Folder Name

You will probably know by now, or note that the bit after the OneDrive – is in fact your tenant Organisation name:

Organisation Name

Interestingly a cheeky little fudge is that you can set the target tenant Organization Name to the identical one from the Source – assuming that is even possible.  When you do this, and end users unlink and relink their ODfB client, then the folder data is merged.

Path of Least Resistance

Assign users new UPNs

Interestingly the path of least resistance and least chance of unexpected / unwanted behaviour is having your users assigned a brand-new identity (UPN) with a new password and the organisation name being completely different from the last.

Why?  Because then there is categorically no way of confusing legacy identity and data from new data.  The Workstation and cached credentials don’t get in a pickle trying to connect to the legacy tenant with legacy credentials.  A new folder in Explorer is presented and the reconfiguration that the end user has to do is clear and straight forward and easily documented.

Potential Automation Options

You can delete the reg key “Business1”
under Computer\HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\

This has worked successfully on the few workstations where this has been tested.  However this solution has had very limited testing, and we would strongly urge thorough testing before attempting to roll this out wide scale.

A logon script to run attrib.exe, kill OneDrive process, purge these registry keys  entries and then rename folder to the new tenant organisation name on cutover so that the directories merge could be possible.

Attrib.exe

Set all files and folders to Clear Space (online)

Attrib.exe

You can run the attrib command can set them all to either local or online.

Attrib.exe enables two core scenarios.

“attrib -U +P /S”

Makes a set of files or folders always available and

“attrib +U -P /S”

Makes a set of files or folders online only

  • /S  Processes matching files in the current folder and all subfolder
  • /D  Processes folders as well
  • /L  Work on the attributes of the Symbolic Link versus the target of the Symbolic Link

e.g. to set my whole OneDrive to NOT be on my local machine I can run

PS C:\Users\[myusername]\OneDrive - Nero Blanco IT Ltd> attrib.exe *.* +U -P /S /D /L

Conrad Murray

Conrad Murray has been working in IT for over 15 years specializing in the Messaging Arena and in particular IBM Domino and Microsoft Exchange and now of course Office 365. Working with like minded colleagues now specializing in very large scale complex migrations from Lotus Notes and On-Premise Microsoft Exchange to Office 365.

Leave a Reply

Your email address will not be published. Required fields are marked *

Search