MSEndpointMgr

Easy automapping “Office 365 Groups” drives with OneDrive

In this article, I will cover the bases on how I currently recommend moving classic department drives, from file shares to SharePoint Online in Office 365 using OneDrive’s sync functionality. Finally, I will unveil a login script that I have created, which will automatically sync all available Office 365 Group Drives for a user. Giving them easy access to files that live in SharePoint Online / Teams / Office 365 Groups / Unified Groups (Dear lord, please help people find this on google!).

UPDATE (July 2019): I have fixed some issues with the original script, which is still available. But you should consider using the new version located in my personal GitHub repository

N.B.: This is not a script that creates a drive letter, like the OneDriveMapper by Jos Lieben. Instead, this script saves you the hassle of having the user go click on the “sync” button on each document library in Sharepoint Online. But if you REALLY need a bloody drive letter, go oldsk00l with the SUBST command – that puppy still does some neat tricks!

The Preface

GDPR has forced many companies to reconsider what to do with their aging file shares – some choose to go with Office 365 as their new storage space for company files. And this will often lead them to use either SharePoint Online Sites with Document Libraries or the more modern Office 365 Groups. Which are, in essence, just SharePoint Document Libraries with added superpowers (yes, Microsoft Teams also uses these services for file storage).

The way forward

Because of the challenges with traditional file shares, and the overhead of classic SharePoint administration, I most often recommend using “Office 365 Groups” as a replacement for most types of file shares. And preferably bringing them to life through Microsoft Teams, as this gives them most functionality Exchange Online, so you won’t be crying later when you need that added functionality, like Teams integration. You can easily create a Team from an Office 365 group that you provisioned through Exchange Online, the other way around, though, requires some PowerShell magic.

A bonus of using Office 365 Groups is that their functionality is available from a variety of devices. And you might already have department groups just ripe for conversion to Office 365 Groups! Which will consolidate the work area for many types of departments – making things simpler, once users are on-boarded correctly to this new way of working (But that’s a whole other article waiting to happen!).

The BEST thing about using Office 365 Groups for your department files, is that I have created a script that will get your users on-board with the new religion – a lot quicker!

OneDrive sync, Powershell and the Microsoft Graph API to the Rescue

Graph API

Having looked high and low, I have not been able to find anyone who had even come close to fully Automating the mapping of Group Files in the OneDrive Client – So I took it upon myself to get to know the Graph API a little better.

The script that you are about to read has not been tested thoroughly, and is only able to map Unified Groups at the moment, though changes are relatively easy to make.

A great deal of work has gone into making the script modular and readable – and self-explaining enough for most scripters to play with it.

You will need to create an App Registration in Azure AD for the script to work, so you should be familiar with that. If not, the official docs explain it here. But we also show how to do this in another blog article.

There is a config section at the beginning of the PowerShell script, which should be the only place you need to mess around.

    #Required credentials - Get the client_id and client_secret from the app when creating it i Azure AD
    $client_id = "84567bce-ff05-4g6f-a98b-fff8a94d4dcf" #App ID
    $client_secret = "NShaTlgyiugliuygCvY+4IAHhjxNBnMUVFCCaSl5Q=" #API Access Key Password

    #tenant_id can be read from the azure portal of your tenant (check the properties blade on your azure active directory)
    $tenant_id = "8688f3f8-gg73-gggg-886b-f9a659b02231" #Directory ID

    #Set to $true to delete leftover folders from previous syncs (if false, nothing wil be synced if the destination folder already exists)
    $CleanupLeftovers = $true

    #Seconds to wait between each mount - not having a delay can cause OneDrive to barf when adding multiple sync folders at once. (default: 3 sec)
    $waitSec = 3

    #Special params for some advanced modification
    $global:graphApiVersion = "v1.0" #should be "v1.0"
    $documentsName = "Documents" #If you have a non English tenant, then you might need to rename this your own language (default: Documents)

Once done, execute the script as your user, and you should see it mapping up groups in your OneDrive client! That is, if you have configured the newest OneDrive client (AT LEAST v18+), and are running Windows 10 1709 as a minimum. Oh! And you might also want to create some Office 365 groups if you don’t have any.

Pay special attention to the permission required for the Azure App Registration (Files.Read.All, Group.Read.All, Directory.Read.All, and Sites.Read.All); they are quite a lot, so SECURE that script and the client secret!

Now get to the chopper!

AutoMapUnifiedGroupDrives.ps1 on GitHub (legacy version!)

Final Thoughts

Though not perfect, this script will (when running in the user’s context) tell Onedrive’s sync function to map all Office 365 Groups that have been made available to the user (Either owner or member).

Just for the sake of learning, I also created a Windows Store App that can let the users do the sync more securely, and it’s free!

A cleanup function would be nice for groups that have been left, but I wanted to leave something for others, so I hope to see some PULL requests on GitHub!

Although Microsoft announced, “Auto Mapping for Microsoft Teams Files” in Q4 2018, I am sure this script still has some use – at least for people wanting to get busy with the Graph API in the simplest way possible through Powershell.
Also, this is fully automatic. Microsoft’s solution is not!

To learn more about the Graph API, visit:
https://developer.microsoft.com/en-us/graph

Thanks for reading!

As always, I hope you enjoyed the article and leave some positive feedback (It helps to motivate me to do more articles on Microsoft Cloud solutions and Powershell scripting).

Let me know your thoughts by following/tweeting at me on Twitter @michael_mardahl

Michael Mardahl

Michael Mardahl is a seasoned IT pro with over 25 years of experience under his belt. He's a Microsoft Certified Cloud Architect at APENTO in Denmark, where he helps customers move from traditional infrastructure to the cloud while keeping security top of mind. When he's not working, Michael's either spending time with his family and friends or passionately blogging about Microsoft cloud technology. His expertise in this area has even earned him the prestigious title of Microsoft Most Valuable Professional (MVP) in both the Enterprise Mobility and Security categories. In short, Michael is the IT equivalent of a rockstar, but don't expect him to act like one - he's way too down-to-earth for that.

Add comment

Sponsors