Posted on by SCCMOG

Deploying the OneDrive Client with SCCM MDT PowerShell

So a week or two ago I was asked by my Client to deploy the new OneDrive Sync Client. This after a little research I discovered was not quite as easy as I had first thought.

There are 2 ways to deploy the OneDrive Sync Client:

  • Personal – User logs in with their own credentials not linked to the  organisation.
  • Business – Pass though is enabled in the background and a Azure tenant ID must be linked to the OneDrive Client.

So the deployment for the personal Client is pretty Simple.. Download the latest OneDrive client from here. Then create the new application in SCCM or MDT using  “OneDrive.exe /Silent” as the install CMD line and “/uninstall” CMD line for… you guessed it, uninstall. Now this is a must “Install for User” deployment setting as this application is installed to the local APPDATA of the users account. The only slightly challenging thing, if you are not used to it that is, is to use a PowerShell script as a detection method for a ConfigMgr application. This is done due to ConfigMgr not being able to detect the local APPDATA of the user due to all installs being carried out by Software Center being driven by the System account of the machine.

if( ( Test-Path "$env:LOCALAPPDATA\Microsoft\Onedrive\OneDrive.exe" ) -and ( test-path "HKCU:\SOFTWARE\Microsoft\OneDrive\17.3.6390.0509" ) )
{
Write-Host "installed"
}
else
{
}

So… Simple script, tests the local APPDATA of the user that is logged in for the Exe and then also checks the HKCU (HKEY_CURRENT_USER). If it finds it it shouts out to ConfigMgr and ConfigMgr then considers that application installed. If not it says nothing and ConfigMgr will report the application not detect the application after install (Appenforce.log/Appdiscovery.log). Remember to update the version number to the current OneDrive version that you are installing.

So now we have the detection method lets talk about the script.

This deployment script took me a little time to work out as there are many steps that had to be done to ensure that the client installed and launched in the correct way as documented by Microsoft here. For those of you who kept on reading and didn’t read the documentation well, I will explain quickly how it works.

Firstly there must be a registry value  which consists of your azure tenant ID under the key:

  • HKU:\*****userSID****\SOFTWARE\Microsoft\OneDrive\Accounts\Business1

The Registry String Value is:

  • ConfiguredTenantID

And the Property of that string is your azure tenant id e.g:

  • 12345678-1234-1234-1234-123456789012

This is because when you launch the OneDrive.exe with the CMD line:

  • OneDrive.exe /configure_business:12345678-1234-1234-1234-123456789012

OneDrive knows to go off and check in that location in the registry in order to match it and kick off as OneDrive for Business instead of personal. This allows for pass-through and all the other goodies to be taken advantage of also. The only issue is that the simple installation is still the way it is installed, you then must launch OneDrive as the user to allow for the key to be checked and correct authentication to happen.

Note – OneDrive does not like being launched with Administrator rights.

Wait! I hear you shout… How do I then launch it as the user if ConfigMgr has installed it, the silent install just completes quietly in the background!?

Well this is where my simple but effective script comes in. It will figure out the logged on user and their domain and launch the application as them, this will however require them to pop in a password to authenticate and don’t worry.. I launch a warning before that happens to make sure they don’t freak out and click Cancel! So heres the script…

####Deploy OneDrive Script - SCCMOG######################################################################################
####03/06/2016####################################################################################################################

##Variables
$TenantID = "xxxxxxxx-xxxx-xxxx-xxxxx-xxxxxxxxxxxx"

##Windows 10 removal
If ((Get-WmiObject -Class Win32_OperatingSystem).caption -like '*Windows 10*') 
{
Start-Process "$env:windir\SysWow64\OneDriveSetup.exe" -ArgumentList "/uninstall" -Wait -NoNewWindow
}

#Get User Logged on SID - Domain Account
$objUser = New-Object System.Security.Principal.NTAccount($env:USERDOMAIN, $env:username)
$strSID = $objUser.Translate([System.Security.Principal.SecurityIdentifier])
$strSID.Value

#Get User Logged on SID - LOCAL
#$objUser = New-Object System.Security.Principal.NTAccount($env:username)
#$strSID = $objUser.Translate([System.Security.Principal.SecurityIdentifier])
#$strSID.Value

#Load HKEY_Users Hive
New-PSDrive -PSProvider Registry -Name HKU -Root HKEY_USERS

#Create OneDr
New-Item -Path HKU:\$strSID\SOFTWARE\Microsoft -Name OneDrive –Force
New-Item -Path HKU:\$strSID\SOFTWARE\Microsoft\OneDrive -Name Accounts –Force
New-Item -Path HKU:\$strSID\SOFTWARE\Microsoft\OneDrive\Accounts -Name Business1 –Force

$OneDriveID = "HKU:\$strSID\SOFTWARE\Microsoft\OneDrive\Accounts\Business1"

#Configure Tenant ID
Set-ItemProperty -Path $OneDriveID -Name ConfiguredTenantID -Value $TenantID -Force

#Unmount HKU
Remove-PSDrive -Name HKU

## Install OneDrive
If ((Get-WmiObject -Class Win32_OperatingSystem).caption -like '*Windows 7*')
{
Start-Process "$PSScriptRoot\OneDriveSetup.exe" -ArgumentList "/silent" -Wait -NoNewWindow
}
If ((Get-WmiObject -Class Win32_OperatingSystem).caption -like '*Windows 8*')
{
Start-Process "$PSScriptRoot\OneDriveSetup.exe" -ArgumentList "/silent" -Wait -NoNewWindow
}
If ((Get-WmiObject -Class Win32_OperatingSystem).caption -like '*Windows 10*') 
{
Start-Process "$PSScriptRoot\OneDriveSetup.exe" -ArgumentList "/silent" -Wait -NoNewWindow
}

##Start OneDrive With TenantID and User Credentials, Prompt for User understanding.
$OneDriveInstalled = "$env:LOCALAPPDATA\Microsoft\Onedrive\OneDrive.exe"

If (Test-Path $OneDriveInstalled)
{
Add-Type -AssemblyName System.Windows.Forms | Out-Null
[System.Windows.Forms.MessageBox]::Show("OneDrive for Business has been Successfully installed. Please enter your credentials into the next window to continue.", "SCCMOG - OneDrive",
[System.Windows.Forms.MessageBoxButtons]::OK,
[System.Windows.Forms.MessageBoxIcon]::Warning)
Start-Process "$OneDriveInstalled" -ArgumentList "/Configure_business:$TenantID" -credential "SCCMOG\$env:username"
}
Else
{
[System.Windows.Forms.MessageBox]::Show("OneDrive for Business has failed to install. Please contact the SCCMOG Service Desk on: 555-555-555.", "SCCMOG - OneDrive Failed",
[System.Windows.Forms.MessageBoxButtons]::OK,
[System.Windows.Forms.MessageBoxIcon]::Warning)
}

###The End :-)
#######################################################################################################################################

Leave a Reply

Your email address will not be published. Required fields are marked *

 

This site uses Akismet to reduce spam. Learn how your comment data is processed.