Intune: Silently sign in users to the OneDrive sync app

Published on: May 10, 2024 | Reading Time: 2 min | Last Modified : May 10, 2024


In this article we will review the steps on how to silently log-in users to OneDrive from their windows device.


  • Intune Subscription in the Tenant
  • User should have Intune license assigned
  • Windows device (Windows 10 Windows 8.1 Windows 7 Windows Server 2019 Windows server 2016 Windows Server 2012 R2 Windows Server 2012 Windows Server 2008 R2)
  • Azure AD or Hybrid Azure AD join device


  • In Intune Portal, Go to Devices > Windows > Configuration profiles > Create profile. From there select Windows 10 and Settings Catalog > Click Create

  • Name Your Profile

  • Click Next. Click Add Setting

  • Search for One drive and select two policies given in the screenshots

  • “Silently sign in users to the OneDrive sync app with their Windows credentials”

  • “Silently move Windows known folders to OneDrive”

  • Enable both settings it from the side toggle bar

More details on First policy:

This setting silently sign in the users to the OneDrive sync app (OneDrive.exe) with their Windows credentials.

If you enable this setting, users who are signed in on the PC with the primary Windows account (the account used to join the PC to the domain) can set up the sync app without entering the credentials for the account.

More details on Second policy:

This setting lets you redirect known folders such as, Desktop, Documents, Pictures to OneDrive without any user interaction. In sync client builds below 18.171.0823.0001, this setting only redirects known folders to OneDrive (or known folders already redirected to a different OneDrive account

For this policy you have secondary option I.e., Show Notification to users after folders have been redirected (device)

If Customer want their user to receive notification when folders are being redirected select Yes, otherwise, No

  • For Tenant ID, Go to > Azure Active Directory > Properties

  • Copy the Tenant ID from here and paste in the second field in Intune portal

Now, assign the policy to the targeted Device group. Only device should be included in the group not users.

  • Sync the device, verify the status of policy, success or failure.
  • Restart the device, observe the changes. If taking long time (more than 3-4 minutes) advice cx to wait and let you know via email.