MSEndpointMgr

Deploy OneDrive Next Generation sync client with ConfigMgr

For businesses and organizations that have taken the path to cloud with Office 365, have most likely heard about the OneDrive for Business sync client. It’s unfortunately well known that this client had it’s drawbacks and Microsoft have been aware of this for some time now. A while back, the released what’s referred to as the OneDrive Next Generation sync client. It offered a lot of improvements, but was it demanded custom installations wrappers to deal with various command and registry keys. Yesterday, Microsoft released a new version of the OneDrive Next Generation sync client (17.3.6390.0509) with improvements to the deployment experience for administrators. The OneDrive Next Generation sync client offers end users to add both personal accounts and work accounts, all in the same sync client.
Microsoft has provided a short guide for how this new version can be deployed with ConfigMgr, however the method they’ve shared for the script detection method is not something that I’d recommend to my customers. It has a few flaws, for instance it doesn’t check the version of OneDrive.exe in addition to that it doesn’t determine the correct user profile path. This got me writing this post, so that administrators out there can be successful in their OneDrive Next Generation sync client deployments with ConfigMgr.

Download the OneDrive Next Generation sync client

The OneDrive Next Generation sync client can be downloaded from the following site:
https://onedrive.live.com/about/en-us/download/

Script Detection Method

Below is my take on how the script detection method used for the OneDrive Next Generation sync client should look like. This script gets the current logged on user and determines the profile path by matching the user name with the SID information in the UserProfileList registry keys. When the correct user profile path has been determined, it then validates the if the OneDrive.exe exists and is of the specified version. Remember, the script detection method should only output to the STDOUT (done by returning data to the pipeline in PowerShell) if the OneDrive.exe file exists. When the detection method is invoked prior to installing the application, if the OneDrive.exe file doesn’t exist it shouldn’t output anything which is interpreted by ConfigMgr as Not Installed.
Remember to define the minimum required version in the script from below, that you want to support. On a side note, the script below gets the logged on user name from the Win32_ComputerSystem class. The UserName property is only populated with a value if the user is logged on locally (console). When a user is logged on through RDP, the UserName property will be empty. That’s something to keep in mind.

# Set ErrorActionPreference
$ErrorActionPreference = "SilentlyContinue"
# Determine current logged on user
$UserName = Get-WmiObject -Class Win32_ComputerSystem | Select-Object -ExpandProperty UserName
# Create a hash-table for each UserProfileList with translated SIDs
$ProfileTable = @{}
$UserProfileListItems = Get-ItemProperty -Path "Registry::HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\*"
foreach ($UserProfileListItem in $UserProfileListItems) {
    $SecurityIdentifier = New-Object -TypeName System.Security.Principal.SecurityIdentifier($UserProfileListItem.PSChildName)
    $UserNameTranslated = $SecurityIdentifier.Translate([System.Security.Principal.NTAccount])
    if ($UserNameTranslated -ne $null) {
        $ProfileTable.Add($UserNameTranslated.Value, $UserProfileListItem.ProfileImagePath)
    }
}
# Determine user profile path from current logged on user
$UserProfilePath = $ProfileTable[$UserName]
# Construct OneDrive.exe path
$OneDrivePath = Join-Path -Path $UserProfilePath -ChildPath "\AppData\Local\Microsoft\OneDrive\OneDrive.exe"
# Validate OneDrive.exe file exists and check version
if (Test-Path -LiteralPath $OneDrivePath) {
    # Load required assembly to perform version check
    [System.Reflection.Assembly]::LoadWithPartialName("System.Version")
    # Set minimum required version
    $OneDriveRequiredVersion = New-Object -TypeName System.Version -ArgumentList "17.3.6390.0509"
    # Get existing OneDrive.exe version
    $CurrentOneDriveVersion = New-Object -TypeName System.Version -ArgumentList ((Get-Item -LiteralPath $OneDrivePath).VersionInfo | Select-Object -ExpandProperty FileVersion)
    # Return output to STDOUT if current OneDrive.exe version is higher than the minimum required version
    switch ($CurrentOneDriveVersion.CompareTo($OneDriveRequiredVersion)) {
        0 { return $true }
        1 { return $true }
    }
}

Create an Application in ConfigMgr

Even though the Microsoft official blog included a walk-through of how to create an Application in ConfigMgr for the OneDrive Next Generation sync client, I’ll add it as well just to point out how to leverage my improved script detection method.
1. Download the installation for OneDrive Next Generation sync client and store it in the Content Library.
200_1
2. In the ConfigMgr console, select to create a new Application.
3. Select Manually specify the application information and click Next.
200_2
4. Enter the application details and click Next.
200_3
5. Enter the Application Catalog details and click Next (dont forget the icon!).
200_4
6. On the Deployment Types page, click Add.
200_5
7. Select Script Installer as Type and click Next.
200_6
8. Enter the name for the Deployment Type and click Next.
200_7
9. Enter the content location and configure the Installation program text field to contain “OneDriveSetup.exe” /Silent. Click Next.
200_8
10. On the Detection Method page, select Use a custom script to detect the presence of this deployment type and click Edit. Note, this is important and you’ll need to do this in order to successfully deploy the OneDrive Next Generation sync client.
200_9
11. Select PowerShell as the Script type and copy the script detection method from earlier in this post into the Script contents field. Click OK.
200_10_2
12. Verify that the Script type and Script length fields have been updated and click Next.
200_11_2
13. On the User Experience page, select Install for system as for Installation behavior and make sure to select Only when a user is logged on as the Logon requirement. It’s important that you configure the proper Logon requirement, otherwise the script detection method won’t work. Click Next.
200_12
14. On the Requirements and Dependencies pages, configure any desired requirements and dependencies if necessary in your environment and click Next.
15. On the Summary page, click Next.
200_13
16. Click Close on the Completion page.
17. Back at the Deployment Types page, click Next.
200_14
18. On the Summary page, click Next.
19. And finally on the Completion page, click Close.
Distribute the Application to your Distribution Points and deploy it to a collection of your choice.

End user experience in Software Center

Below is a screenshot from my lab environment where I’m logged on locally, and the OneDrive Next Generation sync client have been installed successfully.
200_16

(18943)

Nickolaj Andersen

Chief Technical Architect and Enterprise Mobility MVP since 2016. Nickolaj has been in the IT industry for the past 10 years specializing in Enterprise Mobility and Security, Windows devices and deployments including automation. Awarded as PowerShell Hero in 2015 by the community for his script and tools contributions. Creator of ConfigMgr Prerequisites Tool, ConfigMgr OSD FrontEnd, ConfigMgr WebService to name a few. Frequent speaker at conferences such as Microsoft Ignite, NIC Conference and IT/Dev Connections including nordic user groups.

28 comments

  • I took a slightly different approach based off the script. Basically it eliminates some of the code to make it detect the current user and parses that to generate the OneDrive.exe location. This will also work for RDP sessions if required (persistent VDI). I also included the commented out section for my apps guys if they wanted to select the absolute version for whatever reason.
    # Update this to file version your detecting
    $Version = ‘18.131.701.2’
    # Set ErrorActionPreference
    $ErrorActionPreference = “SilentlyContinue”
    # Construct OneDrive.exe path for logged in user
    $OneDrivePath = “$env:SystemDrive\users\” + $env:username +”\appdata\local\microsoft\onedrive\onedrive.exe”
    # Validate OneDrive.exe file exists and check version
    if (Test-Path -LiteralPath $OneDrivePath){
    # Load required assembly to perform version check
    [System.Reflection.Assembly]::LoadWithPartialName(“System.Version”)
    # Set minimum required version
    $OneDriveRequiredVersion = New-Object -TypeName System.Version -ArgumentList “$Version”
    # Get existing OneDrive.exe version
    $CurrentOneDriveVersion = New-Object -TypeName System.Version -ArgumentList ((Get-Item -LiteralPath $OneDrivePath).VersionInfo | Select-Object -ExpandProperty FileVersion)
    # Return output to STDOUT if current OneDrive.exe version matches version
    # Remove “” from below and add this to the below “#Return Output if current version higher…”
    # if you want to detect a base version of Onedrive
    # Return output to STDOUT if current OneDrive.exe version is higher than the minimum required version
    switch ($CurrentOneDriveVersion.CompareTo($OneDriveRequiredVersion)) {
    0 { Return $true }
    1 { Return $true }
    }
    }

  • Hi – I am experiencing a different issue with this deployment. For me it shows up in the software center – when I try to install it fails – when I try second time it is successful. The exit code for both tries are 0. Don’t understand why it fails on the first GO.
    The error in the software center is 87D00324 x 2016410844. In the AppEnforce Log it says Waiting for process 2648 to finish – Process 2648 terminated with exit code 0.

  • why are these both true?
            0 { return $true }
            1 { return $true }
    Should one be false?

      • OK, I get it. It’s weird but it works.
        SCCM’s behavior is that if it gets any value returned AT ALL it thinks the script is “true”. The script will only allow onedrive to install if nothing is returned at all and the way this script works is that if your already installed version of onedrive is less than the version defined in the script nothing is returned, allowing SCCM to install onedrive. If your installed version of onedrive is equal or greater than the version installed then a value, either 0 or 1, is returned which tells SCCM to NOT install onedrive.
        The key here is the script will only output a value to STDOUT (either 0 or 1, it actually doesn’t matter) if the version already installed is higher to or equal to the required version.
        It’s kind of mind-bending for me (i’m not a coder) but it looks like “switch” is used ensure a STDOUT return value of $true only if the CompareTo function sees that the installed version is less than the required version. CompareTo returns 3 values it seems, -1, 0 and 1. As long as it returns 0 (equal) or 1 (greater than) then the already installed version is high enough and switch ensures a $true is returned to STDOUT and SCCM skips the install. If the CompareTo comes back with a -1 (installed version is less than the required version) then no value is returned to STDOUT via switch and SCCM continues on with the install.

  • An example to my post above for anyone else concerned:
    Else {$CurrentOneDriveVersion = New-Object -TypeName System.Version -ArgumentList “0.0.0.0”
    switch ($CurrentOneDriveVersion.CompareTo($OneDriveRequiredVersion)) {
    -1 { return $false }
    }
    }

  • Hi Nikolaj,
    I Agree with everyone here, brilliant script to take into account upgrade scenarios. One little suggestion though…
    In the event that OneDrive is uninstalled (for whatever reason) the “Application Deployment & Evaluation Cycle” in SCCM will not be able to detect the $CurrentOneDriveVersion variable because of the “If (Test-Path)” line…
    You might need an “Else” statement to handle scenarios where the “If (Test-Path)” fails to detect onedrive.exe (3 lines above) and then sets the $CurrentOneDriveVersion variable to
    Major: 0
    Minor: 0
    Build: 0
    Rev: 0
    You might want to return a $false in this scenario too? (if $false -eq to Not Insalled)

    • Hi James,
      On my side, the xcopy does not work. OnedriveSetup.exe is protected by “TrustedInstaller”.
      Did you take ownership and modified the security before overwritting the file?
      Thanks!
      Best Regards,
      Fabian

  • My work around was this, since the above script did not work and I had to finish the images before our school year started. Download the latest Onedrive client. Create a package pointing to the folder with that client. Then I added a Run Command Line step in my Task Sequence which just copies the new version of the Onedrive client to the C:\Windows\syswow64 folder. I also selected the package I created below the command line.
    I did this because every time a new user logs in, Windows 10 runs that onedrive.exe file. So it updates and runs for the first time.
    Run Command looks like this:
    xcopy “.\*.*” “C:\Windows\SysWOW64” /D /E /C /I /Q /H /R /Y /S

    • Hi James,
      Thanks for the info.
      Please share the code for this work around.
      Thanks

  • Hi!
    Love the process and your page.
    I’m having trouble with this script though. It works fine for upgrading pcs that already have previous versions of OneDrive, but it doesn’t install when no OneDrive exists at all on the pc.
    Any clues for the clueless? 🙂

  • Hi,
    nice script!
    – If you get “The application was not detected after installation complete” try with: user experience – “Allow users to view and interact with program installation”

  • Hello Nickolaj ,
    I was deploying “OneDrive Next Generation” with this detección method on a collection of around 300 conputers.
    And 47 conputers showed the next error
    “The application was not detected after installation complete”
    Do you have any reference about this error means??
    Tanks you

    • I’m having the same issue… getting a “The application was not detected after installation complete” error.
      Any ideas?

  • […] Hi, I have been trying to get Onedrive NG to deploy with SCCM. Since it only likes to install per user i have it set to deploy to the specific computer collection after the image. When it attempts to install i get a "Past due-will be installed" message next to the application in Software Center. When I Retry the install it completes. How, if you are, deploying Onedrive NG with SCCM 2012? I used this page as a reference to get the Application built: Deploy OneDrive Next Generation sync client with ConfigMgr | System Center ConfigMgr […]

  • Great article Nickolaj! I followed instructions and everything works except that OneDrive is not installing when the user log on. OD shows up on “Software Center” and status shows “Past Due – Will be installed” but the job never kicks in. However, I can manually start the installation via software center. Any help will be appreciated. I also checked appenforce.log and there seems to be no errors there.
    Jason

    • I get the same.
      Can manually hit the “Retry” and it runs correctly; however running a manual “Application Deployment Collection Cycle” refresh and it behaves the same way over and over.

    • I am also getting the “Past Due-Will be installed”. If I go into Software Center and run the install again manually it works.

      • I am getting the same problem as well, if I run the install manually from the Software Center it works. Did anybody find a fix for this?

  • Looks like there are a few coding issues in your script…
    *You return true for both cases in your switch statement.
    *And compareTo can return a -1 value if Current Version is less than required.

    • Hi Brian,
      No, this is by design. I don’t want to install a version that is older than what’s currently deployed.
      Regards,
      Nickolaj

  • Hello Peter,
    Great article. Do you know if we can control the installation of updates of the OneDrive client via SCCM (like Office365 client updates) ? Currently there is no control and whenever a new version is available, the client updates itself, which isn’t ideal in an enterprise environment.
    Thanks for your feedback.
    Iliass

  • Is there still no method of incorporating this into a machine image?
    We’re looking to use ODfB with folder redirection…but can’t if its a user based install that has to be run after a user is already logged in.

Sponsors