OneDrive guide for enterprises

  • Article
  • 37 minutes to read

With Microsoft OneDrive, yous can easily and securely store and access your files from all your devices. Yous can work with others regardless of whether they're inside or exterior your system and terminate that sharing whenever you lot want. OneDrive helps protect your piece of work through advanced encryption while the data is in transit and at remainder in information centers. OneDrive also helps ensure that users adhere to your almost rigorous compliance standards by enabling them to cull where their data lives and providing detailed reporting of how that data has changed and been accessed. OneDrive connects yous to your personal and shared files in Microsoft 365, enhancing collaboration capabilities within Microsoft 365 apps. With OneDrive on the web, desktop, or mobile, you can access all your personal files plus the files shared with yous from other people or teams, including files from Microsoft Teams and SharePoint.

Why deploy OneDrive?

OneDrive provides a robust but simple-to-apply cloud storage platform for modest businesses, enterprises, and everything in betwixt. Unlike other cloud storage providers, most of the avant-garde enterprise-focused features in OneDrive are available for every subscription type, enabling companies to use OneDrive in any way benefits their business the near – whether that's simply a cloud-based file share for a minor business or a highly utilized storage system that provides the footing for all collaboration inside an enterprise. At its core, however, OneDrive enables yous to securely share and piece of work together on all your files. With OneDrive, you tin can:

  • Access files from all your devices. Admission all your personal files and those files others share with you on all your devices, including mobile, Mac, and PC too as in a web browser.

  • Share within or outside your system. Securely share files with people inside or outside your system by using their electronic mail accost, even if they don't have a Microsoft Services Business relationship. This common sharing experience is available in the spider web, mobile, and desktop versions of OneDrive.

  • Collaborate with deep Microsoft Office integration. Document coauthoring is bachelor in Office for the spider web, Role mobile apps, and Office desktop apps, helping you maintain a single working version of any file. Only OneDrive provides coauthoring capabilities in Office apps across all your devices.

  • Quickly find files that matter most. Finding content in your OneDrive is simplified through the intelligence of the Microsoft Graph application programming interface. This technology simplifies finding what'southward important past providing file recommendations based on your relationship to other people, how y'all received diverse files, and when you last accessed them.

  • Protect your files with enterprise-form security. OneDrive has many security and compliance features, enabling you lot to see some of the strictest compliance requirements out there.

The Microsoft 365 family of products, which includes Office, Microsoft Outlook, SharePoint, Teams, OneDrive, and Yammer, provides a complete, intelligent, and secure solution to empower employees. Together, the Microsoft 365 applications unlock inventiveness and encourage teamwork through product integration and a simple user experience, all while providing intelligent security to help go on your data safe. In addition, Microsoft Graph enables you to collaborate with and report on the information within many of the Microsoft 365 applications.

Key OneDrive features

Unlike almost other cloud storage providers, OneDrive makes most of its avant-garde features available to all subscription types. This gives smaller organizations the flexibility to utilise standard features out of the box, and configure advanced features based on the needs of their organisation.

The features listed in this section address mutual client concerns or specific compliance requirements, or provide unique functionality available only in OneDrive:

  • Known Folder Motion

  • Files On-Demand

  • Modern attachments

  • Real-fourth dimension team collaboration: Coauthoring in full versions of Microsoft Discussion, Excel, and PowerPoint

  • Seamlessly connecting files to conversations

  • Files Restore

  • Recycle bin

  • Data loss prevention (DLP)

  • eDiscovery

  • Auditing and reporting

  • Encryption of data in transit and at rest

  • Customer-controlled encryption keys

  • Customer Lockbox

  • Hybrid integration with SharePoint Server

  • Multi-geo data residency

  • Government cloud

For a full list of feature availability across OneDrive plans, encounter Microsoft OneDrive. More in-depth descriptions for some of these features follow.

Known Folder Movement

Known Binder Move makes it easier to motion files in your users' Desktop, Documents, and Pictures folders to OneDrive. This lets users proceed working in the folders they're familiar with and access their files from whatsoever device. It also helps you make sure your users' files are backed upwards in the deject if anything happens to their device. For more info, see Redirect and move Windows known folders to OneDrive.

Files On-Need

OneDrive Files On-Demand enables users to view, search for, and collaborate with files stored in OneDrive from inside File Explorer without downloading them all to their device. The characteristic provides a seamless look and feel for both OneDrive and local files without taking up space on the local difficult drive. Files that accept non been downloaded have a cloud icon for their status, every bit shown below. For those files that accept been downloaded, the condition shows a green checkmark.

Screenshot of Windows Explorer showing some OneDrive on disk and some in the cloud

Natively, files will be downloaded merely when you need to admission them. All the same, if you program to access a file while disconnected from the internet, you can brand the file available offline by correct-clicking it, and then selecting Always keep on this device. Alternatively, if you want to free space on your device and remove the downloaded copy of a file, correct-click the file, and then select Gratuitous upwards space. The following image shows the correct-click carte for OneDrive files on a calculator running the Windows operating organisation.

Screenshot of the right-click menu in Windows Explorer showing options to keep the file on disk or in the cloud

For more info about OneDrive Files On-Demand, meet Learn well-nigh OneDrive Files On-Demand.

Mod attachments

OneDrive integrates with Outlook to allow seamless sharing of OneDrive files that appear simply like email attachments. This characteristic provides a familiar sharing experience only centralizes storage of attachments in OneDrive, providing collaborative benefits such as version control typically lost when users email documents dorsum and along. In add-on, you can configure sharing permissions on the files straight from within the Outlook app. For an case of a document in OneDrive being attached equally a link to an email, too as the experience of irresolute the sharing permissions on the link, see the following paradigm.

Screenshot of Outlook showing a modern attachment and the right-click menu with permissions options

To reduce the potential for defoliation when users choose to add together a copy versus a link to attached OneDrive files, you can set the default behavior of the Outlook app, equally demonstrated in How to command default attachment country when you attach a deject file in Outlook.

Files Restore

The OneDrive Files Restore characteristic enables users to restore files to any point over the by 30 days. To select the desired recovery fourth dimension, OneDrive presents users with a histogram that shows file action then that they can determine which recovered time meets their needs. From in that location, users tin can select the file history entry to which they want to restore, and all changes after that point will be rolled back. The post-obit paradigm shows the Files Restore experience for a user.

Screenshot of the Restore my OneDrive screen

In improver, because the histogram shows individual activity on a file, users can employ this characteristic to quickly view their files' modification history. For more than info near this feature, see Restore your OneDrive.

Recycle bin

OneDrive has a recycle bin like to the one available on the Windows desktop. Deleted files are moved to the recycle bin and kept for a designated time earlier being permanently deleted. For work or school accounts, deleted files are purged after 93 days unless configured otherwise. For a sit-in virtually how the recycle bin works, meet Restore deleted files or folders in OneDrive.

Auditing and reporting

OneDrive has detailed reporting and auditing capabilities for files information technology stores as well as for those files stored through other services that apply OneDrive for storage, such every bit Microsoft SharePoint. In add-on, you tin audit individual file deportment, including downloads, renames, and views.

The Microsoft 365 admin centre handles reporting for cloud services, including OneDrive. Yous can view historical information like storage usage by user and for the organisation, total file and active file counts, and account activity. The post-obit prototype shows an example of a OneDrive report for file usage over the by 30 days in the Microsoft 365 admin heart.

Note

To consign this info to a .csv file, select Export.

Screenshot of the 30-day file usage report

You can also eat this info in Power BI by using the Microsoft 365 usage analytics content pack. Using this content pack, you can visualize and analyze usage information by using prebuilt graphs and charts or by creating custom reports to gain insight into how specific regions or departments within your organisation are using Microsoft 365. For more info about this content pack, meet Microsoft 365 usage analytics.

Encryption of data in transit and at rest

OneDrive uses avant-garde data-encryption methods between your device and the information center, betwixt servers in the data centre, and at residuum. At rest, OneDrive uses disk encryption through BitLocker Drive Encryption and file encryption to secure your data. Each file is encrypted with its own encryption key; anything larger than 64 KB is split into individual chunks, each of which has its own encryption key locked in a central shop.

Each file chunk is so randomly distributed amidst Microsoft Azure Storage containers, and a construction map for the consummate file is stored in a split secure content database. For attackers to access the file, they would need all the file chunks, the keys, and the map—a highly improbable chore. For more info about this procedure, see Data Encryption in OneDrive and SharePoint.

Customer-controlled encryption keys

By using a Microsoft 365 characteristic called service encryption with Customer Fundamental, you can upload your own encryption keys to Azure Key Vault for use encrypting your data at residual in Azure information centers. Even though this encryption is done natively through BitLocker, customers tin can require the use of their own key to come across their security compliance requirements. Should users lose their primal, they tin remember a deleted key from the Recycle Bin for upwards to 90 days (based on your configuration). Before you can apply this feature, withal, you must create an Azure subscription and complete a few prerequisite steps. For detailed info about service encryption with Customer Key, and how to configure it in your environment, run into Decision-making your data in Microsoft 365 using Customer Key.

Customer Lockbox

If a Microsoft back up engineer needs to admission your data to resolve an issue, that engineer is required to obtain approving from a Microsoft managing director first. The Customer Lockbox characteristic adds a requirement to that process: you must corroborate or reject that access before the support engineer can access your information. With Customer Lockbox, you can as well fix boundaries on how long the engineer tin access your data, and all activity during that time is logged for auditing purposes. For more info most how to configure and use the Customer Lockbox feature, see Customer Lockbox in Office 365.

Microsoft Trust Center

Microsoft Trust Center provides info about Microsoft's trust policy, how Microsoft products assistance you protect your data and maintain your customers' and users' trust, and why you should trust Microsoft products with your information. The following two categories provide details about Microsoft 365 and OneDrive data privacy, compliance, and security:

  • Microsoft Trust Center. Privacy, compliance, and cybersecurity are equally important to Microsoft as they are to you. For info about how Microsoft 365 can help you increase employee productivity while helping you safeguard your data, see Microsoft 365 in the Microsoft Trust Center.

  • General Data Protection Regulation (GDPR). This new European Wedlock regulation changes how companies are required to handle information and the transparency with which they collect it. Windows 10 and Microsoft 365 with OneDrive requite you GDPR-compliant tools that you can integrate into your overall information integrity story. For answers to some common questions about GDPR compliance with OneDrive and SharePoint, encounter GDPR Compliancy with OneDrive and SharePoint. For a complete listing of helpful resource about GDPR, see Resources for GDPR compliance. For other helpful info about OneDrive, see the Microsoft OneDrive Web log.

Multi-Geo data residency

Multi-Geo is Microsoft 365 characteristic that allows organizations to bridge their storage over multiple geo locations and specify where to store users' data. For multinational customers with data residency requirements, you can use this feature to ensure that each user's data is stored in the geo location necessary for compliance. For more info near this feature, see Multi-Geo Capabilities in OneDrive and SharePoint.

Government cloud

OneDrive is bachelor in Office 365 U.S. Government plans. For info virtually these plans, see Role 365 U.S. Government.

Deployment and management options

Yous tin deploy and manage OneDrive in many ways, but certain options make more sense in larger organizations than in smaller businesses and vice versa. For case, information technology probable wouldn't brand sense to have an enterprise management solution like Microsoft Endpoint Configuration Manager for a concern that has only 10 employees. Table 1 outlines the deployment and management tools typically used for small businesses, medium-sized businesses, and enterprises.

Note

Keep in listen that an system in ane size category would probably incorporate boosted options from other size categories. This table is not intended to exclusively identify a engineering with a specific business size.

Size of organization Deployment tools used Management
Small business Local installation Microsoft 365 admin centre, SharePoint admin eye
Medium-sized business concern Scripted installation or Microsoft Intune mobile device direction (MDM) Function 365 with MDM, SharePoint admin center, PowerShell, Intune mobile application management (MAM) or MDM
Enterprise Microsoft Endpoint Configuration Managing director with Intune or Windows Autopilot Microsoft Endpoint Configuration Manger, Grouping Policy, PowerShell, and so on.

Depending on where your organization fits in this table and the technologies available to yous, you lot can choose which portion of this guide to use. For instance, if yous run a small business organisation, you lot may want to keep your OneDrive deployment simple past installing the sync app manually on your employees' computers and using the SharePoint admin centre to manage a few settings for your users. Alternatively, if you're running an enterprise, y'all may choose to deploy and manage OneDrive by using avant-garde tools similar Microsoft Endpoint Configuration Manager and Group Policy, and yous could use the sections that correspond to those tools, instead. To conform diverse situations, the deployment and management portions of this guide are in a modular format and then that yous can consume the document in the style that best aligns with your deployment needs and capabilities. This format besides provides visibility into alternate technologies to improve your current processes.

Prerequisites

  • System requirements. Even though you lot can upload, download, and interact with your OneDrive files from a spider web browser, the ideal OneDrive experience comes from the Windows and Mac sync apps and the iOS and Android mobile apps. With that in mind, OneDrive is available for almost operating systems and browsers and requires minimal hardware. For a total list of system requirements for using OneDrive, meet OneDrive organisation requirements.

  • License requirements. There are multiple methods past which you can learn a license for OneDrive. Notwithstanding, a few OneDrive features are bachelor only within certain licensing models. For info nearly the licensing requirements for OneDrive, its avant-garde features, and whatever special licensing required for them, come across Part 365 plans.

Deployment process

When deploying any new technology, there's ever an platonic process to follow to ensure that you deploy it correctly. This section covers the loftier-level planning and deployment steps to help ensure that your OneDrive deployment is successful.

Note

OneDrive deployment tin be as simple as a local installation and may not require all the steps in this department. For example, the "Determine devices" and "Align technologies" sections may not be applicable to small concern interested in performing a simple installation of OneDrive.

Decide devices

Your organization doesn't accept to manage all connected devices for them to employ OneDrive, merely securing and managing the interaction with the data do require a layer of management capabilities. Start by determining which types of devices—iOS, Android, Windows 10—require access to OneDrive and who owns them (the business organisation or the employee). Put this info in a spreadsheet to assist you lot decide which capabilities y'all need from your applied science solutions. Some management options are more than suitable for devices that the organisation owns and manages. Regardless of the platform running OneDrive and who owns it, the following direction options are available to y'all:

  • Microsoft 365 admin center and SharePoint admin center

  • Microsoft 365 MDM

  • Intune MDM or MAM

For Windows 10 devices that are joined to a domain, you have the additional option of using Grouping Policy for management. Likewise, for those devices that are endemic and managed by the organisation, you can utilise Microsoft Endpoint Configuration Manager to deploy OneDrive.

Align technologies

When you've identified the devices that require access to OneDrive, you lot and then identify the technology options available to you or that align with your organization'due south size. If you're considering implementing a new deployment and direction solution, the table in How organizations deploy and manage OneDrive lists the technologies that make the near sense based on organization size. Using this info, you can align the technologies you need or already have with the deployment and management capabilities that fit the devices you need to manage.

Deploy, secure, and manage OneDrive

Y'all deploy, manage, and secure OneDrive based on the tools yous chose in the previous steps. Each technology has different deployment, update, and management options, so when deploying OneDrive, y'all must first consider whether y'all demand to upgrade existing devices. Too, securing OneDrive may include both client-side and cloud service–side configuration. Lastly, be sure to consider data compliance requirements, such equally dedicated storage regions.

OneDrive limitations

Because OneDrive provides access to files on many kinds of devices, it restricts the use of certain characters, file names, and binder names. In addition, certain features are available only in the Windows operating organization. For a full listing of these and other limitations of OneDrive, encounter Invalid file names and file types in OneDrive and SharePoint.

Feature releases and requests

If you want to see the functionality currently under development for OneDrive and Microsoft 365, bank check out the Microsoft 365 Roadmap or the Microsoft OneDrive Blog.

Keys to successful user adoption

User adoption is important to the overall success of whatever new application. Ideally, to feel that yous have maximized your investment in Microsoft 365 and OneDrive, you demand to maximize user engagement with them. To practise that, start past focusing on iii critical success factors:

  • Stakeholders. Securing the participation and buy-in of key people inside your system is critical to successful user adoption. This support can come from business-focused leaders, It leadership, or anyone else who has a vested interest in seeing OneDrive and Microsoft 365 succeed in the organization. It is important to have both executive or business leader support and product champions to assist behave the cognition to their peers. Whether you lot're formally delegating the product champion part or assuasive it to abound organically, champions are mission critical to user adoption. In fact, a SharePoint user study in 2013 showed that people adopt to acquire from a coworker than from an IT employee. For more info well-nigh how to place central stakeholders for your OneDrive and Microsoft 365 implementation, see the Identify primal stakeholders guide. For more info nearly building a sustainable champion customs, meet Build a champion programme.

  • Scenarios. When planning to implement OneDrive and Microsoft 365, identify and ascertain your business scenarios and how those scenarios align with the benefits of implementing OneDrive and Microsoft 365. Work with your key stakeholders to identify the goals of the business scenarios, and and so match those goals against usage scenarios. For case, a business goal may exist to maximize user productivity; a cardinal usage scenario enabling that goal would exist using OneDrive to access files from mobile devices, PCs, and Macs. For aid with this process, run across the Productivity Library.

  • Awareness and preparation. Creating sensation through awareness campaigns such every bit announcements, launch events, newsletters, town hall meetings, contests, and giveaways is a disquisitional path to maximizing adoption. In addition, providing users with knowledge through classroom-manner sessions and self-help guides helps them feel empowered to utilise OneDrive and Office 365.

Many resources are available from Microsoft to assist you lot bulldoze user adoption within your environment. For more info most a recommended Microsoft 365 user adoption strategy, run across the Microsoft 365 Stop User Adoption Guide. For more info about driving user engagement, see Success Factors for Office 365 Finish User Date. Yous tin can also contribute to or comment on adoption-related ideas in the Driving Adoption Tech Community.

Preparing your environment

Earlier you deploy OneDrive, prepare your environment.

Network utilization

Various factors can impact the amount of network bandwidth used by OneDrive. For the best experience, we recommend that you assess this impact before doing a total OneDrive deployment beyond your organization. The commodity Network utilization planning for the OneDrive sync app includes the recommended process for determining your network bandwidth needs for OneDrive. Exist sure to include this as office of your deployment program.

Multi-Geo

If you accept data residency requirements, consider OneDrive Multi-Geo. With OneDrive Multi-Geo, y'all tin specify a preferred data location (PDL), from available locations effectually the world, for each user's OneDrive. For detailed info about OneDrive Multi-Geo, run across Multi-Geo Capabilities in OneDrive and SharePoint in Microsoft 365.

If you plan to deploy OneDrive Multi-Geo, there are 2 user scenarios:

  • Users who outset using OneDrive earlier you configure OneDrive Multi-Geo – their OneDrive will be located in the central location one time yous configure OneDrive Multi-Geo. If yous need to move a user's OneDrive to a different geo location, follow the steps in Move a OneDrive site to a different geo-location.

  • Users who start using OneDrive after y'all configure OneDrive Multi-Geo – you can configure their preferred information location as office of your general user onboarding procedure and their OneDrive will be created in the appropriate geo location.

Features such as file sync and mobile device management work normally in a multi-geo environment. There's no special configuration or direction needed. The multi-geo feel for your users has minimal divergence from a unmarried-geo configuration. For details, see User experience in a multi-geo environment.

If you programme to configure OneDrive Multi-Geo prior to deploying OneDrive for your users, meet Plan for OneDrive Multi-Geo, and follow the steps in OneDrive Multi-Geo tenant configuration.

Key decisions:

  • Do y'all plan to use OneDrive Multi-Geo?

  • Will yous take OneDrive Multi-Geo fully configured before your users start using OneDrive?

Hybrid

If y'all currently use OneDrive or MySites in SharePoint Server on-premises, we highly recommend deploying hybrid OneDrive. With hybrid OneDrive, users are redirected from their on-bounds OneDrive to OneDrive in Microsoft 365. Hybrid OneDrive allows for seamless navigation to OneDrive in the cloud from both SharePoint on-premises and Microsoft 365.

When y'all deploy hybrid OneDrive, the OneDrive links in the SharePoint Server ribbon and app launcher will bespeak to OneDrive in Microsoft 365. If your users accept files in on-bounds OneDrive, they may take trouble accessing them unless they've bookmarked the old URL. It's important to have a migration plan for these files before you lot deploy hybrid OneDrive. For migration options, see Migrating data later in this commodity.

If you don't use OneDrive in SharePoint Server, but you practise have an on-premises SharePoint surround, you may yet want to consider deploying hybrid OneDrive. Doing and then will update the OneDrive navigation links in SharePoint Server to point to OneDrive in Microsoft 365 – again, giving your users seamless navigation to OneDrive in the cloud from either location.

For more info nigh how to configure OneDrive in a hybrid scenario and how it works, see Plan hybrid OneDrive.

SharePoint hybrid has a multifariousness of features to create a seamless feel when using both SharePoint Server and SharePoint. If you're planning to configure hybrid OneDrive, consider including other SharePoint hybrid features for a amend overall user feel. For more info, see Explore SharePoint Server hybrid.

After yous've migrated your users' files from on-bounds OneDrive and configured hybrid OneDrive, to salve disk space, you can reduce the quota for your on-premises OneDrive acme-level site drove to a minimal value.

Primal decisions:

  • Practice you desire to deploy hybrid OneDrive?

  • Do your users have OneDrive on-bounds data that needs to be migrated to OneDrive in Microsoft 365?

Information protection

OneDrive shares can contain sensitive info that could impairment your system if information technology were shared with the wrong people. This section provides info about how to help prevent accidental data leakage and protect your data by controlling who tin can access it.

Information rights management–protected file synchronization

If you're using data rights management (IRM), OneDrive can synchronize those file libraries and provide a seamless experience for users. For detailed information about how OneDrive handles IRM, see How Office applications and services support Azure Rights Direction. For OneDrive to synchronize these IRM-protected libraries, all the same, additional configuration is required, including deploying the latest Rights Direction Services (RMS) customer to your users' computers. For details nigh the additional configuration required for OneDrive to back up IRM libraries, see SharePoint and OneDrive: IRM Configuration.

Windows Information Protection

You tin can utilize Windows Data Protection (WIP) to help forbid data leakage by deploying application or device policies that restrict how your employees can store, access, and use your organisation'south information. For example, yous can restrict users to synchronizing files that contain company data only to OneDrive and not to personal deject storage providers similar Dropbox. For info about how to utilise WIP, run across Protect your enterprise data using Windows Data Protection (WIP).

If you've decided to use Windows Information Protection with OneDrive, see the following resource to prepare up your Windows Data Protection policies:

  • Create a Windows Information Protection (WIP) policy using Microsoft Intune

  • Create a Windows Information Protection (WIP) policy using Configuration Managing director

Azure Information Protection

Azure Information Protection is a cloud-based solution that helps organizations classify, label, and protect their documents and emails. This classification can occur automatically when administrators define rules and atmospheric condition; manually by users; or both, where users receive recommendations. Users can synchronize Azure Information Protection–protected files to OneDrive later on y'all have configured their accounts to practice then.

For more than info about Azure Information Protection, see What is Azure Information Protection? You tin add together Azure Information Protection to your Role 365 subscription on the Subscriptions page of the Microsoft 365 admin center.

If you have decided to use Azure Data Protection, to configure the necessary settings for it to work with OneDrive, run across Function 365: Configuration for online services to use the Azure Rights Management service.

OneDrive integration with other Microsoft 365 features

OneDrive integrates with many other applications, such as SharePoint, Teams, and Yammer. With that integration comes the necessity to protect the information stored in OneDrive. When considering security, for example, think nearly potential leakage scenarios through each integrated awarding and apply WIP, IRM, Azure Information Protection, or another protection option to assistance prevent unauthorized access. For info about how these products integrate with each other to provide a better collaboration solution and how they can introduce additional vectors for data leakage, see How SharePoint and OneDrive interact with Microsoft Teams. Nosotros also recommend that you download the Microsoft Teams and related productivity services in Microsoft 365 for IT architects poster.

Sharing options

You can specify sharing options such as the default sharing type for users, with whom they tin share, and how long sharing links remain active.

These are the key decisions effectually sharing for OneDrive:

  • Do you lot want to permit external sharing? If you enable external sharing for OneDrive, your users will be able to share files and folders with people outside your organization.

  • If y'all allow external sharing, do you want to allow unauthenticated users? If you lot enable sharing with Anyone, users can create sharable links that don't require sign-in.

  • What practise you want the default sharing link to be? Users can cull which type of link to send (Anyone, People in your organization, or Specific people), simply you lot can choose the default option that is presented to users.

  • Exercise you want to restrict external sharing by domain? You can restrict external sharing to specific domains or prevent sharing with specific domains.

Notation that the OneDrive sharing settings are a subset of the SharePoint sharing settings. If you want to allow external sharing in OneDrive, it must be enabled for SharePoint. For more info, see File collaboration in SharePoint with Microsoft 365.

Data retention

When a user leaves your organization and you've deleted that user'due south account, what happens to the user's data? When because information retention compliance, determine what needs to happen with the deleted user'southward data. For some organizations, retaining deleted user data could exist of import continuity and preventing critical data loss. The default retentiveness policy for deleted OneDrive users is 30 days. Y'all can configure the setting to a range between 0 days and iii,650 days (x years).

For more info nigh OneDrive memory, encounter OneDrive retention and deletion and Learn about retentivity policies.

Cardinal decision:

  • What data retentiveness fourth dimension practice you need for your organization?

Migrating data

A key task in deploying OneDrive for your organization is a program to migrate your users existing files to OneDrive. Depending on where these files are kept, there are several options, discussed below. You can choose 1 or more of these options depending on the number and location of files that you need to migrate.

Another planning consideration is who will be migrating the information. Normally, a user'south OneDrive is created the first time they admission OneDrive. If you will be migrating your users' files on their behalf earlier they begin using OneDrive, you may need to pre-provision OneDrive for each of them. (This tin can exist done with a PowerShell script.)

Go on in heed that whatever of the migration options listed beneath may result in a surge of network activeness equally big numbers of files are migrated to OneDrive.

Cardinal decisions:

  • Which of the following migration methods practice you want to utilise?

  • Are you configuring hybrid OneDrive? (See the hybrid department of this article for the considerations around this option.)

  • Exercise y'all need to pre-provision OneDrive for your users? (Are yous migrating files before users have started using OneDrive?)

Files in on-bounds OneDrive or MySites libraries

If users' existing files are in on-premises SharePoint, OneDrive, or MySites, yous can apply the SharePoint Migration Tool to migrate the files to Microsoft 365. For info, run across Overview of the SharePoint Migration Tool (SPMT).

The SharePoint Migration Tool can be used past your Information technology section to migrate files for users. This is the recommended method of migration for files in an on-bounds SharePoint subcontract.

Files on users' local known folders

If user files are located in Windows known folders such as their Desktop, Documents, or Pictures folders, you can use Known Folder Movement to move and redirect these locations. You can enable this feature during the initial rollout of OneDrive or sometime later. For more info, meet Redirect and move Windows known folders to OneDrive.

Files in other local disk folders

If users take other work files in various locations on their computers, it's often easiest for them to manually move the files to OneDrive. After you lot deploy the OneDrive sync app to your users' computers, y'all can instruct them to motility their work files to the OneDrive binder on their computer.

Files in file shares or other cloud providers

You can use Migration Manager to migrate these files to OneDrive. Migrate files shares to Microsoft 365 with Migration Manager

Migrating with FastTrack

FastTrack is a Microsoft do good that is included in your subscription. FastTrack provides yous with a prepare of all-time practices, tools, resources, and experts committed to making your experience with the Microsoft Deject a slap-up 1! Guidance around OneDrive onboarding, migration, and adoption are included in the benefit offering. This guidance includes: help to discover what's possible, creating a program for success, and onboarding new users, providing guidance on migrating content from file share, Box, or Google Drive source environments, and introducing capabilities at a flexible stride, your footstep! FastTrack guidance provides enablement of both OneDrive and getting the source environment ready for your transition. In addition, the FastTrack data migration benefit will also perform specific data migration activities on behalf of you, the customer, for those with 500 or more licenses. For more details, see FastTrack Center Benefit Overview. Interested in getting started? Visit FastTrack.Microsoft.Com, review resources, and submit a Asking for Assistance.

Sync

Fifty-fifty though yous can upload, download, and interact with your OneDrive files from a web browser, the ideal OneDrive experience comes from the Windows and Mac sync apps and the iOS and Android mobile apps. OneDrive is bachelor for nearly operating systems and browsers and requires minimal hardware. For a full list of app requirements for using OneDrive, see OneDrive organization requirements.

If you already take the OneDrive sync app installed on Windows devices, commencement by determining the version or versions of OneDrive in your environs. Depending on your findings, you lot may need to alter your deployment process to accommodate the current version (for example, run takeover commands in PowerShell to ensure that information sync responsibilities transition to the new sync app). To determine which version of OneDrive you lot're using, encounter Which version of OneDrive am I using?

Sync app update process

Yous can select how soon your users receive updates we release for the sync app.

  • Insiders band - In this band, users get the commencement changes that are released to the public. We recommend selecting several people in your It department to join this ring.

  • Production ring – In this band, users get fixes and new features in a timely fashion. Nosotros recommend leaving everyone else in the organization in this ring.

  • Deferred ring – In this band, yous have more command over the deployment of updates, only users have to await longer to receive fixes and new features.

You configure this setting using the OneDrive policy Set the sync app update ring.

For details about the update procedure for the OneDrive sync app, see The OneDrive sync app update process.

To find out most new features available in electric current OneDrive updates every bit well as the current and historical version numbers, see New OneDrive sync app release notes.

Fundamental decision:

  • Which ring do you lot want to use for updates to the OneDrive sync app?

Configure settings

Afterward you lot have planned your rollout, configure any settings you need before y'all begin deploying apps to your users. For info nigh the "ideal state" configuration of the sync app, see Recommended sync app configuration.

  • Specify settings for sharing links and control external sharing: Manage sharing

  • To manage the sync app deployment centrally, prevent users from installing the sync app when they go to their OneDrive in a web browser: Preclude installation

  • To brand sure that users sync OneDrive files only on managed computers, configure OneDrive to sync only on PCs that are joined to specific domains: Let syncing only on specific domains

  • To prevent users from uploading specific file types, such as exe or mp3 files: Block file types

  • Gear up the default storage space for your users: Set the default storage space

  • Specify how long yous desire to retain a user's OneDrive files when the user is deleted: Set OneDrive retentivity for deleted users

  • To preclude users from accessing OneDrive and SharePoint content on devices exterior of specific domains, or from apps that don't apply modern hallmark: Command access based on network hallmark or app

  • To control user admission to features in the OneDrive and SharePoint mobile apps: Control access to mobile app features

Deployment options

You have several different options for deploying OneDrive: manually, using scripting, using Windows Autopilot (for the sync app on Windows), using an MDM such as Intune, or using Microsoft Endpoint Configuration Manager.

The OneDrive sync app is included as part of Windows 10 and Office 2016. You do non need to deploy the sync app to devices running these, though you may need to update the sync app to the latest version.

Install OneDrive apps and sync apps manually

Although installing OneDrive manually on each device isn't scalable, yous always have this option. For some devices, this process may be as unproblematic as installing an app. For others, y'all may need to delete older versions of OneDrive start. This section walks you through the manual installation and configuration of OneDrive on iOS and Android mobile devices, Windows devices, and computers running macOS.

Manually install and configure OneDrive on a mobile device

Installing the OneDrive app on a mobile device is elementary: users can download the app from the app store on any Android, iOS, or Windows mobile device. To simplify the manual installation process even farther, users can go to https://onedrive.live.com/most/download and enter the mobile phone number of their device. Microsoft will send a text bulletin to the mobile device with a link to the app in the device's app shop. Once installed, users can starting time the configuration process by opening the app and responding to the prompts.

Send your users the following links to set up OneDrive on their mobile devices:

  • Utilise OneDrive on iOS

  • Use OneDrive for Android

Manually install and configure OneDrive on a Windows device

Manually installing OneDrive on a Windows device may or may not exist necessary: many devices may already have information technology, either because the user installed Microsoft Office 2016 or simply considering the device runs Windows x, both of which include the OneDrive sync app by default. For devices running older versions of Windows or on which Office 2016 is not installed, you can download the new OneDrive sync app for Windows from https://onedrive.alive.com/virtually/download.

Annotation

You lot may exist required to uninstall an old version of the OneDrive sync app earlier you can install the new 1. If so, you volition receive a notification stating that you must uninstall the previous version before you can keep.

To manually configure OneDrive on a Windows device, see Sync files with the OneDrive sync app in Windows.

Manually install and configure OneDrive on a macOS device

For info virtually installing the OneDrive app on a estimator running macOS or adding a work account to an existing installation, see Sync files with the OneDrive sync app for Mac.

Install OneDrive on Windows devices by using scripting methods

To silently install the OneDrive sync app on an individual figurer, run the post-obit command:

              <pathToExecutable>\OneDriveSetup.exe /silent

To silently update the OneDrive sync app, run the following command:

              <pathToExecutable>\OneDriveSetup.exe /update

For info almost enabling silent account configuration, meet Silently configure user accounts.

Deploy and configure OneDrive through Windows Autopilot

Windows Autopilot provides a simple manner to deliver PCs to users. It is an culling to the traditional system imaging you typically perform when provisioning a new computer or repurposing an existing computer for a user. Rather than using deployment tools such as Microsoft Endpoint Configuration Manager, y'all can register your hardware info in Azure, and apply a deployment profile to command the out-of-box feel and register the device in Azure Active Directory (Azure Advertisement).

From there, Intune tin deploy apps such as OneDrive to the device automatically. To deliver OneDrive during this process, complete the configuration steps in Deploy OneDrive past using Intune.

For an overview of Windows Autopilot, see Overview of Windows Autopilot.

Deploy OneDrive past using Intune

To deploy the mobile apps to Android or iOS, or the sync app to Windows x, follow the steps in Deploy OneDrive apps by using Intune, or accept a await at the post-obit video.

Deploy OneDrive using Microsoft Endpoint Configuration Managing director

To deploy the OneDrive sync app to Windows using Microsoft Endpoint Configuration Manager, see Deploy OneDrive apps by using Microsoft Endpoint Configuration Managing director.

Before you can deploy applications to computers running macOS, you need to complete some prerequisite tasks on the Microsoft Endpoint Configuration Managing director site. For detailed info about these prerequisites and how to prepare a Configuration Managing director environment for Mac management, see Fix to deploy client software to Macs. When you've completed the prerequisites, you can deploy applications to Macs by completing the steps described in Create Mac figurer applications with Configuration Director. For info about configuring the OneDrive sync app for macOS, see Deploy and configure the new OneDrive sync app for Mac.

Manage OneDrive

The tools and technologies yous utilize to manage OneDrive are based on the private direction chore you desire to perform. The post-obit table shows the three master categories to consider when managing OneDrive and the technologies and methods available for that category.

Category Tasks Applied science or method
OneDrive organization-wide settings Manage settings such as storage limits and sharing capabilities. SharePoint admin center
Microsoft PowerShell
App updates Update the OneDrive sync app or mobile apps MDM (for example, Intune)
Microsoft Endpoint Configuration Manager
Group Policy
SharePoint admin center
Manually
Sync app settings Configure the sync app update band, DLP policies, and other device or app restrictions. MDM (for case, Intune)
Microsoft Endpoint Configuration Director
Group Policy
Manually

The SharePoint admin center enables you to manage OneDrive settings and device admission from one primal location. Some settings in the SharePoint admin center you'll use regardless of any other technologies you use to manage OneDrive (for example, to configure storage infinite settings). Others may overlap management apps in use (for example, the MDM section). Most organizations will apply the SharePoint admin center for some of their settings, but only those organizations without an MDM application would likely use the device admission functionality in the SharePoint admin centre.

  • Sharing - Employ the Sharing page in the SharePoint admin heart to configure your sharing options based on the decisions you made earlier in this guide. To larn more, see Manage sharing settings.

  • Sync - On the Settings page in the SharePoint admin heart, select Sync to configure sync restrictions based on file types, crave that synced devices be domain joined, or restrict synchronization from computers running macOS. Depending on your device management tool, the PC device restrictions in this section may overlap other management settings.

  • Storage limit - On the Settings folio in the SharePoint admin center, select Storage limit to specify the default OneDrive storage limit for users in your organization. This organisation-wide configuration setting is applicable to all organizations, regardless of the device management tool they use.

  • Retention - On the Settings page in the SharePoint admin center, select Retentivity to configure data retention settings for users whose accounts have been deleted (the maximum value is ten years). This organization-wide configuration setting is applicable to all organizations, regardless of the device management tool they use. Use this folio to configure the data retentivity value based on the decisions you fabricated in Part 2, Plan for OneDrive for enterprises.

  • Notifications - On the Settings page in the SharePoint admin heart, select Notifications to define if OneDrive users should receive notifications about file activity. For info most enabling these options, meet Plough on external sharing notifications for OneDrive.

  • Device Access - Apply the Access control page in the SharePoint admin center.

Manage OneDrive past using the Microsoft 365 compliance center

The Microsoft 365 compliance center provides a centralized location to auditing, DLP, retention, eDiscovery, and alerting capabilities within Microsoft 365 that are applicative to OneDrive. Yous can create DLP policies from templates that protect certain types of data, such as Social Security numbers, cyberbanking data, and other financial and medical content. Some capabilities won't exist available if you're using Intune (for instance, device management). For a walkthrough of how to create DLP policies and utilise them to OneDrive, see Create a DLP policy from a template.

Manage OneDrive settings by using Intune

To manage OneDrive sync app settings by using Intune, you tin apply Authoritative templates.

Manage OneDrive by using third-party MDM tools

Intune isn't the just MDM option you tin can use to manage OneDrive apps and settings. For info about managing OneDrive for Windows 10 by using VMware AirWatch, see Modern Management for Windows 10. For info about managing OneDrive for Windows 10 by using MobileIron, see Windows x in the Enterprise.

Manage OneDrive by using Grouping Policy

Y'all tin utilize Group Policy to manage OneDrive settings for domain-joined computers in your environment. For info, come across Use OneDrive policies to control OneDrive sync app settings. Using Group Policy, you tin can redirect and movement Windows known folders to OneDrive, and enable silent account configuration.

Manage OneDrive using Microsoft Endpoint Configuration Manager

Because Windows devices that yous utilise Microsoft Endpoint Configuration Manager to manage are either domain joined (and therefore managed in Active Directory) or administered through Intune, the role of Configuration Manager in managing OneDrive settings is limited. When using Configuration Director to manage OneDrive, Microsoft recommends using either Group Policy or Intune, depending on whether the device is domain joined.

Configuration Director tin manage OneDrive updates and configuration alongside other updates in your environment, such equally for Windows and Office applications.

Manage OneDrive updates using Microsoft Endpoint Configuration Managing director

To manually push an update to the OneDrive sync app on a Windows device, start past downloading the updated OneDrive sync app from OneDrive for Windows. This method is typically applicative but for older installations of Office running on devices with a Windows version earlier than Windows 10 that are not updating OneDrive as office of their other updates.

After you download the app, yous tin create a script in Configuration Director by following the process in Create and run PowerShell scripts from the Configuration Managing director Console or by using a traditional script-based application such every bit that in Create applications in Configuration Managing director. When using either pick, the control to update the OneDrive sync app using the installer is:

              <pathToExecutable>\OneDriveSetup.exe /update /restart