Central administration using Group Policies
In VisualDrive Server, deployment and central administration of the OneDrive sync app happen through Group Policy settings.
This document outlines the related group policies and contains recommendations for their deployment.
Configuring OneDrive with group policies
The OneDrive sync app has various policy settings that control the server location and other functionality, for example:
- Server URL
- Organization name
- Silently sign in with domain credentials
- Known Folder Move (Desktop, Documents, Pictures)
These policies can be deployed and administered with the help of Group Policy Objects (GPOs).
VisualDrive Server Manager simplifies deploying group policies by providing predefined GPO types and an ability to create, edit, and link them in the Active Directory environment.
Group Policy Object types
VisualDrive Server Manager allows administrators to create the following GPO types:
| GPO type | Purpose | Recommended scope |
|---|---|---|
| Server Advertisement | Informs the OneDrive client app of the VisualDrive Server instance location, enabling on-premises sync. | Whole domain¹ |
| Silent Deployment | Automatically signs users into the OneDrive app, connecting them to VisualDrive Server. | Small initial scope, gradually expanded |
| Known Folder Move | Enables automatic backup and sync of data in users’ Desktop, Documents, and Pictures folders. | Small initial scope, gradually expanded |
| Custom | Deploys any custom configuration. | Any custom scope |
¹ Server Advertisement GPO should use the widest possible scope, because it doesn’t automatically connect the OneDrive app to VisualDrive Server, but only makes such connection possible.
Phased deployment and GPO scope expansion
For GPOs marked "gradually expanded", it is recommended to deploy them in phases:
- Start with a small, controlled group of computers
- Confirm the policies apply correctly and function as intended
- Gradually expand the GPO’s scope to a wider set of computers
The scope expansion can be performed using one of the following methods:
-
Using GPO Links
Link the GPO to a specific Organizational Unit (OU) containing a small group of computers. Gradually expand the scope by linking to additional OUs. -
Using GPO Security Filtering
Configure security filtering to target a specific small set of computers. Gradually expand the filter to include more computers.
Recommended group policy deployment plan
Follow this recommended approach for deploying group policies in VisualDrive Server:
- Create the Server Advertisement GPO, targeting the widest possible scope
- Create the Silent Deployment GPO, targeting a small initial scope
- Create the Known Folder Move GPO, targeting a small initial scope
- Gradually expand scope of Silent Deployment and Known Folder Move GPOs
- Optionally, create additional custom GPOs with policies specific to your environment