Forum Discussion

Samer Rustom's avatar
Samer Rustom
Copper Contributor
Jun 28, 2023

Prevent user from unlinking their business account on OneDrive

Please guide me on how to configure this on the group policy on server 2019

 LeonPavesic  Please help me

  • Hi Samer Rustom,

    To prevent users from unlinking their business account on OneDrive, you can configure a Group Policy setting on Windows Server 2019. Here's how you can do it:

    1. Open the Group Policy Management Console on your Windows Server 2019.
    2. Navigate to the appropriate Group Policy Object (GPO) where you want to apply the policy. Alternatively, you can create a new GPO specifically for this setting.
    3. Right-click on the selected GPO and choose "Edit" to open the Group Policy Editor.
    4. In the Group Policy Editor, navigate to the following path:

    User Configuration > Policies > Administrative Templates > OneDrive

    5. In the right pane, locate the policy setting named "Prevent users from syncing personal OneDrive accounts".
    6. Double-click on the policy setting to open its properties.
    7. Select the "Enabled" option.
    8. Click "OK" to save the changes.

    By enabling this policy, users will be restricted from unlinking their business accounts on OneDrive. They won't be able to add or remove accounts associated with OneDrive on their devices.

    Remember to link the GPO to the appropriate Organizational Unit (OU) or group containing the user accounts to apply the policy.

     

    I hope this helps! Let me know if you have any further questions.

    Kindest regards

  • LeonPavesic's avatar
    LeonPavesic
    Silver Contributor

    Hi Samer Rustom,

    To prevent users from unlinking their business account on OneDrive, you can configure a Group Policy setting on Windows Server 2019. Here's how you can do it:

    1. Open the Group Policy Management Console on your Windows Server 2019.
    2. Navigate to the appropriate Group Policy Object (GPO) where you want to apply the policy. Alternatively, you can create a new GPO specifically for this setting.
    3. Right-click on the selected GPO and choose "Edit" to open the Group Policy Editor.
    4. In the Group Policy Editor, navigate to the following path:

    User Configuration > Policies > Administrative Templates > OneDrive

    5. In the right pane, locate the policy setting named "Prevent users from syncing personal OneDrive accounts".
    6. Double-click on the policy setting to open its properties.
    7. Select the "Enabled" option.
    8. Click "OK" to save the changes.

    By enabling this policy, users will be restricted from unlinking their business accounts on OneDrive. They won't be able to add or remove accounts associated with OneDrive on their devices.

    Remember to link the GPO to the appropriate Organizational Unit (OU) or group containing the user accounts to apply the policy.

     

    I hope this helps! Let me know if you have any further questions.

    Kindest regards

    • Samer Rustom's avatar
      Samer Rustom
      Copper Contributor
      Thank you LeonPavesic for your support.
      I followed your steps and the policy is configured as it should be.
      Please guide me how to apply it to a specific OU or to all users please.
      LeonPavesic
      • LeonPavesic's avatar
        LeonPavesic
        Silver Contributor

        Hi Samer Rustom,

        thanks for the update and your question.

        To apply the Group Policy to a specific Organizational Unit (OU) or to all users, you can follow these steps:

        1. Open the Group Policy Management Console on your Windows Server 2019.

        2. Expand the domain in the console tree and locate the OU to which you want to apply the policy.

        3. Right-click on the OU and select "Create a GPO in this domain, and Link it here..." option.

        4. Enter a name for the new GPO, such as "OneDrive Account Unlinking Policy."

        5. Click "OK" to create the new GPO and link it to the selected OU.

        6. Right-click on the newly created GPO and choose "Edit" to open the Group Policy Editor.

        7. In the Group Policy Editor, navigate to the path mentioned earlier:

          User Configuration > Policies > Administrative Templates > OneDrive

        8. Configure the "Prevent users from syncing personal OneDrive accounts" policy setting as described previously.

        9. Close the Group Policy Editor.

        The policy is now linked to the selected OU and will be applied to the users within that OU. If you want to apply the policy to all users in the domain, you can link the GPO to the domain root instead of a specific OU.

        Kindest regards

        Leon Pavesic

    • MohamedArief's avatar
      MohamedArief
      Copper Contributor

      LeonPavesic 

       

      actually we tried this .Its not working even after applied policy user can still unlink the one drive from pc

       

      Can we disable this unlink button?

       

Resources