Regarding the OneDrive connect to SharePoint 2019 On Premise

%3CLINGO-SUB%20id%3D%22lingo-sub-874482%22%20slang%3D%22en-US%22%3ERegarding%20the%20OneDrive%20connect%20to%20SharePoint%202019%20On%20Premise%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-874482%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20there%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20scenario%20is%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20a%20SharePoint%20Personal%20Site%20with%20OneDrive%20mapping%20to%20an%20internet%20DNS%20(%3CSTRONG%3E%3CEM%3EExtranet%3A%20%3CA%20href%3D%22http%3A%2F%2Fonedrive.litwareinc.com%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttp%3A%2F%2Fonedrive.litwareinc.com%2F%3C%2FA%3E%3B%20Default%3A%20http%3A%2F%2Fhostname%3APort%20Number%3C%2FEM%3E%3C%2FSTRONG%3E)%20by%20using%20SharePoint%20AAM.%20Currently%2C%20our%20client%20could%20connect%20their%20own%20OneDrive%20by%20using%20the%20latest%20version%20of%20%3CEM%3E%3CSTRONG%3EOneDrive%20App%3C%2FSTRONG%3E%3C%2FEM%3E%20via%20%3CSPAN%3Ehttp%3A%2F%2Fhostname%3APort%20Number%3C%2FSPAN%3E%20on%20their%20Laptop%20or%20Desktop.%20When%20they%20connect%20to%20OneDrive%2C%20they%20could%20put%20their%20email%20address%20(It's%20a%20%3CEM%3E%3CSTRONG%3ECompany%20mail%20address%20NOT%20Office365%20or%20Microsoft%20Account%3C%2FSTRONG%3E%3C%2FEM%3E)%20and%20password%20into%20the%20popup%20windows%20to%20grant%20the%20authorization%20from%20internal%20OneDrive.%20That's%20a%20normal%20situation.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3E%5B%20NOTE%20%5D%20(%3C%2FSPAN%3E%3CEM%3E%3CSPAN%3EWe%20have%20already%20changed%20the%20settings%20according%20to%20the%20document%20%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsharepoint%2Finstall%2Fnew-onedrive-sync-client%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsharepoint%2Finstall%2Fnew-onedrive-sync-client%3C%2FA%3E.%20At%20this%20moment%20users%20can%20use%20DOMAIN%5CUSER%20ACCOUNT%20to%20Sync%20files%20to%20their%20computer%20(Laptop%20or%20Desktop)%20by%20using%20OneDrive%20App).%3C%2FSPAN%3E%3C%2FEM%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20big%20problem%20is%20when%20we%20attempt%20to%20connect%20the%20Personal%20Site%20from%20the%20internet%20address%20%3CSPAN%3E(%3C%2FSPAN%3E%3CSTRONG%3E%3CEM%3EExtranet%3A%20%3CA%20href%3D%22http%3A%2F%2Fonedrive.litwareinc.com%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttp%3A%2F%2Fonedrive.litwareinc.com%2F%3C%2FA%3E%3C%2FEM%3E%3C%2FSTRONG%3E%3CEM%3E)%3C%2FEM%3E%2C%20it%20is%20successful%20to%20login%20their%20own%20Personal%20Site%20to%20access%20the%20certain%20document%20library.%20If%20they%20click%20the%20%22Sync%22%20feature%2C%20SharePoint%20will%20call%20%3CSPAN%3EOneDrive%20App%20%3C%2FSPAN%3Eand%20the%20popup%20window%20comes%20up%20for%20asking%20us%20put%20the%20User%20Account%20and%20Password.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20the%20format%20of%20user%20account%20is%20DOMAIN%5CUSER%20ACCOUNT%20and%20password%2C%20%3CSPAN%3EOneDrive%20App%20%3C%2FSPAN%3Eworks%20properly.%20%3CEM%3E%3CSTRONG%3EBUT%20if%20the%20format%20of%20user%20account%20is%20Email%20address%2C%20the%20OneDrive%20App%20will%20bring%20us%20to%20login%20page%20of%20Office%20365.%20Most%20of%20Users%20don't%20have%20Office%20365%20accounts.%3C%2FSTRONG%3E%3C%2FEM%3E%3C%2FP%3E%3CP%3E%3CEM%3E%3CSTRONG%3E%3CBR%20%2F%3E%3C%2FSTRONG%3E%3C%2FEM%3EMy%20question%20is%20the%20OneDrive%20lives%20in%20the%20Intranet.%20When%20user%20access%20their%20OneDrive%20from%20outside%20via%20internet%20by%20using%20%3CEM%3E%3CSTRONG%3EOneDrive%20App%3C%2FSTRONG%3E%3C%2FEM%3E%20on%20their%20Laptop%20or%20Desktop%2C%20whether%20or%20not%20they%20could%20use%20company%20email%20address%20(NOT%20Office365%20Account)%20as%20a%20login%20Account%3F%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20everyone%20on%20this%20issue.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWILL%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-874482%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOneDrive%20for%20Business%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESync%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-876015%22%20slang%3D%22en-US%22%3ERe%3A%20Regarding%20the%20OneDrive%20connect%20to%20SharePoint%202019%20On%20Premise%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-876015%22%20slang%3D%22en-US%22%3ENo%2C%20since%20you%20said%20%22not%20all%20users%20have%20an%20account%22%2C%20this%20means%20that%20your%20domain%20is%20registered%20in%20Office%20365%2C%20which%20means%20all%20domain%20accounts%20will%20route%20to%20Office%20365%2C%20so%20you%20must%20use%20the%20domain%5Cusername%20format%20when%20doing%20on-prem%20if%20you%20don't%20have%20those%20users%20synced%20to%20365%20that%20could%20be%20causing%20the%20issue%20because%20that%20domain%20format%20will%20go%20looking%20in%20office%20365%20Azure%20AD.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-876029%22%20slang%3D%22en-US%22%3ERe%3A%20Regarding%20the%20OneDrive%20connect%20to%20SharePoint%202019%20On%20Premise%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-876029%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F869%22%20target%3D%22_blank%22%3E%40Chris%20Webb%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3Elet%20me%20repeat%20it%20once%20again.%20so%20Chris%2C%20you%20mean%20we%20have%20got%20to%20let%20Office365%20know%20currently%20we%20want%20to%20login%20which%20Domain%20so%20that%20when%20Office365%20finds%20the%20format%20is%20DOMAIN%5CUSER%20ACCOUNT%20then%20it%20will%20redirect%20to%20internal%20DOMAIN%20otherwise%20it%20will%20be%20treated%20as%20a%20Office%20365%20account.%20Is%20my%20concept%20correct%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-876031%22%20slang%3D%22en-US%22%3ERe%3A%20Regarding%20the%20OneDrive%20connect%20to%20SharePoint%202019%20On%20Premise%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-876031%22%20slang%3D%22en-US%22%3EPretty%20much%2C%20since%20your%20domain%20exists%20in%20Office%20365.%20You%20might%20be%20able%20to%20get%20around%20it%20by%20adding%20your%20on-prem%20URL's%20to%20trusted%20regions%20and%20having%20it%20%22Auto%20logon%20using%20local%20username%20and%20password%22%20set%20for%20trusted%20zone%2C%20but%20it's%20been%20a%20long%20time%20since%20I%20messed%20with%20a%20hybrid%20style%20setup.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-876036%22%20slang%3D%22en-US%22%3ERe%3A%20Regarding%20the%20OneDrive%20connect%20to%20SharePoint%202019%20On%20Premise%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-876036%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F869%22%20target%3D%22_blank%22%3E%40Chris%20Webb%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ethat%20will%20become%20so%20complicate.%20if%20my%20user%20they%20insist%20on%20using%20Email%20for%20logging%2C%20we%20need%20to%20let%20365%20trust%20our%20URL%20of%20OneDrive%20(%3CA%20href%3D%22http%3A%2F%2Fonedrive.litwareinc.pri%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttp%3A%2F%2Fonedrive.litwareinc.pri%3C%2FA%3E)%20and%20setup%20%3CSPAN%3E%22Auto%20logon%20using%20local%20username%20and%20password%22.%20do%20we%20need%20a%20Hybrid%20architecture%3F%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EBTW%20do%20we%20also%20need%20to%20sync%20ad%20user%20account%20to%20AAD%20by%20using%20AAD%20connector%3F%3F%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Frequent Contributor

Hi there,

 

The scenario is:

 

I have a SharePoint Personal Site with OneDrive mapping to an internet DNS (Extranet: http://onedrive.litwareinc.com/; Default: http://hostname:Port Number) by using SharePoint AAM. Currently, our client could connect their own OneDrive by using the latest version of OneDrive App via http://hostname:Port Number on their Laptop or Desktop. When they connect to OneDrive, they could put their email address (It's a Company mail address NOT Office365 or Microsoft Account) and password into the popup windows to grant the authorization from internal OneDrive. That's a normal situation.

 

[ NOTE ] (We have already changed the settings according to the document : https://docs.microsoft.com/en-us/sharepoint/install/new-onedrive-sync-client. At this moment users can use DOMAIN\USER ACCOUNT to Sync files to their computer (Laptop or Desktop) by using OneDrive App).

 

The big problem is when we attempt to connect the Personal Site from the internet address (Extranet: http://onedrive.litwareinc.com/), it is successful to login their own Personal Site to access the certain document library. If they click the "Sync" feature, SharePoint will call OneDrive App and the popup window comes up for asking us put the User Account and Password. 

 

If the format of user account is DOMAIN\USER ACCOUNT and password, OneDrive App works properly. BUT if the format of user account is Email address, the OneDrive App will bring us to login page of Office 365. Most of Users don't have Office 365 accounts.


My question is the OneDrive lives in the Intranet. When user access their OneDrive from outside via internet by using OneDrive App on their Laptop or Desktop, whether or not they could use company email address (NOT Office365 Account) as a login Account? 

 

Thanks everyone on this issue.

 

WILL

4 Replies
Highlighted
No, since you said "not all users have an account", this means that your domain is registered in Office 365, which means all domain accounts will route to Office 365, so you must use the domain\username format when doing on-prem if you don't have those users synced to 365 that could be causing the issue because that domain format will go looking in office 365 Azure AD.
Highlighted

@Chris Webb 

let me repeat it once again. so Chris, you mean we have got to let Office365 know currently we want to login which Domain so that when Office365 finds the format is DOMAIN\USER ACCOUNT then it will redirect to internal DOMAIN otherwise it will be treated as a Office 365 account. Is my concept correct?

Highlighted
Pretty much, since your domain exists in Office 365. You might be able to get around it by adding your on-prem URL's to trusted regions and having it "Auto logon using local username and password" set for trusted zone, but it's been a long time since I messed with a hybrid style setup.
Highlighted

@Chris Webb 

that will become so complicate. if my user they insist on using Email for logging, we need to let 365 trust our URL of OneDrive (http://onedrive.litwareinc.pri) and setup "Auto logon using local username and password". do we need a Hybrid architecture?

 

BTW do we also need to sync ad user account to AAD by using AAD connector??