Configuring Shared PC mode with OneDrive sync enabled and configured

This week another short blog post about another nice configuration addition to Windows. This time it’s about configuring Shared PC mode with OneDrive sync. Shared PC mode on itself is nothing new, or special, but there was something missing. That something was the OneDrive sync, as there are scenarios in which it’s still required to use OneDrive on a Shared PC. The default behavior of Windows, however, was to prevent the usage of OneDrive, once Shared PC mode was enabled. That’s still the case but starting with Windows 11 version 22H2 a new setting is introduced that enables IT administrators to enable Shared PC mode with OneDrive sync enabled. A new setting to enabled Shared PC mode. This post will start with a short introduction about that new setting, followed with the steps to configure Shared PC mode with OneDrive sync enabled and configured. This post will end with showing the behavior after applying the configuration.

Note: This new setting is introduced with the updates to MDM in Windows 11 version 22H2 and are also expected to be available for Windows 10 and later. There is, however, no clear documentation about that.

Introducing new Shared PC mode setting

When looking at configuring Shared PC mode, the configuration is achieved by relying on the SharedPC CSP. That CSP contains the different settings that are available for configuring the different components of Shared PC mode on Windows devices. Starting with Windows 11 version 22H2, that CSP now contains an additional node that can be used to enable Shared PC mode with OneDrive sync enabled. The table below provides an overview of that new setting and how it can be used.

Settings	Description
EnableSharedPCModeWithOneDriveSync	This policy setting can be used to configure a device to Shared PC mode with OneDrive sync turned on. That setting can be configured with a boolean value that can be set to true or false.

Note: The root node of the SharedPC CSP is ./Device/Vendor/MSFT/SharedPC/.

Configuring Shared PC mode with OneDrive sync

When looking at configuring Shared PC mode with OneDrive sync enabled and configured, that requires multiple configuration steps. Especially since the new setting in the SharedPC CSP is not yet available within Microsoft Intune. That means a custom configuration profile is currently required to at least configure that setting. At this moment the most obvious configuration strategy for Shared PC mode with OneDrive sync enabled and configured, contains three steps.

Step 1: Enable Shared PC mode with OneDrive sync

The first step is to actually configure Windows devices, to enable Shared PC mode with OneDrive sync enabled. When looking at that configuration, using the SharedPC CSP, and using Microsoft Intune for the configuration, the configuration is actually pretty straight forward. In the future it will probably even become easier. For now, the configuration will still rely on using a custom device configuration profile. The following nine steps walk through the creation of that custom device configuration profile, with the settings to enabled Shared PC mode with OneDrive sync enabled.

1. Open Microsoft Endpoint Manager admin center navigate to Devices > Windows > Configuration profiles
2. On the Windows | Configuration profiles blade, click Create profile
3. On the Create a profile blade, provide the following information and click Create

• Platform: Select Windows 10 and later as the platform for the configuration profile
• Profile type: Select Templates as the profile type for the configuration profile
• Template name: Select Custom as the template name for the configuration profile

1. On the Basics page, specify a valid Name and optionaly a Description and click Next
2. On the Configuration settings page, as shown below in Figure 1, click Add to add rows for the following custom settings and click Next

• OMA-URI setting 1 – This setting is used to enable Shared PC mode with OneDrive sync enabled
  • Name (1): Provide a name for the OMA-URI setting to distinguish it from other similar settings
  • Description: (Optional) Provide a description for the OMA-URI setting to further differentiate settings
  • OMA-URI (2): Specify ./Device/Vendor/MSFT/SharedPC/EnableSharedPCModeWithOneDriveSync
  • Data type (3): Select Boolean as data type for the configuration of the value of the setting
  • Value (4): Select True as value to configure Shared PC mode with OneDrive sync enabled

Figure 1: Overview of the custom configuration for the Shared PC mode with OneDrive sync

1. On the Scope tags page, configure the required scope tags click Next
2. On the Assignments page, configure the required assignment and click Next
3. On the Applicability rules page, configure the required applicability rules and click Next
4. On the Review + create page, verify the configuration and click Create

Note: At some point in time these settings might become directly available within Microsoft Intune.

Step 2: Configuring additional Shared PC mode settings

The second step is to further configure Shared PC mode. When looking at that configuration, using the SharedPC CSP, and using Microsoft Intune for the configuration, the focus goes to the Settings Catalog. The Settings Catalog contains the required settings and provides an easy method for applying those settings. The following eight steps walk through the configuration of further configuring Shared PC mode, by using the available settings in the Settings Catalog. It provides all the settings that might add value to the configuration of Shared PC mode itself.

1. Open Microsoft Endpoint Manager admin center and navigate to Devices > Windows > Configuration profiles
2. On the Windows | Configuration profiles blade, click Create profile
3. On the Create a profile blade, provide the following information and click Create

• Platform: Select Windows 10 and later to create a profile for Windows 10 devices
• Profile: Select Settings catalog to select the required setting from the catalog

1. On the Basics page, provide the following information and click Next

• Name: Provide a name for the profile to distinguish it from other similar profiles
• Description: (Optional) Provide a description for the profile to further differentiate profiles
• Platform: (Greyed out) Windows 10 and later

1. On the Configuration settings page, as shown below in Figure 2, perform the following actions and click Next

• Click Add settings and perform the following in Settings picker
  • Select Shared PC as category
  • Select the required settings related to Shared PC mode of the available settings Account Mode, Deletion Policy, Disk Level Caching, Disk Level Deletion, Enabled Account Manager, Inactive Threshold, Maintenance Start Time, Kiosk Mode User Tile Display Text, Kiosk Mode AUMID, Restrict Local Storage, Set Power Policies and Sign In On Resume as setting
  • Configure the required settings that suite the environment with the values like the following (examples)
    • Select Guest and Domain with Account Mode to configure the type of accounts that are available
    • Select Delete at disk space threshold with Deletion Policy to configure when accounts will be deleted
    • Specify 25 with Disk Level Caching to configure when to stop deleting accounts
    • Specify 25 with Disk Level Deletion to configure when to start deleting accounts
    • Select true with Enabled Account Manager to enabled account manager
    • Specify 30 with Inactive Threshold to configure when to start deleting inactive accounts
    • Specify 6 with Maintenance Start Time to configure maintenance mode daily at 6PM
    • Specify a text with Kiosk Mode User Tile Display Text to display a text with the account shown on the sign-in screen that launches the app specified with the Kiosk Mode AUMID setting
    • Specify an AUMID with Kiosk Mode AUMID to configure the app to be used assigned access
    • Select false with Restrict Local Storage to allow the use of local storage on the device
    • Select true with Set Power Policies to configure the power policies on the device
    • Select true with Sign In On Resume to require the signing in after waking up from sleep

Figure 2: Overview of the settings catalog configuration for the Shared PC mode

1. On the Scope tags page, configure the required scope tags and click Next
2. On the Assignments page, configure the assignment and click Next
3. On the Review + create page, verify the configuration and click Create

Important: Keep in mind that to be able to access OneDrive storage, access to local storage should not be restricted.

Step 3: Configuring OneDrive sync

The third step is to further configure OneDrive sync. When looking at that configuration, the most obvious option would also be to use the Settings Catalog. The Settings Catalog contains the required settings and provides an easy method for applying those settings. The configuration of those settings are similar to the steps used in step 2, to further configure Shared PC mode. Simply walkthrough the different steps again and use at least the following settings instead.

• Enable Silently sign in users to the OneDrive sync app with their Windows credentials, to automatically configure the OneDrive sync app for the user
• Enable Use OneDrive Files On-Demand, to automatically configure the files on demand feature for the OneDrive sync app
• Enable Silently move Windows known folders to OneDrive, to automatically move known folders to OneDrive

Verifying Shared PC mode with OneDrive sync configuration

When all the configurations are in place, it’s time to verify the experience. The easiest method would be to simply sign-in to Windows with an Azure AD account and to experience the automatic enablement and configuration of OneDrive sync. All the settings, configured in the different steps, are part of that complete experience that will result in a successfully configured OneDrive sync (as shown below in Figure 3, with number 2). Another easy method to show the successful configuration in a single screenshot, is by looking at the SharedPCSetup.log file that is available in C:\Windows. That log file will clearly state that Shared PC mode with OneDrive sync is configured (as shown below in Figure 3, with number 1).

Figure 3: Overview of the successful configuration of Shared PC mode with OneDrive sync enabled

More information

For more information about configuring Shared PC Mode, refer to the following docs.