Syncing SharePoint Sites To End User Devices Using Intune

Why Sync SharePoint Sites to Local Devices?

Syncing SharePoint sites to local devices enables users to access files stored in SharePoint document libraries directly from their File Explorer without needing to open a browser. This allows for:

• Offline Access: Users can work on documents even without internet connectivity.
• Improved Collaboration: Directly syncing folders helps users collaborate effectively, as shared documents are available locally and sync automatically.
• Enhanced Productivity: Provides an organized and familiar experience by showing SharePoint libraries alongside other files in File Explorer.

How It Works: Technologies, Protocols, and Ports

The solution involves Intune to push policies and configurations, OneDrive for Business as the sync client, and SharePoint Online as the cloud storage for document libraries.

1. Intune: Microsoft’s endpoint management tool delivers configuration profiles to devices.
2. OneDrive Sync Client: This client syncs the SharePoint libraries to the device.
3. SharePoint Online: Cloud-based file storage accessible via Microsoft 365.

Protocols & Ports:

• HTTPS (Port 443): Ensures encrypted data transfer between OneDrive, SharePoint, and the device.
• TCP/IP: Used to establish and maintain network connections.
• OAuth: Protocol for authentication, ensuring secure access to SharePoint and OneDrive resources.

Prerequisites and Requirements

Technical Prerequisites

1. OneDrive Client: Ensure the OneDrive for Business client is installed on devices. Version should support Files On-Demand, typically available on Windows 10 1709 and later.
2. Intune Licensing: Proper Intune licensing is required, usually available with Microsoft 365 E3/E5 plans.
3. User Permissions: Users must have at least read permissions for the SharePoint libraries they need to sync.
4. SharePoint Library IDs: Each library to be synced has a unique Library ID, which will be used in Intune configurations.
5. Network Requirements: Allow access to *.sharepoint.com, *.onedrive.com, and necessary Microsoft 365 endpoints.

Firewall and Network Configuration

To ensure uninterrupted sync, you must allow the following URLs and ports:

• Port 443: For HTTPS secure communication.
• URLs to Allow:*.sharepoint.com*.onedrive.com*.microsoftonline.com*.microsoft.com

Intune Policy Setup for SharePoint Sync

1. Identify Library IDs: The SharePoint library URL format must be modified to get the library ID.
2. Create Intune Configuration Profile:
3. Assign Profile to User Groups:
4. Sync Intune Policy to Device:

Configuring Files On-Demand

Files On-Demand is a critical feature as it helps users save space on local storage by downloading only the files they need.

Benefits of Files On-Demand

• Efficient Storage Use: Files are stored in the cloud by default and downloaded as needed.
• Offline Access: Users can select files to be available offline, ensuring they have access when disconnected from the internet.

Enabling Files On-Demand in Intune

1. In the Intune Admin Center, navigate to Devices > Configuration profiles.
2. Edit the OneDrive configuration profile and ensure Use OneDrive Files On-Demand is set to Enabled.

Troubleshooting Common Issues

Even with the correct configurations, some issues may arise during deployment. Here are potential problems and troubleshooting tips:

1. Policy Not Applying

• Check OneDrive Sign-In: Ensure the user is signed into OneDrive with their organizational account.
• Force Intune Sync: Instruct the user to go to Settings > Accounts > Access work or school and select Sync.

2. SharePoint Library Not Appearing

• Verify Library ID: Ensure the Library ID format is correct and accurately entered in the Intune policy.
• Check Permissions: Verify that the user has at least read access to the SharePoint library.
• Restart OneDrive: Sometimes, restarting the OneDrive client helps apply the policy correctly.

3. Network or Firewall Blocking Sync

If libraries are still not syncing, verify the following network configurations:

• Ensure that Port 443 is open.
• Confirm that *.sharepoint.com and *.onedrive.com are accessible on the network.
• If using a proxy, add these URLs as exceptions to avoid blocking OneDrive.

Sync Cycle: Understanding How Often Libraries Sync

The sync cycle of SharePoint libraries added through Intune works as follows:

• Initial Sync: Begins shortly after the policy is applied and OneDrive is signed in.
• Periodic Sync: OneDrive syncs changes every few minutes. When multiple libraries are synced, each is updated based on usage, with the most recently accessed libraries updated first.

Managing Multiple SharePoint Libraries for Users

When syncing multiple SharePoint libraries, OneDrive will display each library separately in File Explorer under the OneDrive section. Each library will have its own folder, labeled by the site name and library name.

Pros and Cons of Syncing SharePoint Sites with Intune

Pros

• Centralized Management: Simplifies configuration for IT teams by using Intune to push policies to all user devices.
• Seamless User Experience: Users access all necessary libraries in one place.
• Security Compliance: Ensures files remain protected and compliant with organizational policies.

Cons

• Initial Setup Complexity: Requires careful planning and understanding of library IDs, OneDrive policies, and network configurations.
• Sync Delays: Policies may take time to propagate, especially for large organizations.
• Storage Limitations: Syncing many large libraries can strain device storage if Files On-Demand is not enabled.

Final Checklist for Deployment

Before deploying to users, ensure the following:

1. OneDrive Client is Configured and Signed In: Ensure OneDrive is set up with the organization’s account.
2. Files On-Demand Enabled: Confirm Files On-Demand is enabled to manage storage efficiently.
3. Firewall and Network Settings: Verify that *.sharepoint.com and *.onedrive.com URLs and Port 443 are accessible.
4. Intune Policy Testing: Test policies on a small user group before rolling out organization-wide.

Summary

Setting up automatic SharePoint library sync with Intune requires attention to detail, especially regarding library IDs, OneDrive configurations, and network policies. Once properly configured, this setup enhances user productivity by providing streamlined access to files and allowing IT administrators to manage SharePoint library syncing from a central location using Intune.