If you’re anything like me, you’ve encountered the issue of unwanted files syncing with OneDrive. Perhaps the files are eating up too much space or maybe they are just meant to be kept in an isolated environment, making the sync problematic. There are a variety of reasons to halt certain files from syncing. Fortunately, Intune has a manageable solution.
 

 

Common File Types You May Want to Prevent from Syncing to OneDrive

Personal Storage Tables (PSTs)

In my personal experience, Personal Storage Table files may cause issues when syncing with OneDrive.  

A PST is commonly used when a company sets a max threshold of time to store old emails in Outlook in the interest of saving space.  An employee, not wanting to lose important messages from the past can create a PST to ensure continued access of these old emails. There’s nothing inherently wrong with this method, until the file sync with OneDrive occurs.  

Here’s the issue: When a PST file is synced to OneDrive it has the potential to duplicate each time it is modified. I found this out the hard way in a previous role.  I was using PST files to store old emails when my administrator reprimanded me for having used over a Terabyte of space. Turns out, my PST files had been duplicating in OneDrive each time I applied an update. It wasn’t the most pleasant conversation, and it was one that could have been easily avoided had PSTs been prevented from syncing with OneDrive. 

 

Shortcuts on a Borrowed Device

Another instance where blocking certain files from syncing with OneDrive can be beneficial pertains to shortcuts. Picture this common scenario: you’ve traveled to your office only to realize you’ve forgotten your computer at home (this has happened to me more than I care to admit). Well, you’re there and you certainly don’t want to travel back home to gather your laptop. So, you borrow a loaner computer from IT to work for the day. You sign into the loaner using your regular profile that is synced with OneDrive.  

What you are not realizing is that this newly registered profile on the loaner computer is creating duplicate shortcuts in OneDrive. Now that the shortcuts have doubled up, you’re eating up space and muddying the OneDrive environment. It’s an innocent enough mistake, but one that can become a major headache if repeated often enough.  

 

The Sensitive File

A final instance may occur is when a particular department has created a document with confidential information. They may simply not want such files synced in OneDrive. I’ll occasionally see this kind of scenario when working with Human Resources or Accounting. It makes sense. The files they are working on have the potential to contain incredibly sensitive data that may need to be locked down to only a certain user or two.  

Fortunately, you can block specific files from syncing by naming convention. For instance, if the accounting department wants to block a sync of any file labeled “Accounting_Confidential_2021” you can easily achieve this with Intune. 

 

How to Prevent File Syncs for Shortcuts and PSTs

Intune users can stop these unique files from syncing by following the steps below. Once you understand how this works, you can easily extend or modify the profile to meet your company’s needs .

  1. Log into the Microsoft Endpoint Manager Admin Center 

  2. Navigate to Devices -> Windows -> Configuration profiles 

  3. Click Create profile 

4.  Select the following options:

a.     At the Platform dropdown, select Windows 10 and later

b.     At the Profile type dropdown, select Templates

c.     Under Template name, select Administrative Templates

Click Create

 

5. Enter a name for the profile, for example,  “Block PST and Shortcut from Syncing to OneDrive”

 

6. Search for Exclude specific kinds of files from being uploaded

7. Select Enabled and enter the file extensions below under Keywords, one keyword per line.

8. Select OK when all extensions and keywords have been entered

9. Complete the configuration (i.e., Assign Scope Tags and Assignments).

 

Once the policy applies to the device, OneDrive and PST/shortcuts will show a grey circle icon with a dash through it.

 

 

Conclusion

If you are working through Intune setup and need assistance, please contact us. We offer an Endpoint Support service, and we are available for one-off engagements as well.

 

 

Get in touch!

TOM BERNARDINI

Tom is our Modern Work & Security Engineer in the US, based out of South Florida. Having worked most of his 15 years in the IT industry in the medical sector, he was first introduced to the MDM/MAM while working at BlackBerry. Along with his experience working for an MSP (Managed Services Provider), Tom has a strong focus on clients’ business needs, both large and small.