A PST is commonly used when a company sets a max threshold of time to store old emails in Outlook in the interest of saving space. An employee, not wanting to lose important messages from the past can create a PST to ensure continued access of these old emails. There’s nothing inherently wrong with this method, until the file sync with OneDrive occurs.
Here’s the issue: When a PST file is synced to OneDrive it has the potential to duplicate each time it is modified. I found this out the hard way in a previous role. I was using PST files to store old emails when my administrator reprimanded me for having used over a Terabyte of space. Turns out, my PST files had been duplicating in OneDrive each time I applied an update. It wasn’t the most pleasant conversation, and it was one that could have been easily avoided had PSTs been prevented from syncing with OneDrive.
Shortcuts on a Borrowed Device
Another instance where blocking certain files from syncing with OneDrive can be beneficial pertains to shortcuts. Picture this common scenario: you’ve traveled to your office only to realize you’ve forgotten your computer at home (this has happened to me more than I care to admit). Well, you’re there and you certainly don’t want to travel back home to gather your laptop. So, you borrow a loaner computer from IT to work for the day. You sign into the loaner using your regular profile that is synced with OneDrive.
What you are not realizing is that this newly registered profile on the loaner computer is creating duplicate shortcuts in OneDrive. Now that the shortcuts have doubled up, you’re eating up space and muddying the OneDrive environment. It’s an innocent enough mistake, but one that can become a major headache if repeated often enough.
The Sensitive File
A final instance may occur is when a particular department has created a document with confidential information. They may simply not want such files synced in OneDrive. I’ll occasionally see this kind of scenario when working with Human Resources or Accounting. It makes sense. The files they are working on have the potential to contain incredibly sensitive data that may need to be locked down to only a certain user or two.
Fortunately, you can block specific files from syncing by naming convention. For instance, if the accounting department wants to block a sync of any file labeled “Accounting_Confidential_2021” you can easily achieve this with Intune.
How to Prevent File Syncs for Shortcuts and PSTs
Intune users can stop these unique files from syncing by following the steps below. Once you understand how this works, you can easily extend or modify the profile to meet your company’s needs .
Navigate to Devices -> Windows -> Configuration profiles
4. Select the following options:
a. At the Platform dropdown, select Windows 10 and later
b. At the Profile type dropdown, select Templates
c. Under Template name, select Administrative Templates
7. Select Enabled and enter the file extensions below under Keywords, one keyword per line.
8. Select OK when all extensions and keywords have been entered
9. Complete the configuration (i.e., Assign Scope Tags and Assignments).
Once the policy applies to the device, OneDrive and PST/shortcuts will show a grey circle icon with a dash through it.
If you are working through Intune setup and need assistance, please contact us. We offer an Endpoint Support service, and we are available for one-off engagements as well.
Get in touch!
Tom is our Modern Work & Security Engineer in the US, based out of South Florida. Having worked most of his 15 years in the IT industry in the medical sector, he was first introduced to the MDM/MAM while working at BlackBerry. Along with his experience working for an MSP (Managed Services Provider), Tom has a strong focus on clients’ business needs, both large and small.