Mitigating issues with Microsoft OneDrive on Mac

A Mac user for 20 years, for as long as I can remember, Microsoft has had issues with stability and reliability on Macintosh. The Office apps would feel unnecessarily heavy and frequently quit. One had to make sure to always keep them up to date, and they would behave somewhat better. Though they have gotten a lot more stable with recent versions, I learned what might be part of the reason at last year’s MacSysAdmin conference in Göthenburg: Microsoft is using most of the code from Windows, emulating the Windows registry on Mac, instead of writing an entirely native program.

OneDrive also has issues on macOS:

  • It does not allow files that contain unsupported characters or leading and trailing spaces to be synced. If a folder has an unsupported character, the contents will not sync at all. This would not be such a big issue if Finder would warn users about unsupported characters, but since it does not, users will create them without even intending to. The end result can far too often be a backup system that isn’t working properly and hundreds of files that will not sync. One cannot realistically expect users to manually correct these themselves.
  • It is somewhat unstable, and can quit unexpectedly. Another issue is users quitting the program and not restarting it, effectively disabling cloud backups. You can set the OpenAtLogin preference to have OneDrive start up on user login, but sometimes this isn’t sufficient – many users seldom log out.
  • It cannot back up the Desktop, Pictures and Documents folders, like iCloud Drive can, so users will have to make sure to save their documents in the OneDrive folder.

To mitigate these issues:

  • Microsoft has promised to include functionality that will prompt the user to fix invalid filenames (I hope they will give us the option to enable automatic changes).
  • While waiting for Microsoft to address the issue, you can let users fix the filenames from Jamf Self Service. I have adapted dsavage’s filename correction script for the purpose. It will make a backup before fixing filenames and logs the changes it makes – it will also provide the user with detailed information using Jamf messaging.
  • Get the OneDrive filename correction script for Jamf Self Service on GitHub. This version takes only seconds to run, while still logging and making a backup, provided the file system is APFS. If you want it to run even faster, you can comment out the backup section.
  • To see the extent of the filename sync issues users are having, you can use a Jamf Extension Attribute I wrote, that counts the numbers of files with issues. You could then create a pop-up, notifying users that they have sync issues and telling them how to fix them using the Self Service script above.
  • If you like taking risks, you could probably run a modified version without messaging silently on the same Jamf smart group. Test this thoroughly and roll it out slowly, if you do (and let me know how it works out for you).
  • To address reliability issues, I created a script to kickstart OneDrive if the user has set it up, but it is not running. I suggest you run it once per day. To only run the script on machines that have set up OneDrive where it is not running, you can use it in combination with extension attributes that see if OneDrive is configured and running and Jamf Smart Groups, though the script does check for this as well (meaning you should also be able to use it with a less capable MDM solution).

There is a script that can set up Desktop, Pictures and Documents folder sync: MacOS-OneDrive-KFM. It uses symlinks to replace the folders with ones that are inside the OneDrive folder. I would advise against making such modifications without Apple supporting them, not the least because Apple has started using special files for their own cloud sync extensively in these areas, but also because I wouldn’t generally recommend modifying parts of the OS that the vendor consider theirs. iCloud Drive is what Apple intended for backing up these folders – though it is more of a solution for private than enterprise use, and should be disabled in many settings for compliance reasons.

A solution from another vendor should ideally make one-way backups of these folders without replacing them with symlinks. If you have a large IT team, completely disable automatic OS updates and are ready for this setup causing trouble at some point in the future, moving and symlinking could be an alternative.

A safer alternative for OneDrive would be educating users to save files in the OneDrive folder, helping them move their files there, and setting the DefaultsToLocalOpenSave preference to false.

Make sure to run the most recent stable version of OneDrive and Microsoft Office and keep users up-to-date. Unless you have a good reason not to, keep background auto-updates enabled.

It is worth mentioning that Google’s solution is able to backup the Desktop, Pictures and Documents folders, though I haven’t had the opportunity to study how it does so or test how well it works.

Macintosh administration and Microsoft:

  • Hopefully, Microsoft will make the user experience even better by letting organizations prefill the username for OneDrive (and Teams) with a preference, like we can with Office and Skype for Business.
  • Microsoft has dedicated a skilled team to assist Macintosh enterprise deployment of their apps, many of whom are available on the macadmins slack. They have also made available packages suitable for MDM distribution as well as a host of useful preference settings, on their site. The more of us get in touch with them with our concerns, the larger the probability that they will address the shortcomings.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s