OneDrive Files on Demand – first steps

OneDrive logo

After much anticipation and playing with Windows Insider previews OneDrive Files on Demand finally hit general release alongside Windows 10 1709 (Fall Creators Update) the other week. I’ve been giving it a test drive over the past week or two along with fellow Network tech Matt Stevens – here’s a few of our observations so far along with workarounds for a couple of teething issues.

Windows 10 build

There is one pretty important requirement to bear in mind with the new Files on Demand feature; it’s only available in build 1709 and above. That means you need to be on the semi-annual (aka CB) branch rather than the LTSB route that some people have taken.


It’s new features like Files on Demand that make the additional work of staying up-to-date worthwhile; so far we have a couple of hundred laptops running 1703 without too much fuss so 1709 should slot in fairly smoothly as we build our images layer-by-layer now using only the pure Microsoft WIM as a starting point.

We tamed (nuked) the built-in apps via a very handy Powershell script we found online (also see alternative version here) that runs during MDT deployment and the Start Menu default tiles are cleaned up via a GPO layout file. Configure your Windows Store for Business (or Education as case would have it), tweak a few more policies for Cortana, Telemetry etc. and Windows 10 becomes much more manageable even on the latest build.

Why Files on Demand?

If you don’t know what all the fuss is about check out the initial Insider announcement:



What it basically means is that we can finally integrate (huge amounts of) cloud storage with our on-premise desktops in a much tighter fashion and dispense with (unsupported) scripts or (expensive) third party tools to access OneDrive on a Windows desktop using File Explorer. It also means not having to deal with WebDAV, which always felt a horribly dated and clunky protocol to use for accessing cloud storage.

As soon as the 1709 ISO hit VLSC I grabbed it from Microsoft, slotted the new WIM into one of my MDT Task Sequences and deployed a VM to give the production version a try. It shows much promise but as always there’s some gotchas that mean nothing is ever quite straightforward.

Client version

Microsoft being Microsoft always have one shoot-self-in-foot moment whenever a new product comes out and this release was no exception. Despite having the freshly downloaded 1709 ISO I noticed that on first launch the client was showing up as 2016 and not the latest 2017 (17.3.7076.1026) that brings in Files on Demand

that’s the one that you want…

There’s a useful summary of the client install \ update process below. It does strike me as odd that the client self-updates and installs from appdata rather than being managed by WSUS.


Similarly it also takes a while to update when deployed on a clean 1709 build due to the initial client being out-of-date. This also means if a user is a bit too quick off the mark they can end up with an old-school full sync rather than Files on Demand.

I’ve been trying to replace the client during the deployment Task Sequence but more testing is required as my initial attempt failed with “Application Microsoft OneDrive 17.3.7073.1013 returned an unexpected return code: 1”.


I’ve added a Suspend action to the Task Sequence and will examine the logs to see what’s going on as the script tries to run…

Group Policy

To get more control over how the client is used grab the updated Group Policy templates from the local installation folder %localappdata%\Microsoft\OneDrive\BuildNumber\adm\


We force Files on Demand to be enabled as we don’t want sync cache eating up drive space on machines. We also configure our tenant ID (found via the Azure AD portal) so only Office 365 accounts can be used.

Configure these under Computer Settings > Administrative Templates > OneDrive

  • Allow syncing OneDrive accounts for only specific organizations > Enabled (using Tenant ID)
  • Enable OneDrive Files On-Demand > Enabled
  • Silently configure OneDrive using the primary Windows account > Enabled

I need to check if our third-party identity provider supports ADAL to make sure that last GPO setting works correctly. In the future we may well move to Azure AD Connect Passthrough authentication instead.

Clearing local cache (Free up space)

One important thing to remember about using Files on Demand is that when a file is either downloaded from the cloud, or freshly uploaded to it a cached copy will be kept on the local machine.

Over time (or with a large upload) this cache could grow and cause similar issues to what we were trying to avoid, especially with a shared machine and large volumes of users (pretty much the case for all our classroom machines)

At present it seems that no policies exist to force the “Free up space” option that removes the cached copies of files. However the article below suggests that using the new file attributes that have been brought in with 1709 can automate the process.

“Attrib.exe enables 2 core scenarios.  “attrib -U +P /s”, makes a set of files or folders always available and “attrib +U -P /s”, makes a set of files or folders online only.”

We tried a script that runs on the root OneDrive folder and sure enough it resets all files back to Online only and reduces the space used down to a megabyte or so 🙂

cd "%userprofile%\Onedrive - Name of your Organisation"
attrib +U -P /s

Running this script on Logoff should in theory keep the cache files down to the bare minimum.

Disclaimer: we only just figured this one out today so again caveat emptor if you go and run this in production without testing it first!!!


Field notes: OST cache, shared mailboxes and SSD drives

As we’ve been running all our staff and students on Office 365 for the best part of a year now we’ve found a few tweaks that may be of interest to a wider audience. Here’s one of them from experiences earlier in the week…


hdd-154463_1280Like many of you out there all our recent machines have been specced with SSD drives as the performance difference is incredible (can you imagine going back to HDD now?!) but the downside being that the size of drive isn’t as large.

This has become less of an issue on newer builds as 120GB drives have dropped right down in price now but for the first-gen machines with 60GB drives we have hit some space issues, mainly due to…

Shared mailbox caching behaviour

In a previous post I’ve mentioned the hybrid cache in Outlook 2013 that makes working with large mailboxes much easier; however what’s hidden away in the small print is that the hybrid cache doesn’t apply to shared mailboxes or other peoples’ mailboxes that you have access to.

That has some knock-on effects that aren’t immediately apparent but have began to manifest themselves recently in a couple of ways:

Low disk space

We’ve had a few calls coming in recently with machines running out of disk space, an issue we’d pretty much consigned to the history books after being spoiled with 160GB+ drives being more than spacious for most generic desktops.

Upon running the old but incredibly useful WinDirStat tool we could see where the space had gone… OST files! The worst case thus far was 35GB in a single file but other machines have had numerous ~7GB files (multiply that by a factor of 3-4 on a machine used by multiple staff and you can soon see where the space goes)

Calendar entries not syncing

Another recent call involved staff responsible for managing other users’ calendars not seeing updates when new entries were added or moved, yet when viewing on another machine or via OWA there was no such problem. What seems to happen is as the OST grows it corrupts and eventually the sync behaviour becomes a bit erratic.

Emails stuck in Outbox

Similar to the calendar scenario above some users have had random emails getting stuck in their Outbox and refusing to send. This particular issue has occurred on smaller OSTs as well as the huge ones above so it seems to be a corruption issue that can pop up from time to time.

Resolution steps

The quickest way to fix a corrupted cache is just to delete it. If, however you don’t want to do that for some reason (slow connection, user doesn’t want to wait for cache to reload or has unsynchronised items) you can run the scanpst tool that’s included within Office. It’s not something you’ll find in the Start Menu so run it manually from:

C:\Program Files (x86)\Microsoft Office\Office15\scanpst.exe


In the scenario above where emails were getting stuck in the Outbox scanpst resolved the issue without needing to delete and repopulate the cache so it’s worth a shot as a quick fix

Disable caching for additional mailboxes

Some of our users need to have 10+ additional mailboxes open, others have shared mailboxes with many attachments and have tended to be the ones hit hardest by the caching and disk space issues. If money was no object we could just get them all 250GB+ SSDs but seeing as that’s not the case we need plan b)


The solution is to enable an Office 2013 GPO setting under User Configuration > Administrative Templates:

Outlook 2013 > Outlook Options > Delegates > Disable shared mail folder caching

Once this applies you’ll notice a change in the status bar along the bottom of Outlook, non-cached mailboxes will show up as “Online” (confirmed at the end of the KB article above)

status bar

The slight downside is a bit of lag when first opening the folders. For a secondary mailbox that isn’t used as regularly it’s an acceptable compromise, given the issues that users were experiencing with the oversized caches so we’ve rolled it out across the board.

The only thing we’ll have to wait and see is whether the large OSTs reduce in size or if they need deleting to remove the cache that was previously stored for the shared mailboxes.