Configuring OneDrive DisablePersonalSync & DisableNewAccountDetection with Intune

Microsoft introduced a new feature to OneDrive for enterprise customers, to prompt users to sync their personal OneDrive to their corporate device, should they have used a personal Microsoft account on said device. Users that, for example, use a personal Edge profile to separate their browsing, will now get prompted to sync their personal OneDrive with this new feature.

The feature has been announced in MC626577 (alternative link: Petri IT: MC626577) and with it introduced new settings to configure the feature. Ever since, I've been regularly scrolling through the Settings catalog in Intune to find these new settings. Microsoft documented the settings to prevent users from syncing their personal OneDrive (DisablePersonalSync) or to hide the new toast notification (DisableNewAccountDetection), however only as classic group policies. This morning when I started my machine (running OneDrive Insider Preview) I received the following dreaded toast notification:

Again I scanned the Intune Settings catalog to no avail.

In the following, I will describe a way to configure the settings to mute these toast notifications or outright prevent users from syncing their personal OneDrive using the ADMX Import feature in Intune. Learn more about the feature here:

Import custom and third party partner ADMX templates in Microsoft Intune

You can add, upload, or import custom and third party partner ADMX and ADML files in Microsoft Intune. When they’re imported, create a device configuration profile and assign the profile to your Windows 10/11 devices.

Microsoft LearnMandiOhlinger

Getting the policy files

First, I located OneDrive.admx at %LocalAppData%\Microsoft\OneDrive\%BuildNumber%\adm\ on my machine. All new settings, regarding this new OneDrive feature, are included in OneDrive version 23.063 and above. After opening the OneDrive.admx in Code to check for dependencies, I also located Windows.admx, found in C:\Windows\PolicyDefinitions.

Importing into Intune

After locating the policy files, I imported them in the Intune Portal:
Intune > Devices > Windows > Configuration profile > Import ADMX > ➕ Import

First I uploaded the Windows.admx, and associated Windows.adml file. Then I imported OneDrive.admx and OneDrive.adml. The order of import is important because of the dependency.

Creating the configuration profile

After the import, I created a new configuration profile:
Intune > Devices > Windows > Configuration profile > Profile >➕ Create profile

Platform: Windows 10 and later
Profile type: Templates
Template name: Imported Administrative templates (Preview)

To mute the toast notification but still allow users to sync their personal OneDrive, configure the setting Disable a toast and activity center message to encourage a user to sign in OneDrive using an existing credential that is made available to Microsoft applications to Enabled. (Device setting)

To completely prevent users from syncing their personal OneDrive, configure the setting Prevent users from syncing personal OneDrive accounts to Enabled. (User setting)

After creating the profile, assign it to a user or device group (depending on the setting you chose).

Let's hope Microsoft soon introduces these settings in the Intune native Settings catalog.