SharePoint Online – OneDrive cmdlets

SharePoint Online – OneDrive cmdlets
2 votes, 5.00 avg. rating (96% score)


Windows PowerShell cmdlets that let you enable the OneDrive for Business sync client from only the domains present in the safe recipients list.

So this now gives administrators the ability to decide what domains sync clients originating from are allowed. This is a great step for Micosoft and OneDrive for Business (OD4B) in regards to security. I have worked with multiple clients recently and usually the longest conversations revolve around security. I hope that these new cmdlets are just the beginning of exciting new features that will be launched this year.

Here is the primary technet article:

And here are the 3 new cmdlets:

  1. Set-SPOTenantSyncClientRestriction  ->  Enables the feature for the tenancy and lets you to set the domain GUIDs in the safe recipients list.
  2. Get-SPOTenantSyncClientRestriction  ->  Returns the current configuration status.
  3. Remove-SPOTenantSyncClientRestriction  ->  Disables the feature for the tenancy.

The articles on technet still appear to be drafts or works in progress but I wanted to see if these cmdlets were available yet so I connected to our Concurrency tenant and tested it out.

2015-03-09 10_19_05-Administrator_ SharePoint Online Management Shell

Success!  Our tenant was of course set up for this to be False (for now).

2015-03-09 10_21_34-Administrator_ SharePoint Online Management Shell

Not much there for the help yet but it is coming.

The most detailed description available so far is for the Set-SPOTenantSyncClientRestriction cmdlet. Here are the highlights pulled directly from technet:

  • You must be a SharePoint Online global administrator to run
  • The feature can take up to 24 hours to take effect but any changes to the safe recipients list are reflected within 5 minutes

When activating the feature the following will occur:

  • All OneDrive for Business Sync client requests originating from a domain that is not on the safe recipients list will be blocked.
  • All OneDrive for Business Mac Sync client requests will be blocked.
  • Any files that have been previously been synced down to the your computer will not be deleted.
  • OneDrive for Business sync client prior to version 15.0.4693.1000 will stop syncing existing libraries.

To determine the version of your Sync client, see How to determine the version of OneDrive for Business Sync client.

As a precaution, I did not enable this feature in any of my production environments as I will be waiting for a more formal announcement from Microsoft or some more detailed information from technet.

I really like the post from Drew Madelung and want to have a cross post on my blog rather than just bookmark :)

All credits to Author:

Drew Madelung

Cross post from

March 12, 2015 В· Adi В· No Comments
Tags: , , , ,  В· Posted in: OneDrive, Powershell, SharePoint 2013, SharePoint Online

Leave a Reply

What is 11 + 11 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)