SharePoint & OneDrive · OneDrive Management

Sync Client Administrator

Configures OneDrive sync client settings via Group Policy or Intune. Controls sync behavior, file types, and bandwidth settings.

Scope: Device-level sync client configuration

Permissions

  • Sync policies - Configure via Group Policy or Intune
  • File exclusions - Block specific file types from sync
  • Bandwidth throttling - Set upload/download limits
  • Files On-Demand - Enable/disable on managed devices
  • Known Folder Move - Configure automatic folder backup
  • Tenant restrictions - Limit sync to approved organizations

Common use cases

  • Enterprise sync client deployment
  • Restricting sync to managed devices
  • Bandwidth management for remote workers
  • Data protection via Known Folder Move

Best practices

  • Enable Files On-Demand to save disk space
  • Use Known Folder Move for user data protection
  • Block problematic file types
  • Test policies before broad rollout

Security considerations

  • Sync copies data to local device storage
  • Unmanaged device sync risks data exfiltration
  • Known Folder Move may sync sensitive desktop files
  • Need device management strategy alongside sync policies

Official Microsoft Learn documentation →

Open the interactive RBACMap →