We recently hit into an issue that, user has configure to store PST files (outlook files) into the user’s Onedrive (office 365) . Though we did not think of blocking the pst ,nsf files in onedrive sync configuration until it report to us.
Storing of PST into onedrive do create multiple versions and that eat all your space .We have instructed user to delete some files from onedrive but cannot access the OneDrive due to storage FULL.
The only option left is ,get SharePoint admin increase the onedrive quota (if you are eligible as there are different office 365 plans available) to higher ,exclude user from any retention period ,let user delete the files from onedrive .
I have given the steps below to fix the issue.
Accessing user OneDrive to remove files:
- Find the purposed user in Office 365 admin center (https://admin.microsoft.com/AdminPortal/Home#/users)
- Click on Access files under OneDrive Settings
- Find the URL of the user .If you unable to get the user URL ,you can access your onedrive URL and simply replace that with user email address or UPN.
- for ex: eswar.koneti@eskonr.com onedrive URL is https://koneti123-my.sharepoint.com/personal/eswar_koneti_eskonr_com/_layouts/15/onedrive.aspx ,replace the user email address here to get full URL.
Steps to increase OneDrive storage to 5TB (since we are having M365 with E5 ,we are eligible for 5TB) .Check what is your max limit of onedrive storage with your subscription.
1) Download SharePoint Online Management Shell
https://www.microsoft.com/en-us/download/details.aspx?id=35588
2) Run script below in SharePoint Online Management Shell
Connect-SPOService
3) Insert your SharePoint admin center URL
https://[domain].sharepoint.com
4) Run script below to increase the OneDrive storage to 5TB, you need to change the highlighted part to user login ID, or the best is to get the user OneDrive URL from their OneDrive:
Set-SPOSite -Identity https://[domain]-my.sharepoint.com/personal/eswar_koneti_eskonr_com -StorageQuota 5242880
- Remove site from retention policy
1) Make sure you have added the admin account into Security & Compliance center > Permissions > Organization Management > Edit role group
2) Run Windows PowerShell as admin
3) Insert script below to connect to EXO powershell
Set-ExecutionPolicy RemoteSigned
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session
4) Insert script below to exclude site collection from Retention policy
Set-RetentionCompliancePolicy -Identity "Policy Name" -AddSharePointLocationException "Site URL"
E.g.
- Exclude user OneDrive from retention policy
- Run Windows PowerShell as admin
- Insert script below to connect to EXO powershell
Set-ExecutionPolicy RemoteSigned
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session
- Insert script below to exclude user from Retention policy, you can add multiple values for Site URL
Set-RetentionCompliancePolicy -Identity "Policy Name" --AddOneDriveLocationException "Site URL"
Once the onedrive quota increased to higher number ,user can login to onedrive to remove the unnecessary data.
and finally ,dont forget to add user back to retention hold policy as per your governance policy.
How to block syncing of specific file types to Onedrive client app ?
Login to onedrive admin portal https://admin.onedrive.com/ using Global Admin or necessary permissions.
Click on Sync tab https://admin.onedrive.com/?v=SyncSettings
Choose block syncing of specific file types
add the file types without any dot or something.
exe
msi
mp3
mp4
avi
nsf
pst
There could be more files which you want to block but it varies from org to org.
When user try to upload to Onedrive client app with any of the above file types ,they will by notified about the file block and cannot be synced to cloud.
But ,user can go web browser ,access onedrive URL and upload above file types and it does sync back to your onedrive client app. After these files sync to onedrive app on your windows device ,if you make any changes ,they will sync to cloud again.
For ex, using web browser ,i can upload file with extension .AVI which is blocked in onedrive file sync .So after the upload ,these files will download to your onedrive client app on windows device.
Once the file downloaded ,if you rename the file ,the fill will be blocked immediately and will not sync back to cloud and is limitation currently.
Hope you find this post useful!
1 Comment
This looks great solution