You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close

09: How do I overcome OneDrive block prompts when SecureRun is on?

Required executables must be configured to be able to run OneDrive along with SecureRun.

Configure a PolicyPak Least Privilege Manager rule to “allow and log” the following executables. These can also be configured using the pre-configured advice for PPLPM. You can download those from the Customer Portal → Downloads → Production-Guidance link.

Once you have downloaded the Guidance you are looking for the PolicyPak Least Privilege Manager XMLs and then specifically the array of OneDrive files like what’s seen here.

  1. REQUIRED - OneDrive.EXE

Location: %localappdata%\Microsoft\OneDrive\

OneDrive Sync Client and responsible for application launch in Windows Explorer. It must be set to allow and log in the rule as shown below screenshot.

  1. REQUIRED - FileCoAuth.EXE

Location: %localappdata%\Microsoft\OneDrive\ [~version~] \

This executable needs to run once on the computer and prompts will go away.

  1. REQUIRED - OneDriveSetup.EXE

Location: %localappdata%\Microsoft\OneDrive\Update

OneDrive Setup Package file. Used for first-time installation and uninstallation of the program.

  1. OPTIONAL - FileSyncConfig.EXE

Location: %localappdata%\Microsoft\OneDrive\ [~version~] \

This file doesn’t appear during OneDrive installation anymore. Configure the Allow and Log policy as shown below when you got a SecureRun block message.

  1. OPTIONAL: OneDriveStandaloneUpdater.EXE

Location: %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe

This will keep OneDrive updated using a Task entry in Windows Task Scheduler. Create this allow and log rule when you want to keep it automated.

OneDrive Command-line Arguments:

In some cases when OneDrive updates are pushed or for any other scenario, CMD command-lines are triggered for OneDrive application. Give a try to our pre-configured guidance named “Microsoft OneDrive Allow Rules needed for SecureRun.XML”.

We’ve combined known command-line args in that XML guidance, as shown in below screenshot.

But if you’re receiving a different command-line prompt then check the following KB for more help:

https://kb.policypak.com/kb/article/1096-how-are-wildcards-supported-when-used-with-path-and-command-line-arguments-in-least-privilege-manager/

  • 1100
  • 18-Mar-2021
  • 1066 Views