Converting Local Account to Azure AD account - mattnovitsch/M365 GitHub Wiki

Summary

I was recently asked; can we move our remote users from local accounts to Azure AD accounts and keep their profiles? The answer is it depends on the applications that are the user is using. If the user is an office user that just uses Office products, then this can be done really easily. I'll walk you through the example of migrating a user that just uses Office and other minor applications that doesn't require customer configurations to move to an Azure AD account via OneDrive.

Prerequisite

  • OneDrive Licenses
  • Intune Licenses and deployed to the machine
  • Machine already in Hybrid or Azure AD Joined state.

Admin Steps

  1. Navigate to Microsoft Endpoint Manager
  2. Navigate to Devices > Windows > Configuration Profiles, then click Create Profile image
  3. Select the following then click Create:
  • Platform: Windows 10 and later
  • Profile Type: Templates
  • Template Name: Administrative Templates image
  1. Name the profile something meaningful to your organization or project. I'm just calling it OneDrive for Business Profile. Click Next once you have named it. image
  2. On the configuration settings section, scroll down to one drive. There are a lot of options here that your organization needs to define. Select what you need per your requirements. The ones I have selected pretty typical from what I have seen working with customers. image
  3. On the scope tags, make sure to assign this appropriately to the devices you have tagged(really important for RBAC). image
  4. Select the group of devices you are applying this setting for, I would strongly recommend a test group first. The great thing about this setting is once its tested and validated that it works then you can apply it to all devices that use one drive. I have it deployed to all devices in my lab but everyone needs to evaluate what their organization needs are. image
  5. Review then click create to deploy your profile.

User Steps

  1. User will be prompted to sign into OneDrive with their Azure AD credentials. image
  2. Have them click next on the folder location image
  3. Enter the password to login image
  4. Click Next informational window image
  5. Click next on the additional informational window image
  6. Click next on the final informational window image
  7. Click later on the mobile app screen image
  8. Close the window that confirms the setup image
  9. The hardest part of this, waiting for all the their data to copy over to one drive. Since we are doing known folders only, it will only do whatever they have in Documents, Pictures, and Desktop. The timing on this will vary depending on how much the users have and how much bandwidth they have. Let's just say we waited a week to be safe. Everything is backed up now.
  10. User logs in with their Azure AD credentials and onedrive begins to download the data from OneDrive to their Azure AD Profile on that workstation and you are complete.