an infosec goon sometimes speaks

words what come from the mind of @hadricus (nathan manzi).

OneDrive Folder Redirection (KFM) for macOS

Posted on 03 February, 2020 / 1 min read

So you're running a macOS shop, and using Office 365 for identity, email, and data storage. You want to decrease risk of data loss, manage the security of corporate data, and provide staff the ability to share files in a controlled manner.

You also want to make it super easy for staff to adopt.

Microsoft OneDrive has a super great feature (for Windows) called Known Folder Move. This redirects the Desktop, Documents, and Pictures folders to your OneDrive folder.

The generous Brian McFarlane has graciously provided the community with a package which configures KFM for macOS workstations. The package depends on 'Outset', which is a script that "automatically processes packages, profiles, and scripts during the boot sequence, user logins, or on demand."

Configuration is simple, with a sample .mobileconfig profile for the KFM script, and one to set Privacy Policy Preferences for python. These can be deployed manually, or with an MDM such as Jamf Pro.

The KFM script is triggered on user logon to perform the following:

  1. Check if OneDrive is running, and the OneDrive folder exists (user is signed into OneDrive)
  2. Check if the 'Desktop' and/or 'Documents' folders in user home are a symlink, and if so, end the script
  3. If they aren't, then move 'Desktop' and 'Documents' into the OneDrive folder and create symlinks. If any conflicting files are found, they're placed in the user's 'Desktop' folder and the user is alerted.
  4. If configured, filenames in 'Desktop' are cleaned up (illegal chars, leading/trailing spaces, etc…)

This is great, and works amazingly well. I found no scenarios where any data loss was encountered. YMMV though, so don't blame me if it sets fire to your cat.

I did have a problem with this though. After the 'Desktop' and 'Documents' folders were moved and linked, the Finder sidebar shortcuts stop working. I found the aptly named 'mysides' which is a small CLI tool to modify Finder sidebar entries.

With mysides installed, the KFM script can be told to fix this for us. You can find the changes here: GitHub Link

I have a fork and release for the updated KFM which requires both Outset and mysides to be installed as prerequisites. You can download the release .pkg here.

Hope this helps! -NM

© 2020 Nathan Manzi. built in react with gatsby.