OneDrive for Business – Disable Windows permission inheritance when syncing read-only content

As you may know, when you are synching content using OneDrive for Business client on your Windows device, ‘local’ Windows permissions are inherited.

With this new configuration setting, you can now disable this inheritance for folder(s) with read-only access.

NOTE this ‘read-only’ setting will not change permission on SharePoint

It is not recommended to enable this settings on users which are not syncing read-only content.

Currently the ‘read-only sync’ policy can only be enabled by using a registry key – we may expect this will come soon though the Office 365 Client Configuration Service (https://config.office.com/)

HKLM\SOFTWARE\Policies\Microsoft\OneDrive

“PermitDisablePermissionInheritance”=”dword:00000001”

image_thumb

The value 1 means the policy is enabled and 0 it is disabled.

You need to have OneDrive for Business client version 19.192.0926.0012 or later.

This settings can help improving synchronization performance.

Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies