Cannot auth to Onedrive for Business

The full command you’re attempting to use.
rclone.exe ls my_remote:

A logfile of rclone’s output with personal information removed.
See https://pastebin.com/raw/vwLDkNdj

The rclone config you’re using.
[my_remote]
type = webdav
url = https://gzs-my.sharepoint.com/personal/gdufs20161704766_5tb_eu/Documents
vendor = sharepoint
user = imhereforthefiles@cock.li
pass = REDACTED

What version of rclone you’re using.
rclone v1.48.0

  • os/arch: windows/amd64
  • go version: go1.12.3

I'm trying to connect to Onedrive for Business sharepoint directory, my friend gave me read access to it.
Using a browser I am able to open it, list contents and download files, but I am interested in a sane way of working with it (mount, ls, cp, etc - thus rclone).
When I try to setup rclone to use onedrive with rclone interactive dialogs to create new remote it only finds a personal drive.
Then I've tried following rclone(dot)org/webdav/#sharepoint and got the errors above.
What do I need to add to the config to make it work?

Did you try using the onedrive backend? That supports sharepoint too.

I did, it could not find the share I need:

When I try to setup rclone to use onedrive with rclone interactive dialogs to create new remote it only finds a personal drive.

I can PM you my user/pass if you'd like to look at how it all behaves yourself.

I'm not a onedrive/sharepoint expert, but maybe @Cnly can help?

Can you paste the result when you did an rclone config with the onedrive backend?

One thing to watch out for is making sure you oauth with the right user? It might be best to open the oauth dialog in an incognito browser (you'll see the URL if you go back to the terminal with rclone in). I've made that mistake quite a few times!

Can you paste the result when you did an rclone config with the onedrive backend?

Sure, here it is: https://pastebin.com/raw/Q0TB1sLr

One thing to watch out for is making sure you oauth with the right user?

I have only one user (this one I'm trying to auth with), so that shouldn't be the problem.

Can you try the other options here?

Choose a number from below, or type in an existing value
 1 / OneDrive Personal or Business
   \ "onedrive"
 2 / Root Sharepoint site
   \ "sharepoint"
 3 / Type in driveID
   \ "driveid"
 4 / Type in SiteID
   \ "siteid"
 5 / Search a Sharepoint site
   \ "search"
Your choice> onedrive

Option 2: pastebin(dot)com/raw/cpbunxAa
Option 3: pastebin(dot)com/raw/tEdN1cxf
Option 4: pastebin(dot)com/raw/BTDSDxKd
Option 5: pastebin(dot)com/raw/nczxvd1W
I also tried option 1 without advanced options, just in case, and got the same result (only a personal drive, no business share):
pastebin(dot)com/raw/DqKCaMrb

"Sorry, you cannot post a link to that host" error message on posting forced me to put (dots) in hostnames.

Not 100% sure, but I think you may need to manually query for the driveID to use, using Microsoft's Graph Explorer.

Go to https://developer.microsoft.com/en-us/graph/graph-explorer, and sign into your account. Put https://graph.microsoft.com/v1.0/me/drives in the query address bar, then click Run Query. Can you find the drive you need in the output? If so, please try supplying its id to OneDrive.

If the above doesn't work, you may also change the query to https://graph.microsoft.com/v1.0/users/imhereforthefiles@cock.li/drives (where imhereforthefiles@cock.li will be the user sharing their drive with you) and try again.

PS: The EOF looks like temporary errors on Microsoft's side. I often see them when uploading files.

Please feel free to ask if there's any problem :slight_smile:

Graph explorer shows JSON with only my (empty) personal drive using "https://graph.microsoft.com/v1.0/me/drives" request.
Querying it with "https://graph.microsoft.com/v1.0/users/whatever/drives" also shows just my personal drive, regardless of the value of "whatever".
I'm still able to login into the site shared with me and view/download files via web-interface.

If I had to guess, although I don't know how this works, my account might be lacking some sort of enumeration permission for that shared drive, so the API won't list it, but if I ask for it directly (by using web-interface) then it sees I have read permission and lets me in.

Can you get the ID from the web interface? Maybe it is in the URL or something helpful like that?

I'll provide some updates on this.

@gf-db has PM'ed me with credentials so I tried to dig something out from the web interface myself, but I didn't succeed. :frowning: It seems difficult when you're trying to access a Business drive shared with you, using a Personal account. I'll keep an eye on this use case and see if I find a way in the future.

1 Like

Maybe this will be of any help: there is another project I've tried to use to work with this share, and that's davfs2. I followed this blog post, extracted cookies from the browser, fed them into davfs2 config and then it successfully connected. Unfortunately it seems like microsoft violates its own spec and fails to properly encode xml entities, so file/dir entries containing anything other than ascii alphanumerics in their names are ignored by davfs2 (which, in my case, is 100% of the content).

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.