Can't connect to onedrive via rclone

What is the problem you are having with rclone?

One of our partners share sensitive documents with us using a onedrive. the url has the following format: https://ABC-my.sharepoint.com/personal/XYZ/_layouts/15/onedrive.aspx

where ABC is the domain and XYZ is the name of the ownerofdrive_nameofcompany_be.

I can see the content of the drive and download files using the browser. I login using an account provided by them myname@nameofcompany.be. with 2FA using my phone. (sms)

Using the onedrive remote and choosing option for onedrive personal or buisiness I get a forbidden error. searching for the site doesn't work as it doesn't show up. If I try to put the site url directly I get a bad request error.

Looking at rclone docs I saw that webdav is also a viable option. Since the url matches what's mentioned in webdav docs for sharepoint online:

https://[YOUR-DOMAIN]-my.sharepoint.com/personal/[YOUR-EMAIL]/_layouts/15/onedrive.aspx

However it's not my email address that shows up in the url but the owner of the onedrive drive with underscores as delimiters and no @ sign.

Connecting using webdav doesn't work as 2FA is enabled I contacted the partner company but they refuse to generate an app password as it defies their security guidlines.

Honestly I'm stuck I've tried everythin I could. but I can't circumvent the app password.

Can someone suggest how to do this? any other option I can try?

Run the command 'rclone version' and share the full output of the command.

$ rclone version
rclone v1.58.1

  • os/version: Microsoft Windows 10 Pro 21H2 (64 bit)
  • os/kernel: 10.0.19044.1766 (x86_64)
  • os/type: windows
  • os/arch: amd64
  • go/version: go1.17.9
  • go/linking: dynamic
  • go/tags: cmount

Yes

Which cloud storage system are you using? (eg Google Drive)

Onedrive/Sharepoint

The command you were trying to run (eg rclone copy /tmp remote:tmp)

rclone lsd remote:

The rclone config contents with secrets removed.

[remote]
type = webdav
url = https://ABC-my.sharepoint.com/personal/XYZ/Documents
vendor = sharepoint
user = REDACTED
pass = REDACTED

A log from the command with the -vv flag

$ rclone lsd -vv remote:
2022/07/08 12:29:45 DEBUG : rclone: Version "v1.58.1" starting with parameters ["C:\\Windows\\rclone.exe" "lsd" "-vv" "remote:"]
2022/07/08 12:29:45 DEBUG : Creating backend with remote "remote:"
2022/07/08 12:29:45 DEBUG : Using config file from "C:\\Users\\H.AB\\AppData\\Roaming\\rclone\\rclone.conf"
2022/07/08 12:29:45 DEBUG : found headers:
2022/07/08 12:29:48 Failed to create file system for "remote:": wst:FailedAuthentication: Authentication Failure (AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access ''.)

Looks like you need MFA as noted in your log file so a user name / password only won't work. If possible an app password might be a workaround, but that isn't in it:

Make rclone work with OneDrive app password only, like other apps do · Issue #3585 · rclone/rclone (github.com)

Not sure as the admin setup MFA and made it required.

I cannot create an app password for the account they provided me. and they refuse to do it as it collides with their security guidelines. they provided me with client id and client secret but that didn't change the fact that I cant find site using the onedrive remote.

Made it work using SiteID and onedrive remote

1 Like

How did you find the SiteId? I am having a similar issue and can't find it.

You can run aquery to get it in microsoft graph:

Go to Graph Explorer | Try Microsoft Graph APIs - Microsoft Graph. log in using your microsoft account and run the below query

GET https://graph.microsoft.com/v1.0/sites/ABC-my.sharepoint.com:/personal/XYZ