Microsoft Office 365 rclone app

What is the problem you are having with rclone?

New rclone app just appeared in Microsoft Office 365 portal and no idea how to enable, configure, or use.

Run the command 'rclone version' and share the full output of the command.

rclone v1.58.1

  • os/version: Microsoft Windows 10 Pro 21H2 (64 bit)
  • os/kernel: 10.0.19044.1826 (x86_64)
  • os/type: windows
  • os/arch: amd64
  • go/version: go1.17.9
  • go/linking: dynamic
  • go/tags: cmount
not applicable

Which cloud storage system are you using? (eg Google Drive)

Microsoft Azure Blob and Microsoft OneDrive

The command you were trying to run (eg rclone copy /tmp remote:tmp)

not applicable

The rclone config contents with secrets removed.

not applicable

A log from the command with the -vv flag

not applicable

Ask your admin that provided it.

Hello Animosity022,

Thanks for responding. I AM the admin. Have looked everwhere in the Admin console to find something about this new rclone app. nada.

Again, it just 'appeared' out of nowhere. If I can use it out of Azure and Office 365 with, say Power Automate Flows, That would be a good thing.

I have been happily using rclone with AWS, Azure, Google, IBM, and Oracle for years. This 'App' is new. At least to moi.

There's nothing that rclone can do to publish something your enterprise portal. It's an enterprise app that some other admin registered / made available.

Log into your Azure Console.
Find Enterprise Apps
Find the app in question
Check the audit logs and see who added it in your enterprise.

Ok. First stop Azure Enterprise Apps as instructed:

Next. Microsoft Office 365 Security & Privacy:

Again, I am the administrator for both and took no action, which I can recall, to invoke or install or deploy the rclone 'App' in either Azure or Microsoft Office 365.

I did recently create an rclone instance from OneDrive for Business to local storage. I can ONLY 'speculate' that rclone created the App to support authentication and it now appears in my Apps.

There are only two (2) occurrences on the web (using google search) for rclone+rayGina and they are both for OneDrive for Business authentication and they are both github issues:

So can I conclude that everything is in order and that App is supposed to be there?

The reason I ask is because I will, in turn, need to explain it to others.

Oh, and nothing in logs because they only go back 7 days.

I don't know much about onedrive but I do know that creating an app is quite common after you've done an inital oauth. It then allows you to disconnect rclone from the account so maybe that is it?

Hello Nick,

So good to hear from you Sir.

The question is around 'genesis'; as in 'where did it come from?'. I have deliberately created Apps for other services such as EHR; however, this just 'appeared'. I did NOT personally create it. Or if I; did then clearly I am losing my mind :wink:

I did take Animosity022's statement to heart:

"There's nothing that rclone can do to publish something your enterprise portal. It's an enterprise app that some other admin registered / made available."

Simply trying to establish whether this is normal behaviour for security peace of mind.

On the surface, I would not expect anything malicious and you have 3rd party APIs allowed so someone registered rclone and it'll show up.

There is an audit log for the enterprise app so you should be able to see who did it.

Whether you want people exfiltrating data via a 3rd party app, that's more a question for your enterprise as we don't allow any of that by default as we have all that locked down. Each enterprise/business is unique with what you want to allow or disallow.

In the Enterprise App properties, you can always turn it off from appearing in myapps as well.

It's the same with most apps that you register against as Google shows up under apps with 3rd party access:

If you do want 3rd party API access, I'd probably turn it off as a default and make a new enterprise application with the specific permissions you want on who can use it or not.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.