Sharepoint remote for MS Office Education account with guest permissions

What is the problem you are having with rclone?

I am trying to set up a remote connection for a sharepoint site that my Office 365 Education account (university email as login) is granted guest permissions on. I have verified that I can login to the sharepoint site via a web browser and the MS Teams app for MacOS.

Run the command 'rclone version' and share the full output of the command.

rclone v1.58.1-DEV
- os/version: centos 7.9.2009 (64 bit)
- os/kernel: 3.10.0-1160.31.1.el7.x86_64 (x86_64)
- os/type: linux
- os/arch: amd64
- go/version: go1.17.6
- go/linking: static
- go/tags: none

Which cloud storage system are you using? (eg Google Drive)

OneDrive / sharepoint

The command you were trying to run (eg rclone copy /tmp remote:tmp)

rclone config to set up the remotes, rclone lsd <remote>: to test.

The rclone config contents with secrets removed.

Below are the configurations that I managed to set up via rclone config that I thought might work, but didn't.

Config 1:
[abc-webdav]
type = webdav
url = https://abc.sharepoint.com/teams/160925138/
vendor = sharepoint
user = user@uni.edu
pass = REMOVED
Config 2:
[abc-webdav-ntlm]
type = webdav
url = https://abc.sharepoint.com/teams/160925138/
vendor = sharepoint-ntlm
user = xyz\user
pass = REMOVED

Note, "xyz" above is the domain, and was taken from guidance in the docs, as the "[YOUR-DOMAIN]" substring:

To use a sharepoint remote with rclone, add it like this: First, you need to get your remote's URL:

Go here to open your OneDrive or to sign in
Now take a look at your address bar, the URL should look like this: https://[YOUR-DOMAIN]-my.sharepoint.com/personal/[YOUR-EMAIL]/_layouts/15/onedrive.aspx

When tried with my login email address domain, e.g. "uni.edu" instead of "xyz", I get the same results (provided below).

A log from the command with the -vv flag

Results of rclone lsd abc-webdav: -vv:

2022/05/04 09:39:44 DEBUG : rclone: Version "v1.58.1-DEV" starting with parameters ["rclone" "lsd" "abc-webdav:" "-vv"]
2022/05/04 09:39:44 DEBUG : Creating backend with remote "abc-webdav:"
2022/05/04 09:39:44 DEBUG : Using config file from "/home/user/.config/rclone/rclone.conf"
2022/05/04 09:39:44 DEBUG : found headers: 
2022/05/04 09:39:45 ERROR : : error listing: couldn't list files: 401 Unauthorized
2022/05/04 09:39:45 DEBUG : 7 go routines active
2022/05/04 09:39:45 Failed to lsd with 2 errors: last error was: couldn't list files: 401 Unauthorized

Results of rclone lsd abc-webdav-ntlm: -vv:

2022/05/04 09:39:55 DEBUG : rclone: Version "v1.58.1-DEV" starting with parameters ["rclone" "lsd" "abc-webdav-ntlm:" "-vv"]
2022/05/04 09:39:55 DEBUG : Creating backend with remote "abc-webdav-ntlm:"
2022/05/04 09:39:55 DEBUG : Using config file from "/home/user/.config/rclone/rclone.conf"
2022/05/04 09:39:55 DEBUG : found headers: 
2022/05/04 09:39:55 ERROR : : error listing: couldn't list files: 401 Unauthorized
2022/05/04 09:39:55 DEBUG : 4 go routines active
2022/05/04 09:39:55 Failed to lsd with 2 errors: last error was: couldn't list files: 401 Unauthorized

Other thoughts

I believe this is a similar case to this question, but the final config that ended up working for that user, which mirrors my "Config 1" above, (obviously) does not work for me:

type = webdav
url = https://ABC.sharepoint.com/sites/XYZ/Shared Documents
vendor = sharepoint
user = USER@DEF.edu
pass = REMOVED

Also, I did try to configure this as a OneDrive remote initially,

Storage> onedrive  
...  
client_id>  
...  
client_secret>   
...  
region> 1
...
Edit advanced config?
y/n> n
Already have a token - refresh?
y/n> n
...
config_type> 3
...
config_site_url> https://abc.sharepoint.com/teams/160925138/

And then I get the following error after supplying that url:

2022/05/04 10:05:34 DEBUG : abc-sharepoint: config in: state="url_end", result="https://abc.sharepoint.com/teams/160925138"
2022/05/04 10:05:34 DEBUG : abc-sharepoint: config out: out=&{State:choose_type Option:<nil> OAuth:<nil> Error:Failed to query available site by relative path: HTTP error 400 (400 Bad Request) returned body: "{\"error\":{\"code\":\"BadRequest\",\"message\":\"Resource not found for the segment 'abc.sharepoint.com'.\",\"innerError\":{\"date\":\"2022-05-04T18:05:34\",\"request-id\":\"0e8fc20d-73cc-471e-b749-3a3e89e35086\",\"client-request-id\":\"0e8fc20d-73cc-471e-b749-3a3e89e35086\"}}}" Result:}, err=<nil>
Failed to query available site by relative path: HTTP error 400 (400 Bad Request) returned body: "{\"error\":{\"code\":\"BadRequest\",\"message\":\"Resource not found for the segment 'abc.sharepoint.com'.\",\"innerError\":{\"date\":\"2022-05-04T18:05:34\",\"request-id\":\"0e8fc20d-73cc-471e-b749-3a3e89e35086\",\"client-request-id\":\"0e8fc20d-73cc-471e-b749-3a3e89e35086\"}}}"
2022/05/04 10:05:34 DEBUG : abc-sharepoint: config in: state="choose_type", result=""
2022/05/04 10:05:34 DEBUG : abc-sharepoint: config out: out=&{State:choose_type_done Option:onedrive OAuth:<nil> Error: Result:}, err=<nil>
2022/05/04 10:05:34 DEBUG : abc-sharepoint: config: reading config parameter "config_type"

Also, and maybe this is the main thing, but I have 2FA on my university account!

I think that's all, let me know what other details I can provide! Thank you for this tool it has been great for my other use cases so far.

hello and welcome to the forum,

that version of rclone is some custom compiled version.
the only way to get the offical version is https://rclone.org/downloads/#script-download-and-install

Thank you, yes I know this is not the official version of rclone, just what installs with conda install rclone. I know it is not ideal but it's what I have to work with on this system currently.

I've just tried the two webdav configurations I listed above, with the official version of rclone on a separate system, and received similar "401 Unauthorized" errors. Do you have any thoughts on those configurations? Any ideas on what to try?

no, often edu accounts are different from normal accounts.
this works for my normal account.

[sdav]
type = webdav
url = https://domain.sharepoint.com
vendor = sharepoint
user = username@domain.net
pass = 

webdav is a common protocol, have you tried any other clients.
windows has native webdv support, does macos?

Have you had any experience where your target url has a different domain from your user domain, e.g. where your account was given guest permissions on another domain? I am wondering if that is part of my issue. E.g. have you done anything like this:

[sdav]
type = webdav
url = https://abc-domain.sharepoint.com
vendor = sharepoint
user = username@xyz-domain.net
pass = 

Also, I just updated my question, but I just remembered that I have 2FA on my uni account, so maybe that is a deal-breaker.

I have been trying with curl but getting similar errors.

i have 2fa on that account and webdav works fine.

Do you see anything off with the steps I took above to set up as a onedrive remote instead of webdav? I'm curious why that would not work in the first place. I.e., after I successfully generated the token by logging in to authorize rclone for access, why should it fail to find that sharepoint site url if I have guest access?