OneDrive not synchronizing encrypted files

Hi,

I have on my OneDrive folder some symbolic links to other folders, nothing special. My problem is with two links that points to folders encrypted with Safeguard location based encryption: one that points to a local folder, and one that points to a network location. None of the files inside this links are being synchronized by OneDrive, only the folder structure. 

All the other folders and links inside my OneDrive sync normally.

 

My SafeGuard version: 8.00.6.2

 

I've already tried all the bellow without luck:

- Adding the path to the OneDrive link to the location based encryption policy (<User Profile>\OneDrive\FOLDER)

- Adding Cloud Storage Definition, following this KB: https://community.sophos.com/kb/en-us/125710

- Adding OneDrive as an Ignored Application on my General Setttings policy

 

Removing the encryption allows the files to sync normally.

 

Thanks!

  • Hi  

    Would you please provide the screenshot of your One drive folder where symbolic links are stored? If possible the screenshot of the policy of CSD which you have applied on the machine and also RSOP of the safeguard policy assigned to the machine.

  • In reply to Jasmin:

    Hi Jasmin,

    The first and last links are the ones encrypted with safeguard

     

    I made a CSD just like the KB on my original post. Because, to my understanding, the CSD is just needed to encrypt files that are not encrypted, I removed the CSD and the policy from my configuration.

     

    Both links point to these two locations, one local and one on the network

     

    Thanks!

  • In reply to rfrancois:

    Hi  

    Would you please also enter the onedrive.exe into the trusted application as well? After that try with CSD and without CSD to synchronize those file.

    Would you please share the screenshot of the file encryption policy as well? I just want to confirm that you haven't enabled the One drive On-demand feature.

    If that is enabled, then there is a compatibility issue with Safeguard which is already mentioned in this article

  • Hi -I've had exactly this issue and caused a lot of problems!

    The solution I came up with was removing the file encryption options - as we didn't use it. That WILL resolve the issue but not ideal if you use file encryption AND it requires modifying the clients too.

    I did NOT have an active FE policy - yet the FE "default" policy was fouling with everything.

    However - I did this as a rolling programme so in the interim I set these exclusions into the current policy...

     

    Note the HIDDEN CACHE OneDrive folder - Didn't spot this at first but issue continued until I added this additional exclusion...

     

  • In reply to Jasmin:

    Hi Jasmin,

    I added it to trusted and tried with and without the CSD, but no luck.

     

    I was already aware about the problem with the On-demand feature and a while back disabled it via GPO

    That completely removes the option from the OneDrive client

    My file encryption policy:

     

    Thanks!

  • In reply to MichaelMcLannahan:

    Hi Michael, 

    Thanks for your reply!

    I already had a policy ignoring everything on the C drive, including subfolders, so I think all that includes all the folders in your printscreen.

    Even so, i tried adding then explicitly, but it didnt work.

    Thanks!

  • In reply to rfrancois:

    Do you use File Encryption Francois?

     

  • In reply to rfrancois:

    Hi  

    Would you please try to test on a system by upgrading to 8.10 version or newer and install file encryption engine build 31? Just to confirm, if the minifilter driver changes the behavior. 

  • In reply to MichaelMcLannahan:

    Hi Michael,

    Yes, I use it on the destination folder of those symbolic links

  • In reply to Shweta:

    Hi Shweta,

    I upgraded my client to version 8.3. At first I thought that the upgrade worked because after the reboot OneDrive started uploading those encripted files. The problem this time is that the upload never completes and OneDrive randomly finds a sync problem saying that the file is "open in another process"

    Besides that my computer became very laggy after the upgrade, maybe because of OneDrive, so I reverted back to 8.0.6.2

    Thanks

  • In reply to rfrancois:

    I think worthwhile to remove file encryption on one of the clients to prove a point, I’m confident that it’s this at fault.

    You seem to be mixing exclude and ignore? Have to tried the combination of them both (all exclude or all ignore)

    I can’t tell from your screenshots but are you trying to encrypt the OneDrive folder but then telling it to ignore and exclude?

  • In reply to MichaelMcLannahan:

    Hi Michael,

    I think it must be it too, because my clients only have the file encryption module installed.

    The ignore on C:\ I added trying to fix this issue. 

    I'm using Safeguard only to allow clients to access the files on a DFS. All files in this DFS are encrypted using Safeguard, but most files on the computer are not encrypted.

    On my OneDrive I have multiple symbolic links, and some of those links point to folders encrypted using Safeguard (local and remote folders)

    Thanks!

  • In reply to rfrancois:

    Hi  

    I would suggest you perform the steps suggested by Michael and if you still face the issue, it might require in-depth investigation, so would request you to either open a support case or PM me the licence details so that I can open a support case for you.