OneDrive for Business Known Folder Move fails before setup completes for remote staff: Fix Guide

Remote employees often see Known Folder Move fail before the OneDrive setup finishes. The error appears during the initial sync configuration, preventing desktop, documents, and pictures from redirecting to OneDrive. This failure typically occurs because the remote machine lacks a direct connection to the corporate network or because Group Policy settings block the redirect for non-domain-joined devices. This guide explains the root cause and provides step-by-step fixes to complete Known Folder Move for remote staff.

Why Known Folder Move Fails for Remote Staff

Known Folder Move relies on several conditions that are often missing on remote machines. The primary cause is the lack of a domain-joined status. When OneDrive detects that the computer is not joined to the corporate Active Directory domain, it blocks the silent redirect of known folders. This is a deliberate security measure to prevent unauthorized folder redirection on unmanaged devices.

A second common cause is network latency or throttling during the initial sync. Remote staff often use VPN connections that introduce high latency. OneDrive’s sync engine may time out while scanning the local folders, causing the setup wizard to fail before Known Folder Move completes. Additionally, if the user’s OneDrive account has not been assigned a license with SharePoint Online, the feature will not activate.

Group Policy settings can also block Known Folder Move for remote users. The policy “Prevent users from redirecting their Windows known folders to OneDrive” overrides user intent. Even when the policy is set to allow Known Folder Move, the “Silently move Windows known folders to OneDrive” policy may require a domain-joined machine to apply. Remote computers that are Azure AD-joined but not hybrid-joined may still fail if the policy references on-premises security groups.

Finally, the Web Account Manager component may not function correctly on remote machines. OneDrive uses WAM to authenticate the user during Known Folder Move. If the remote device uses a local account instead of a Microsoft 365 account, WAM fails and the setup stops.

Steps to Fix Known Folder Move for Remote Staff

The following steps are ordered from least invasive to most invasive. Start with Step 1 and only proceed if the issue persists.

1. Verify OneDrive License and Tenant Connectivity
   Open a web browser and sign in to portal.office.com. Confirm that the user account has a Microsoft 365 license that includes OneDrive. Check that the user can access onedrive.com and see their files. If the page does not load, the network firewall may be blocking the required endpoints. Ensure the remote VPN allows traffic to sharepoint.com and onedrive.com.
2. Run the OneDrive Diagnostic Tool
   On the remote machine, open a Command Prompt as administrator and run "%localappdata%\Microsoft\OneDrive\OneDrive.exe" /diagnose. This generates a log file in the user’s Temp folder. Review the log for error codes related to KFM. Common codes include 0x8004de40 (network timeout) and 0x80070194 (file in use). Share the log with your IT help desk if needed.
3. Disable Web Account Manager Requirement for Non-Domain-Joined Devices
   Open Registry Editor. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\OneDrive. If the OneDrive key does not exist, right-click the Microsoft folder, select New > Key, and name it “OneDrive”. Create a new DWORD value named KFMOptInWithWam. Set the value to 0. Close Registry Editor and restart OneDrive by right-clicking the OneDrive icon in the system tray and selecting “Close OneDrive”, then launching it again from the Start menu.
4. Manually Start Known Folder Move
   Click the OneDrive cloud icon in the notification area. Select Settings > Sync and backup > Manage backup. Click the “Start backup” button next to Desktop, Documents, or Pictures. If the button is grayed out, the folders are already redirected. If you see an error, note the error code and proceed to the next step.
5. Apply Group Policy Changes for Remote Staff
   On a domain controller or management workstation, open Group Policy Management Console. Edit the policy applied to remote users. Navigate to Computer Configuration > Administrative Templates > OneDrive. Enable the setting “Silently move Windows known folders to OneDrive”. In the options, set the “Tenant ID” to your Microsoft 365 tenant ID. Enable the setting “Allow users to choose whether to move their Windows known folders to OneDrive”. Ensure that the policy “Prevent users from redirecting their Windows known folders to OneDrive” is set to Not Configured or Disabled. On the remote machine, run gpupdate /force from an elevated Command Prompt, then restart OneDrive.
6. Perform a OneDrive Reset
   Press Windows Key + R, type %localappdata%\Microsoft\OneDrive\OneDrive.exe /reset, and press Enter. Wait for the reset to complete. Launch OneDrive again from the Start menu. Sign in and attempt Known Folder Move again. This clears cached credentials and resets the sync engine, which often resolves timeout-related failures.

If Known Folder Move Still Fails After the Main Fix

OneDrive Shows Error 0x8004de40 During Setup

Error 0x8004de40 indicates a network timeout. The remote machine cannot reach the OneDrive service within the expected time. Check the VPN connection speed. If the VPN is slow, ask the user to disconnect from the VPN and use a direct internet connection for the initial sync. Once Known Folder Move completes, they can reconnect the VPN for ongoing syncing.

OneDrive Shows “Your IT department has turned off sync” Error

This error occurs when the “Allow syncing OneDrive files” tenant setting is disabled. Sign in to the Microsoft 365 admin center. Go to Settings > Org Settings > OneDrive. Under “Sync”, ensure that “Allow syncing OneDrive files” is turned On. Also check that the “Allow syncing only on PCs joined to specific domains” option does not exclude the remote machine. If it is enabled, add the remote computer’s Azure AD device ID to the allowed list.

Known Folder Move Works but Files Do Not Sync

After a successful Known Folder Move, files may appear stuck. Open OneDrive settings > Sync and backup > Manage backup. Verify that all three folders show as “Backed up”. If one folder shows “Not backed up”, click the “Start backup” button again. If files still do not sync, check the file names for unsupported characters like " : < > ? |. Rename any offending files and the sync will resume.

Manual Known Folder Move vs Silent Known Folder Move: Key Differences

Item	Manual Known Folder Move	Silent Known Folder Move
User interaction required	User must click “Start backup” in OneDrive settings	No user action needed; runs automatically during setup
Domain-join requirement	Works on domain-joined, Azure AD-joined, and non-joined devices	Requires domain-joined or hybrid Azure AD-joined device
Group Policy dependency	None; user controls the action	Requires “Silently move Windows known folders to OneDrive” policy enabled
Best for remote staff	Yes; works when VPN is active and WAM is disabled	No; often fails on non-domain-joined remote machines
Error handling	User sees error and can retry	Error is logged silently; admin must check logs

Remote staff should use manual Known Folder Move for the most reliable outcome. Silent Known Folder Move is best reserved for corporate devices that are always domain-joined.

After completing the fix, remote staff can redirect their Desktop, Documents, and Pictures folders to OneDrive without further IT intervention. Verify the backup status by opening OneDrive settings and checking the Manage backup page. As a next step, configure the “Files On-Demand” setting to save disk space on the remote machine. An advanced tip: use the OneDrive Group Policy template to set the “Auto-upload” registry key to 2, which forces Known Folder Move to retry automatically if it fails on the first attempt.