When IT administrators manage a fleet of Mac computers that also run Windows via Boot Camp, Parallels Desktop, or a virtual machine, a common complaint is that OneDrive for Business starts with the wrong Microsoft 365 account. Instead of the corporate account assigned to the device, OneDrive loads a personal account or an old test account. This problem usually occurs because OneDrive stores Windows credentials in the Windows Credential Manager, and those credentials do not automatically update when the Mac fleet management tool reassigns the device to a new user. This article explains why OneDrive picks the wrong account on startup and provides a reliable set of steps to force OneDrive to use the correct corporate account across your Mac fleet.
Key Takeaways: Fix OneDrive for Business Wrong Account on Windows Startup in Mac Fleets
- Windows Credential Manager > Windows Credentials > Generic Credentials: Remove all entries containing “OneDrive Cached Credential” to force OneDrive to prompt for a new account on next startup.
- Registry Editor > HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Business1: Delete this key to clear the cached business account association.
- Group Policy Object setting “Silently sign in to OneDrive sync app with Windows credentials”: Disable this policy to prevent OneDrive from reusing stale Windows credentials after a user change.
Why OneDrive Starts with the Wrong Account on Windows in a Mac Fleet
OneDrive for Business uses a combination of Windows Credential Manager entries and registry settings to determine which account to load at startup. When a Mac fleet management tool such as Jamf Pro or Microsoft Intune for macOS provisions a Windows partition or virtual machine, it typically deploys a base image that contains a preconfigured OneDrive instance. That base image stores the credentials of the original provisioning account. When the device is reassigned to a different user, OneDrive still finds the old credentials in the Credential Manager and the old tenant ID in the registry. Because OneDrive checks these local caches before prompting for new sign-in, it loads the wrong account without displaying any error.
The root cause is that the Windows Credential Manager does not automatically purge credentials when the Mac fleet management tool wipes the user profile or reimages the device. Even if the Windows user profile is deleted, the Credential Manager retains entries under the SYSTEM account or the previous user SID. OneDrive also writes account GUIDs and tenant IDs to the registry key HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Business1. If this key persists across user provisioning cycles, OneDrive will continue to sign in with the old account.
How the Mac Fleet Deployment Creates the Stale Account Problem
Mac fleet deployments that use Boot Camp or virtual machines often rely on a single Windows image that is duplicated across many devices. The image includes OneDrive preconfigured with a generic provisioning account. When the device boots for the first time under a new user, OneDrive reads the existing registry and credential entries from the image. The provisioning account credentials are still valid in the Credential Manager, so OneDrive silently signs in with that account. The new user sees OneDrive showing the wrong email address and syncing the wrong SharePoint libraries.
Steps to Force OneDrive to Use the Correct Account on Windows Startup
The following steps remove all cached credentials and registry data so that OneDrive prompts for a fresh sign-in on the next startup. Perform these steps on the Windows partition or virtual machine after the Mac fleet management tool has assigned the device to the correct user.
Step 1: Sign Out and Quit OneDrive Completely
- Open OneDrive settings
Right-click the OneDrive cloud icon in the Windows system tray and select Settings. If the icon is not visible, expand the hidden icons arrow next to the clock. - Unlink this PC
In the Account tab, click Unlink this PC. Confirm the prompt. This removes the OneDrive folder association but does not clear the Credential Manager entries. - Quit OneDrive
Right-click the OneDrive cloud icon again and select Quit OneDrive. Verify that no OneDrive process is running in Task Manager.
Step 2: Remove Stored Credentials from Windows Credential Manager
- Open Credential Manager
Press Windows Key + R, typecontrol /name Microsoft.CredentialManager, and press Enter. - Select Windows Credentials
Click the Windows Credentials tab. Look under Generic Credentials for entries that contain “OneDrive Cached Credential” or the email address of the wrong account. - Remove each stale entry
Click the arrow to expand the entry, then click Remove. Confirm the deletion. Repeat for every entry that references OneDrive or the old account.
Step 3: Delete the OneDrive Account Registry Key
- Open Registry Editor
Press Windows Key + R, typeregedit, and press Enter. Click Yes if prompted by User Account Control. - Navigate to the OneDrive account key
Go toHKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Business1. If you see multiple numbered keys such as Business2 or Business3, delete all of them. - Delete the key
Right-click Business1 and select Delete. Confirm the deletion. Close Registry Editor.
Step 4: Restart OneDrive and Sign In with the Correct Account
- Start OneDrive
Press Windows Key, type OneDrive, and press Enter. The OneDrive setup window appears because no cached credentials remain. - Enter the correct corporate email address
Type the user’s Microsoft 365 work or school account and click Sign In. Complete the authentication flow. OneDrive now syncs with the correct account.
If OneDrive Still Uses the Wrong Account After Clearing Credentials
OneDrive Reverts to the Old Account After a Reboot
If the wrong account reappears after a system restart, the Windows partition likely has a Group Policy Object or a provisioning package that silently reconfigures OneDrive. Check the local Group Policy Editor by running gpedit.msc and navigating to Computer Configuration > Administrative Templates > OneDrive. Locate the policy “Silently sign in to OneDrive sync app with Windows credentials.” Set it to Disabled. This policy tells OneDrive to use the current Windows user’s Azure AD credentials, which may still be the old provisioning account if the Windows user profile was not recreated.
The Windows User Profile Still Contains the Old Tenant ID
In some Mac fleet deployments, the Windows user profile is copied from a master template. The profile carries the old OneDrive tenant ID in the file %LocalAppData%\Microsoft\OneDrive\settings\Business1\ClientPolicy. Delete this entire folder while OneDrive is not running. The folder is recreated with correct values when OneDrive signs in with the new account.
OneDrive Account Selection at Startup: Manual vs Silently Configured
| Item | Manual sign-in after credential clear | Silent sign-in with Windows credentials |
|---|---|---|
| Account selection method | User is prompted to enter email and password | OneDrive uses the Azure AD token of the currently signed-in Windows user |
| Best for Mac fleets with user reassignment | Yes, because it forces a fresh authentication | No, because the old Windows user token is still cached |
| Requires clearing Credential Manager | Yes | No, but the Windows user profile must be new |
| Risk of using wrong account | Low, because the user explicitly provides credentials | High, because the token may belong to the original provisioning account |
The manual sign-in approach is more reliable for Mac fleets where devices are frequently reassigned to different users. Silent sign-in works only when each Windows user profile is created fresh on the device and the Azure AD token matches the intended OneDrive account.
After clearing the credentials and registry key, OneDrive will start with the correct account on the next boot. To prevent the problem from recurring in future deployments, modify your Mac fleet imaging process to delete the OneDrive credential entries and registry key as a post-provisioning script. You can run the command cmdkey /delete:OneDriveCachedCredential in an elevated command prompt to remove all OneDrive credential entries in bulk.