Microsoft Endpoint Manager – Configuration policies for Google Chrome

In the previous blog I introduced administrative templates in Intune. I showed how easily you can configure settings because administrative templates are almost like Active Directory GPOs. In this blog I want to show you some improvements Microsoft introduces two months ago in Microsoft Endpoint Manager 2203 release. This release contains a lot of new cool features and one of them is administrative templates for Google Chrome.

Why is it so important? Google Chrome is a standard in some companies as a default browser. How previous experience looked before 2203 release? Let me show you an example. If you wanted to configure some settings for Google Chrome first, you needed to ingest the Chrome ADMX file into Intune. Then you needed to configure custom settings one by one with OMA-URL (I will explain this topic in another blog):

 

That’s how setting looks like if you wanted to configure URL to open on startup. Looks quite complex if you don’t have an experience with custom settings, doesn’t it? Let’s see how you can configure policies with new administrative template and what the difference is. Go to Configuration profiles and click Create profile:

Then click Create. Provide a name of configuration profile and click Next:

In Computer Configuration section click Google, then choose Google Chrome. You can find hundreds of settings you can configure:

In below example we will configure some popular settings. The very first setting for browser every administrator configures is a home page. Settings in administrative templates are grouped by categories, so you can easily find home page setting in Startup, Home page and New Tab page section or you can use search:

Click on the setting name, enable the setting and provide the home page URL. Then click OK:

Next setting is Action on startup. Go to Google\Google Chrome\Startup, Home page and New Tab page and click on the setting name. Enable the setting and from dropdown list choose Restore the last session:

Then click OK. For security purposes I want to block saving passwords and I can configure Enable saving passwords to the password manager policy in Google\Google Chrome\Password manager section. Click on the policy name, disable saving passwords, and click OK:

Next, I want to restrict devices to download dangerous content. Find Allow download restrictions policy in Google\Google Chrome section:

Click on the policy name, then click Enable and from dropdown list choose Blocks malicious downloads and dangerous file types and click OK:

One more setting I want to configure is extensions for Google Chrome. I want to silently pre-install a few extensions for the users. Go to Google\Google Chrome\Extensions section and click on Configure the list of force-installed apps and extensions policy. Enable the policy and copypaste IDs of extensions you want to install. In my case it will be ggjhpefgjjfobnfoldnjipclpcfbgbhl for My Apps Secure Sign-in and aapbdbdomjkkjkaonfhkkikfgjllcleb for Google Translate:

Then click OK.

How to find extensions IDs? It’s very easy – just copypaste ID from extension URL:

The last setting I want to configure is a default browser:

Go to setting and enable it, then click OK.

We finished policies configuration for Google Chrome and now click Next twice to go on Assignments page:

In my environment I enable this configuration policies for all devices and click Next. On the Review + create page we see a list of settings I configured for Google Chrome:

Then click Create.

After policy synchronization we see they successfully applied on the device:

What is also visible in Google Chrome:

Happy deployment! For further information, please click here to contact our support team.

Share:

Facebook
Twitter
LinkedIn

Contact Us

On Key

More Posts

Mastering Azure AD Connect - A Comprehensive Guide by WME
Active Directory

Mastering Azure AD Connect – A Comprehensive Guide

Modern businesses are fast moving toward cloud-based infrastructure. In fact, cloud-based business is not just a trend anymore but a strategic necessity. Microsoft’s Azure Active Directory (Azure AD) has become a frontrunner in this domain. It

Read More »
Security Best Practices in SharePoint
Office 365

Security Best Practices in SharePoint

Microsoft SharePoint is an online collaboration platform that integrates with Microsoft Office. You can use it to store, organize, share, and access information online. SharePoint enables collaboration and content management and ultimately allows your teams to

Read More »
The Ultimate Guide to Microsoft Intune - Article by WME
Active Directory

The Ultimate Guide to Microsoft Intune

The corporate world is evolving fast. And with that, mobile devices are spreading everywhere. As we venture into the year 2024, they have already claimed a substantial 55% share of the total corporate device ecosystem. You

Read More »
Protecting Microsoft 365 from on-Premises Attacks
Cloud Security

How to Protect Microsoft 365 from On-Premises Attacks?

Microsoft 365 is diverse enough to enrich the capabilities of many types of private businesses. It complements users, applications, networks, devices, and whatnot. However, Microsoft 365 cybersecurity is often compromised and there are countless ways that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.