Manage New Microsoft Edge Chromium with Group Policy
Microsoft Edge Chromium is gaining steam as a viable browser that is ready for the enterprise environment. Microsoft is officially saying that Edge Chromium is the way forward with IE settings and defaults being migrated over to Edge Chromium. Recently, in working with a terminal server for a legacy application that required certain browser settings, I worked to control settings of Edge Chromium and wanted to share a few tidbits of the experience. Let’s take a look at how to manage the new Microsoft Edge Chromium with Group Policy.
Download Microsoft Chromium Edge Enterprise
If you are working with Microsoft Edge Chromium and want to download the Enterprise offering that can be managed with Group Policy, you can download both here:
After downloading the new Microsoft Edge, download the correlating Group Policy template for Edge as well. As a note on the download page, support ends for legacy Edge on March 9, 2021.
Manage New Microsoft Edge Chromium with Group Policy
As you can see below, on a Windows Server 2019 server, I have installed the new Microsoft Edge Chromium and have downloaded the MicrosoftEdgePolicyTemplate.cab file.
In this walkthrough, I will be extracting the Group Policy template files locally and controlling them locally as opposed to Domain-wide group policy. There are a couple of extraction steps to carry out once the .cab file is downloaded. Extract the .zip file from the cab file.
Next, you will need to extract the contents of the .zip file.
Once you have the .zip file extracted, copy the msedge.admx file from the MicrosoftEdgePolicyTemplates > windows > admx folder.
Paste this file in the c:\windows\policydefinitions folder.
Next, copy the msedge.adml and msedgeupdate.adml files from the windows > admx > en-US folder.
Paste the msedge.adml and msedgeupdate.adml files into the c:\windows\policydefinitions\en-US folder.
After copying and pasting the files around, you should be able to open your local Group Policy editor and see the new Microsoft Edge Group Policy settings.
Microsoft Edge supports what Microsoft refers to as both mandatory and recommended policies. Mandatory policies override user preferences , while recommended policy settings provide default setting that may be overridden by the user. Most policies are mandatory only. There is a small subset that are mandatory and recommended. If both settings of a policy are set, the mandatory setting takes precedence.
Basic Microsoft Edge Chromium Group Policy settings
Let’s take a look at basic Group Policy settings that provide basic settings and functionality for controlling the new Edge. Below, are a few of the policy settings that help to squash some of the “first run” and synchronize type dialog boxes you see when launching the new Microsoft Edge Chromium on the first launch.
Most of the settings to note are in the root Microsoft Edge folder in Group Policy. The first setting is the Hide the first run experience and splash screen.
The Configure Internet Explorer integration is a way to use what is called IE Mode in Microsoft Edge. What is IE Mode? In the About IE Mode document found here, Microsoft describes it this way.
E mode on Microsoft Edge makes it easy to use all of the sites your organization needs in a single browser. It uses the integrated Chromium engine for modern sites, and it uses the Trident MSHTML engine from Internet Explorer 11 (IE11) for legacy sites.
Another “first run” type message you get is if you want to synchronize your settings and services. You can turn this off with the below policy setting:
- Disable synchronization of data using Microsoft sync services
You can control other behaviors such as the pop-up blocker using the settings under Content Settings. You see the settings such as:
- Allow pop-up windows on specific sites
Other settings to note affecting the startup, home page and other settings are found in the Startup home page and new tab page settings.
Adding New Microsoft Edge Chromium Group Policy Template to Active Directory domain
Another approach to adding the new Microsoft Edge Chromium Group Policy template files is to add these at the domain level. The steps to do that are very similar to the ones shown above on an individual host, except the files are copied to a domain controller as follows:
- On a domain controller or workstation with RSAT, browse to the PolicyDefinition folder. This is known as the “Central Store” on any domain controller for your domain. For older versions of Windows Server, you may need to create the PolicyDefinition folder.
- Open MicrosoftEdgePolicyTemplates that you downloaded and go to windows > admx.
- Copy the msedge.admx file to the PolicyDefinition folder.
- In the admx folder, open the appropriate language folder. For example, if youโre in the U.S., open the en-US folder.
- Copy the msedge.adml file to the matching language folder in the PolicyDefinition folder. Create the folder if it does not already exist.
- With multiple domain controllers, the new ADMX files are replicated to using Active Directory replication.
- To confirm the files loaded correctly, open the Group Policy Management Editor from Windows Administrative Tools and expand Computer Configuration > Policies > Administrative Templates > Microsoft Edge. You will see the new Microsoft Edge node entries appear.
Wrapping Up
The Group Policy Template download for Microsoft Edge makes it easy to Manage New Microsoft Edge Chromium with Group Policy. This allows importing the readily available template files and configuring settings to control the behavior of the new Microsoft Edge Chromium.
This can be done at the Active Directory domain level as well as on an individual Windows host. Depending on