Microsoft introduced Intune administrative templates for Google chrome settings with Microsoft Intune Service release 2203. We can now avoid complicated process of using custom OMA-URI settings and use Intune administrative templates for quick configuration.
In this blog post, we will configure the following settings for Google chrome using using Administrative templates.
- Google chrome Home page
- Google chrome Startup page
- Enable password manager
- Configure Chrome theme color
Create Google Chrome Device configuration profile
To create a Device configuration profile, login to Microsoft Endpoint Manager admin center and navigate to Devices > Windows > Configuration profiles and click on Create profile.
Select the following options:
Platform: Windows 10 and later
Profile type: Templates
Template name: Administrative template
Click on Create
On the Basics page, provide the name for Device configuration profile and click on Next.
On the Configuration settings page, you will have 3 options:
– All Settings
– Computer Configurations
– User Configurations
Select Computer Configuration and from Setting name select Google > Google Chrome.
Note: There are other options “Google Chrome – Default settings (user can override). You can use this template if you want to configure settings as default one and allowing user to change if they wish to do so.
Scroll down to Settings and select Startup, Home page and New Tab page
Intune | Device configuration profile | Chrome settings
You can see the available setting in this group in next screen.
Configure Startup page
We will configure the Chrome startup page first. The page that automatically loads whenever you launch Google chrome is the startup page. You can add multiple startup pages and they all become available when you launch Chrome.
We need to configure two settings for Chrome startup page.
Select Action on startup setting and select Enabled from flyer display. Select Open a list of URL’s in Action on startup list box and click on Ok to return to previous window.
Select URL’s to open on startup settings and select Enabled from flyer display. Provide the list of URL’s which you want to open at startup in URL’s to open on startup text boxes.
Click on Ok to return to previous screen.
Configure Home page
We will now configure the Chrome home page. We will configure 3 settings for this.
Select Configure the home page URL settings, click on Enabled from flyer display. Provide home page URL under Home page URL text box.
Click on Ok to return to previous screen.
Select Use New Tab Page as Homepage and click on Disabled. Please note that home page setting will not be effective if this setting is enabled. Click on Ok.
Select Show Home button on toolbar setting and click on Enabled at flyer display. This option will allow us to navigate to home page by clicking on home button on tool bar. Click on Ok to return to previous screen.
Enable saving passwords to the password manager
We will now configure the setting to enable saving password to the password manager. This is one of random setting we picked up for this demonstration.
To enable saving password to the password manager, select Enable saving passwords to the password manager setting and click on Enabled.
Click on Ok to return to previous screen.
Configure the color of the browser’s theme
This is the last setting we picked for this demonstration. The setting will change the theme color of Chrome browser.
Select Configure the color of the browser’s theme, select Enabled from flyer display. Enter the hex color code in the Configure the color of the browser’s theme text box.
Click on Ok to return to previous screen.
You can use below W3schools link to pick a hexadecimal color code.
https://www.w3schools.com/colors/colors_picker.asp
Now we are done with all configuration. Click on All Settings to view the settings you have configured. All configured settings will appear on top.
Click on Next button to move to next page. Click on Next on Scope tags page to move to Assignments page.
Assign the profile to AAD group and click on Next
On the Review + create page, review the settings and click on Create.
You can view the notification area for a successful profile creation.
The Device configuration profile is now created. You can monitor the configuration status from Device configuration profile > Profile Name > Device status blade.
You can also check the configuration status of each setting for a device from Devices > All Devices > <Device name> \ Device Configuration > <Device configuration profile name>
Check the configuration status from Event Viewer on targeted device
Let’s see how we can validate the device configuration status from Event viewer on targeted device.
To verify the settings using Event Viewer, navigate to Applications and Services Logs \ Microsoft \Windows \DeviceManagement-Enterprise-Diagnostics-Provider\Admin.
You can see the following logs. We have captured the details for Browser theme color and Chrome startup page.
Event viewer: Browser theme color:
MDM PolicyManager: Set policy string, Policy: (BrowserThemeColor), Area: (chromeIntuneV1~Policy~googlechrome), EnrollmentID requesting merge: (67FDEB14-74D9-49E4-B125-2A3E931D82DE), Current User: (Device), String: (<enabled/><data id=”BrowserThemeColor” value=”#6656f5″ />), Enrollment Type: (0x6), Scope: (0x0).
Event Viewer: Startup Page:
MDM PolicyManager: Set policy string, Policy: (RestoreOnStartupURLs), Area: (chromeIntuneV1~Policy~googlechrome~Startup), EnrollmentID requesting merge: (67FDEB14-74D9-49E4-B125-2A3E931D82DE), Current User: (Device), String: (<enabled/><data id=”RestoreOnStartupURLsDesc” value=”1
Check the configuration setting from Google chrome
To verify the configuration from Google chrome, open the chrome browser and type chrome://settings in browser address bar.
The following changes can be noticed here.
- Theme color: The theme changed to blue which is visible in Title bar and address bar. You can notice this by simply opening Google chrome.
- Startup page: You can see startup page details in On Startup tab. The startup page has been set and settings grayed out. A user can’t change the settings.
- Home button: You can see home button on tool bar. When you click on home button it will take you to home page you configured.
- Managed browser: Since you have applied the settings through Intune, you can also see a message “your browser is managed by your organization”.
