# Optional Deployment Tasks

<figure><img src="/files/P4CF7o63taykNkZL35Mf" alt=""><figcaption></figcaption></figure>

### Prevent Installation of Untrusted Extensions

As a general security practice, we recommend that Enterprise customers limit the ability of end-users to install unapproved 3rd party browser extensions.  Browser extensions with elevated permissions could have the ability to access any information within any website or browser-based application.  Please refer to your device management software to ensure that Keeper is allowed, and unapproved extensions are blocked or removed.

### Preloading Password Importer Tool

The Keeper Password Importer tool is typically downloaded by the user during account creation on the Web Vault.  If you do not permit the installation of applications on end-user devices, you can preload the app using the binaries located below:

* Password Importer (Windows):\
  <https://keepersecurity.com/pwd_importer/win32/keeperimport.exe>
* Password Importer (Mac):\
  <https://keepersecurity.com/pwd_importer/Darwin/KeeperImport.zip>

### Disabling Built-In Browser Password Managers

Often times, Enterprise customers would like to automatically disable the less secure, built-in password saving features of web browsers.  There are several methods of managing this as described in this section.

#### Chrome for Enterprise

Google provides **.adm** and **.admx** files (.admx is a newer .xml file type) to make it easier to manage the Chrome browser using Group Policy. In G Suite and Chrome Enterprise environments, it is enabled via the Google Cloud platform using one of the below methods:

* [AD managed Chrome](https://support.google.com/chrome/a/answer/187202?hl=en) – Google provides adm and admx files that are incorporated into a GPO
* [Chrome Mac Policies and Quickstart](https://support.google.com/chrome/a/answer/7550274) – pushed via MDM tools (JAMF, etc...)
* [Chrome Linux policies and Quickstart](https://support.google.com/chrome/a/answer/9025903) – pushed via MDM tools (Ivanti, etc...)
* [Chrome G Suite managed](https://support.google.com/chrome/a/answer/2657289?hl=en) – Native management for G Suite subscribers
* [Chrome Enterprise managed](https://cloud.google.com/chrome-enterprise/browser/download#chrome-browser-download) – centralized Cloud based Management for Windows, Mac, or Linux computers – agnostic to directory services

#### Mozilla Firefox for Enterprise

Similar to Chrome, Mozilla provides **.adm** and **.admx** files to manage Firefox using Group Policy. Mac-based systems are provided a **.pkg** file and are managed via JAMF, etc. Linux users are provided a policies.json file.

* [Firefox documentation for Windows MAC and Linux](https://support.mozilla.org/en-US/products/firefox-enterprise)

#### Microsoft Edge for Business

Edge for Business is now available for Windows and Mac.  Group policy is managed through **.adm** and **.admx** files on Windows, and **.plist** on Mac.

* [Download Edge for Business](https://www.microsoft.com/en-us/edge/business/download)&#x20;

#### Internet Explorer Mode for Edge

The new Edge for Business now supports "Internet Explorer Mode".  We recommend using this mode for any IE browser requirements within your organization.

#### Legacy Internet Explorer

If legacy Internet Explorer is absolutely required by your users, management of password saving features can be disabled under traditional GPO found under:

**User Configuration > Policies > Administrative Templates > Windows Components > Internet Explorer**

Then disable “Turn on the auto-complete feature for user names and passwords.”


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.keeper.io/en/enterprise-guide/deploying-keeper-to-end-users/optional-deployment-tasks.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.