Enterprise Guide

Group Policy Deployment - Edge

Deploying KeeperFill via Group Policy

Deploying Keeper Edge Browser Extension via Group Policy Management

This section describes how to utilize your Active Directory Group Policy Management, against Microsoft Edge templates, to deploy the Keeper Browser extension to all PCs in your organization. Please note this is a general guide.

Step 1: Adding Edge Policy Templates

  1. On your domain controller, go to the Microsoft Edge Enterprise landing page to download the Microsoft Edge policy templates file (MicrosoftEdgePolicyTemplates.cab), by clicking on "Get Policy Files" and extract the contents to your desired location. Ex: C:\temp

https://www.microsoft.com/en-us/edge/business/download

Please select and download the correct files in accordance to your organizations environment and preferences.

2. Browse to the directory in which you saved the downloaded MicrosoftEdgePolicyTemplates.zip file. Extract the contents of the MicrosoftEdgePolicyTemplates.zip file to your desired location. Ex: C:\temp

Step 2: Adding Edge .admx and .adml files to Group Policy

  1. Navigate to the directory in which you extracted the Microsoft Edge Templates zip file and copy the msedge.admx file located within the \windows\admx directory to C:\Windows\PolicyDefinitions

  2. Navigate to the directory in which you extracted the Microsoft Edge Templates zip file and copy the msedge.adml file located within the \windows\admx\en-US directory to C:\Windows\PolicyDefinitions\en-US

NOTE: If a different language is desired instead of en-US, please navigate to the directory for the correct language of your choosing. Ex: es-ES

Step 3: Create or Configure your Edge Policy

  1. Open Group Policy Manager on your domain controller and expand out your domain -> Group Policy Objects. If you currently do not have a Group Policy created in which you want to utilize for Edge Policies, proceed to right clicking on Group Policy Objects and create a New Policy.

2. Name the policy something relevant. Ex: “Edge Policy”

3. Once created, right click the new policy and select Edit.

4. Expand out Edge Policy -> Computer Configuration -> Policies -> Administrative Templates -> Microsoft Edge -> Extensions then Right click and Edit the “Control which extensions are installed silently

If this Policy will apply to Users instead of Computers, the Edge Policies you will be expanding will be located under User Configuration -> Policies -> Administrative Templates -> Microsoft Edge.

5. Tick the Enable button, and then click the Show button.

6. Add the following text and click OK.

lfochlioelphaglamdcakfjemolpichk;https://edge.microsoft.com/extensionwebstorebase/v1/crx

7. Click Apply, and then click OK

8. Disable Chrome's Built-In Password Manager by navigating to Microsoft Edge -> Password manager and protection and then Right click and Edit the “Enable saving passwords to the password manager”

9. Tick the "Disabled" button, and then click Apply, and then click OK.

10. Following the same process as steps 8 - 9, directly within Microsoft Edge Administrative Templates Policy definitions, Disable the Edge AutoFill capabilities by editing both "Enable AutoFill for addresses" and "Enable AutoFill for credit cards" and setting them to disabled.

11. (Optional) If you would like to disable Developer Tools, to further secure against users attempting to unmask a masked password / credential, still within the Microsoft Edge Administrative Templates Policy definitions, disable Developer Tools by editing "Control where developer tools can be used" end setting it to "Enabled" and select the Options value of "Don't allow using the developer tools" and click OK.

12. Exit the Group Policy Management Editor, Right Click the OU of your choice, in which contains your Computers or Users and select Link an Existing GPO.

13. Select the “Edge Policy” and click “OK

If you have more than one OU (Organizational Unit) that you would like to Link this new Group Policy to, repeat steps 12 - 13.

For any PC or User within that OU, the “Edge Policy” will automatically install the Keeper Security Browser Extension, if Edge is installed on those PCs, as well as disable the Edge browser, less secure, built-in password manager and AutoFill capabilities.

Step 4: Check Your Edge Policies

On a target client device, open Microsoft Edge and navigate to edge://policy to see all policies that are applied. If you applied policy settings on the local computer, policies should appear immediately.

You can also check your extension by navigating to edge://extensions and ensuring your extensions are being forcefully installed.

You may need to run gpupdate /force, in an elevated command prompt, to apply this new group policy to the PCs.

gpupdate /force

You may need to close and reopen Microsoft Edge before the new policies appear.

PreviousSCCM Deployment - ChromeNextEdge Settings Policy

Last updated