Blog Post

Windows IT Pro Blog
4 MIN READ

Host IE mode site lists in the cloud

Eric_VanAelstyn's avatar
Dec 10, 2021

Update:  The retired, out-of-support Internet Explorer 11 desktop application has been permanently disabled through a Microsoft Edge update on certain versions of Windows 10. For more information, see the Internet Explorer 11 desktop app retirement FAQ.

The Cloud Site List Management experience allows you to host your Internet Explorer (IE) mode site list in an authenticated cloud endpoint in the Microsoft 365 admin center and is now generally available for you to use. With this experience and the companion Configure IE mode deployment guide, you can create, host, and deploy your IE mode site list and related policies directly from the Microsoft 365 admin center. This is the latest addition to the tools shared in previous blogs to help businesses in their Internet Explorer to Microsoft Edge journey.

Store and manage your site list in the cloud

The Cloud Site List Management experience enables you to manage your site lists for IE mode in the cloud without needing on-premises infrastructure to host your organization's site list. You can access this through the Microsoft Edge site lists page found in Settings > Org settings within the Microsoft 365 admin center. You can create, import, edit, and export your site lists, as well as publish site lists from the cloud.

The Org settings page and where to find Microsoft Edge site lists.

You can create and publish multiple site lists from the Microsoft Edge site lists page and use group policy to assign different groups of devices to use those different lists.

For a walkthrough of the Cloud Site List Management experience through the Microsoft Edge site lists page, you can check out the latest video from Microsoft Mechanics.

Apply IE mode policies and site lists to users

To use a cloud site list, your users must be signed into Microsoft Edge version 93 or later with a work or school account from your organization. You also need to have the InternetExplorerIntegrationLevel and the InternetExplorerIntegrationCloudSiteList group policies configured on their devices.

The quickest way to deploy the necessary policies is to click the link for the Configure IE mode deployment guide after you’ve published your site list. The link for this guide is conveniently provided on the Microsoft Edge site lists page as seen below.

Accessing the Configure IE mode deployment guide from the Microsoft Edge site lists page

When using the Configure IE mode deployment guide, you will start by selecting your deployment method. When your devices are managed by Microsoft Intune, the guide will help you deploy a device configuration profile for either a cloud or on-premises site list. Or, if you prefer to use Configuration Manager or just group policy, the guide will generate a script to verify your on-premises configuration and automatically configure these settings.

Configuring an IE mode device configuration profile in the Microsoft 365 admin center

Regardless of where you are in the process or the management tool you’re using, you can use the Configure IE mode deployment guide to meet the following goals:

  • Add sites to a site list one at a time
  • Deploy Enterprise Site Discovery policies to find sites that should go on the site list
  • Build a site list from site discovery data you’ve collected previously
  • Apply a completed cloud or on-premises site list to users

In addition, the following improvements are coming to the Configure IE mode deployment guide in the coming weeks.

  • While building your site list, it will detect sites that are on the Microsoft Edge required sites public list so you can easily identify and remove them.
  • You’ll be able to import and merge site lists between the .v1 and .v2 schema format.

How to access these tools

Permissions

Global administrators can use all the features of both experiences, but we know that admins who manage browsers may not have the global admin role.

  • To use the Cloud Site List Management experience on the Microsoft Edge site lists page in the Microsoft 365 admin center, you must use an account with at least the Edge administrator role.
  • To use the Configure IE mode deployment guide, you must use an account with at least the Global Reader admin role. To deploy Intune policies in the guide, your account must be assigned the Intune administrator role.

For more information, see About admin roles.

Navigation

If you already know what sites you need to add and want to host your list in the cloud, open the Org settings page in the Microsoft 365 admin center and select Microsoft Edge site lists.

If you’re just getting started with IE mode, go to the Configure IE mode guide first. For Microsoft Edge guidance that encompasses IE mode and beyond, go to the Microsoft Edge setup guide. You can find more information about both guides—and how to use them—in our previous blog, Proven tools to accelerate your move to Microsoft Edge.


Continue the conversation. Find best practices. Visit the Windows Tech Community.

Stay informed. For the latest updates on new releases, tools, and resources, stay tuned to this blog and follow us @MSWindowsITPro on Twitter.

Updated Feb 14, 2023
Version 10.0
  • Ryan Pertusio's avatar
    Ryan Pertusio
    Brass Contributor

    Thanks for this functionality!

     

    How can we ensure that the requirement "must be signed into Microsoft Edge version 93 or later with a work or school account from your organization" is met?  Is there a GPO or Intune policy that can enforce this?

  • Thanks for providing this! Looks brilliant, and has worked well for a few of our test users, weirdly though it isn't working for one of them. As far as we can tell he has the appropriate group policy (both the original UNC based xml's and the cloud site list are applied via GPO on regular domain joined machines) winning (and present in registry on his machine) the same as his colleagues. Edge://policy shows the new InternetExplorerIntegrationCloudSiteList policy is applied. However Edge://compat shows the existing/old solution of using our internal UNC based .xml's for Site List, and in my testing it was not necessary to ensure the above policy applied later in precedence in GPOs.

     

    Are there any troubleshooting guides for scenarios such as above available? Any eventlogs/logs that could be checked and so on? Are there any specific permissions required to access the list? There must be some sort of authentication/authorization happening as punching in this URL in the browser:

     

    https://edge.microsoft.com/enterprisesitemanagement/edge/edgeEmieSiteLists/<our-site-list-ID>

     

    results in the same error on both the working and broken machines:

     

    {"error":{"code":"Unauthorized","message":"You did not provide a credential or correct credentials."}}

  • Hi Christopher_Beattie ,

    I spoke with the product team and they wanted to confirm that the user who isn't receiving the cloud site list is logged into Edge with their AAD profile account and that this profile is part of the tenant that the cloud site list is being distributed to. If the user is not logged into the Edge browser with that matching ADD profile, they would not receive the list.

    We'll continue to investigate this but let me know if this resolves the issue.

    Best,

    Microsoft Edge Team

  • Urs Schöni's avatar
    Urs Schöni
    Copper Contributor

    Hi Eric

    I have exactly the same problem. User (me) has the profile assigned and I logged out and in again in Edge, still same problem. We only have one tenant, so no mixup with that factor.

    Kind regards

    Urs

  • MichalHajduch's avatar
    MichalHajduch
    Copper Contributor

    Hi Eric,

    model situation - we have two cloud site lists, one for production, second for testing purposes.

    how to perform a test of site list on computer already assigned on production cloud site list?

    it seems you cannot assign two cloud site lists on the same machine...

    could you please give an advice here?

    Thanks

  • Hi MichalHajduch 

     

    You can only assign on cloud list to a device at a time. This is to ensure multiple lists don't compete against one another, especially if there are conflicts. My advice here would be to include all production sites in your test site list, plus the sites you want to test. That way you can assign the test list to a pilot of devices for testing, and they would still have access to all the production sites.

     

    Best,

    Eric

  • alxescarcega's avatar
    alxescarcega
    Copper Contributor

    Hello! We just deployed the cloud ie mode list to our users in our hybrid joined environment. We are running into the issue with IE mode not working on our Windows 10 machines but Windows 11 machines work perfectly fine. All the machines are using the same GPO to get the Cloud List, all edge browsers are auto signing in with the uses account, they all have Office 365 licenses, however, it’s still not working. Any kind of ideas?