Forum Discussion

htcfreek's avatar
htcfreek
Iron Contributor
Feb 26, 2020

Feature request: gpo to hide settings page "edge://settings/devices"

Hi.

 

In the settings of Microsoft edge there is a page to advertise for the mobile apps. In our company we want to hide this page.

 

We are a public administration and our employees are not allowed to connnect/sync to online accounts, because of datasafety policies. (Please don't start unessesary discussions about this.) Therefore this page has no effective use for our employees.

 

Could you please add a gpo to hide/remove this settings page.

(I know the gpo to block URLs. But this is not a nice solution.)

  • Kelly_Y's avatar
    Kelly_Y
    Feb 25, 2021

    htcfreek Todd Miller RaymondT2004 FloHB abadiya  Thanks everyone for your patience! 

     

    We just had a recent update and starting with version 90.0.796.0+ the page/section in Settings will be completely hidden when either SignIn or Sync are set to disabled via Group Policy. The section won't show up in the navigation page in settings and the URL to get to this page will also not work (the user will just be redirected to the root of the Settings experience).  Hopefully this will help address some of the concerns!  

     

    -Kelly

  • Todd Miller's avatar
    Todd Miller
    Copper Contributor

    @We are just getting ready to deploy Edge and discovered this problem.  Like you we have a large number of Kiosk type computers - with a shared Windows profile.  Despite having "Browser sign-in settings" set to disabled, this portion of the Settings allows the user to attempt to sign in to an Azure account.  The sign-in ultimately fails, but by the time it fails it has already added the Azure "work or school" account to the Windows profile.  We have a GPO policy in place (Security/Accounts: Block Microsoft accounts - Users Can't add or log on with Microsoft accounts)  that prevents users from adding Microsoft accounts in Window's Settings interface.  The feature added to Edge Settings/Devices circuvents both of these policies.  It not only lets the users attempt to sign-in to Edge despite sign-in settings being disabled, it allows a user to associate a Microsoft account with the Windows user despite a policy explicitly blocking that.  

    • Kelly_Y's avatar
      Kelly_Y
      Icon for Microsoft rankMicrosoft

      htcfreek Todd Miller RaymondT2004 FloHB abadiya  Thanks everyone for your patience! 

       

      We just had a recent update and starting with version 90.0.796.0+ the page/section in Settings will be completely hidden when either SignIn or Sync are set to disabled via Group Policy. The section won't show up in the navigation page in settings and the URL to get to this page will also not work (the user will just be redirected to the root of the Settings experience).  Hopefully this will help address some of the concerns!  

       

      -Kelly

      • mahahava's avatar
        mahahava
        Copper Contributor
        Hi

        Found this page as im also searching for a solution to this, the user in our environment can not configure any syncronization this is disabled, but i would like to be able to hide this page as it is not providing a good experinece showing users settings / guides on things they are not allowed to configure / activate

        As i understand the solution for 90 that wont work in our environment as we use a local sign in and sync using UE-V between users computers so we do force a sign-in
  • FloHB's avatar
    FloHB
    Brass Contributor

    htcfreek Did you ever successfully blocked that URL with the GPO "Block access to a list of URLs"? It doesn't work for me. Build: 81.0.416.77

    • htcfreek's avatar
      htcfreek
      Iron Contributor
      FloHB
      I didn't test that. I only thought this could be a solution and write it here.
      • RaymondT2004's avatar
        RaymondT2004
        Copper Contributor

        htcfreek 

         

        I just checked the "Block access to a list of URLs" GPO description and it explicitly states that:

        "Note that blocking internal 'edge://*' URLs isn't recommended - this may lead to unexpected errors"

         

        Did a quick test with the GPO setting; actually it only prevents you from opening the page via typing the URL in the address bar directly; it does not prevent you from accessing it via navigating in the setting menu

  • abadiya's avatar
    abadiya
    Brass Contributor

    htcfreek 

    I agree. I would like to hide/disable edge://settings/devices

    (And the Share-Option in the "Settings and More Menu", for that matter...)

  • Joachim_T's avatar
    Joachim_T
    Iron Contributor

    Ihtcfreek 

     

    I am not completely sure. but i think in DEV GPO V83 there is a new configuration adressing this issue:

     

    ConfigureShare

    Configure the Share experience

    Supported versions:
    • On Windows since 82 or later
    Description

    If you set this policy to 'ShareAllowed' (0, the default), users will be able to access the Windows 10 Share experience from the Settings and More Menu in Microsoft Edge to share with other apps on the system.

    If you set this policy to 'ShareDisallowed' (1), users won't be able to access the Windows 10 Share experience. If the Share button is on the toolbar, it will also be hidden.

    * 0 = Allow using the Share experience

    * 1 = Don't allow using the Share experience

    • htcfreek's avatar
      htcfreek
      Iron Contributor

      Joachim_T :

      I don't think that the policy you have mentioned disable the "Phone and other devices" site in settings. The policy you have mentioned is for disabling the share feature how it is discribed in the gpo.

      The share feature mentioned in the gpo has nothing to do with sync and mobile apps/devices. So this policy does not do what I want.

      • Joachim_T's avatar
        Joachim_T
        Iron Contributor

        htcfreek 

         

        Maybe. but i just didnt see a "share feature" yet so i am just guessing. still hope next week there will be a V83 Beta published so i can start testing.

  • Joachim_T's avatar
    Joachim_T
    Iron Contributor

    htcfreek 

     

    Yes this page is an absolutly totaly no go in a secured enterprise environment. i support your request. but until yet i didnt look for the V81 GPOs if there isnt already an option for that.

Resources