Forum Discussion

JamesFritz's avatar
JamesFritz
Copper Contributor
Oct 14, 2021

Extension Allows from two separate policies

We are looking to have one corporate allow for extensions (by default all else are blocked).  However, we want to open up specific extensions only for specific groups.  Right now we are building it out so that we end up with two different policies (main and then the offshoot).  But if we have to add a new corporate extension, we now have to go into two policies, or three or however many and add the same extension to all of the policies.

 

We've tried previously to assign the two policies to one user but they end up conflicting.  Is there something we're missing or we just can't do it this way, we have to add the universal extensions to multiple configuration policies.

    • JamesFritz's avatar
      JamesFritz
      Copper Contributor
      Right now both Chrome and Edge extensions, but eventually it will just be Edge.
      • NielsScheffers's avatar
        NielsScheffers
        Iron Contributor

        Unfortunately, these things aren't 'stackable'. So yes, you will have to create a separate policy to configure all allowed extensions for each user group.

         

        You may also create a custom solution (i.e. via scripting), but that begs the question: will that make things more or less manageable for your administrators? 

Resources