Bug in Edge Policy Handling: This policy is blocked - its value will be ignored.

Steel Contributor

Starting with Edge Dev 85.0.538.0 (and even in current Dev 85.0.552.1 as well as Canary 85.0.558.0) the Policies like HomepageLocation, DefaultSearchProvider, RestoreOnStartUpURLs etc... which need an MDM-Enrolled or AD-Joined Device don't work any more! 

 

This Bug affects all Policies which are documented as "This policy is available only on Windows instances that are joined to a Microsoft Active Directory domain or Windows 10 Pro or Enterprise instances enrolled for device management." => All other Policies still work as expected. 

 

They are now ignored and edge://policy shows "Error: This policy is blocked - its value will be ignored.

 

2020-06-29 17_59_23-Clipboard.png

 

In previous Releases like Dev 85.0.531.1 or Beta 84.0.522.20 as well as current Stable 83.0.478.56 these Policies still work (tested on the same MDM managed Win10 Enterprise Device).

 

Test was done using Microsoft Intune / Microsoft Endpoint Manager Admin Center with an AzureAD joined device. There is nothing wrong with MDM-Configuration, Stable and Beta-Release of Edge still works as expected, only Dev+Can are affected!

34 Replies

@Gunnar Haslinger 

 

Spoiler

@Gunnar Haslinger wrote:

@HotCakeX cannot confirm your experience.

 

Just tested:

Stable Version 86.0.622.48

Beta Version 86.0.622.43

Dev Version 87.0.664.11

 

All three work like expected, no "policy is blocked" error at my test-machine.


Yes answered you here:

 

https://techcommunity.microsoft.com/t5/enterprise/why-this-policy-is-producing-error-configure-new-t...

 

@Gunnar Haslinger 

This issue seems to also reoccur in Microsoft Edge version 97.0.1072.76 (Official build) (64-bit)


HomepageIsNewTabPage, HomepageLocation, NewTabPageLocation, and RestoreOnStartup are all in the status, "Error, Ignored" and the error is, "This policy is blocked - its value will be ignored."

Raidennn_0-1643818423356.png


This Edge client is managed by MDM ("Microsoft Edge is managed by your organization") but I am not sure how to get past this error.   The configurations worked perfectly about a month ago and I am getting insider preview builds so that could be related to my issue.

Edit: I should also add that My Hololens 2 OS build is 20348.1475 (Windows Holographic for Business) receiving Windows Insider Beta channel releases.

Just checked v97.0.1072.76 (Official build) (64-bit) on Win10 Enterprise - still works.
So you need to find out what is different on your machine. What exact Windows-OS/Build/Edition are you using?

 

As you write you are using a special Windows Holographic for Business version you probably should read this Thread which covers Problems with Windows-Editions not recognized to be "Business / MDM-Manageable" releases: https://techcommunity.microsoft.com/t5/enterprise/bug-windows-10-pro-education-this-policy-is-blocke...

 

 

I ran into this issue today while testing my configuration profile for Edge. I mention I had the stable version 98 installed. Just as in your case, some of the policy would apply, some not, although the settings did exist in the registry, they wouldn't be applied in the browser.
For my test lab, I'm using VMs only, and on one I had the Windows 10 IoT Enterprise Edition installed, and that is where the issue appeared. I then checked my W11 Pro VM and the issue did not exist there.
I then built a W10 Enterprise LTSC VM and the issue was NOT present there either.
Not sure if this is OS related or not.

Same Answer:

As you write you are using a special Windows IoT Version you probably should read this Thread which covers Problems with Windows-Editions not recognized to be "Business / MDM-Manageable" releases: https://techcommunity.microsoft.com/t5/enterprise/bug-windows-10-pro-education-this-policy-is-blocke...

@Gunnar Haslinger  is there a fix for this? Version 104.1293.63 is still showing the same error, ignored blocked on Homepagelocstion and Neetabpagelocation.

@Dannielle245 which Problem? This thread is 2 years old and as you can read it was fixed. In February 2022 there was an additional Issue with IoT-Version but not on regular Windows 10 pro or enterprise, and it was fixed too.

You are just writing (misspelled) buzzwords without giving context which Edge-Version and which Windows-Version and Edition you are exactly using and what Management (MDM or AD) you use. Does the Problem only occour on first start of the browser or on every start?

@Gunnar Haslinger Sorry for my misspellings I was typing from phone. 

Edge: Version 104.1293.63

Windows 10 Pro, Version 10.0.19043 Build 19043

Still showing this issue in Edge.

@Dannielle245 I cannot see any bug,

  • Edge: Version 104.1293.63 ... thats the current Version - OK
  • Windows 10 pro ... so if it is the regular "Pro" thats straight forward, there was never any Mis-Detection regarding the regular "Pro", only "Pro N", or "Edu Pro" etc... where mis-detected some versions ago.
  • Win 10 Build 19043 seems to be 21H1 and not the current 21H2, but they use the same Updates/Kernel. I don't have an old 21H1-Machine to test ready, but I don't think this can cause the problem as those share the same Updates and SKU.

So this should work, here an actual Screenshot of my Test-System:

Edge-Policies-Working.png

It does seem the 21H1 is the only difference. My policies are still failing.
Just install the 21H2 enablement Package on one machine to test, it is only a small enablement-Package, single restart needed. No huge inplace-upgrade.

@Gunnar Haslinger I'm sorry I'm even later to the game, but I was hoping you could clarify something that is on topic to this.

I'm trying to set the DefaultSearchProviderEnabled and I also get a policy is blocked. I'm on Win10 Home 22H2, and Edge 120.0.2210.91. I've also got the 22H2 Enablement package (KB5015684) installed.

Policy error.PNG

I noticed near the top of the policy list URL (Microsoft Edge Browser Policy Documentation | Microsoft Learn) there is this little blurb:
"Starting in Microsoft Edge version 116, certain policies will not be applied to a profile that is signed in with a Microsoft account. For more information, please check an individual policy for details on whether it applies to a profile that is signed in with a Microsoft account." - I can confirm that I'm not currently logged into to my home computer with a Microsoft account.

I also noticed on the policy section itself (Microsoft Edge Browser Policy Documentation | Microsoft Learn) it says:
"This policy is available only on Windows instances that are joined to a Microsoft Active Directory domain, joined to Microsoft Azure Active Directory, or instances that enrolled for device management. On macOS, this policy is available only on instances that are managed via MDM or joined to a domain via MCX."

Based on on the current error, and the 2 blurbs, can you please confirm that there is no way for us to actually enable/enforce this (using the registry not GPO) for a standalone home computer?

@JoshGardner luckily there is a great Blog post about your question I wrote some years ago: https://hitco.at/blog/apply-edge-policies-for-non-domain-joined-devices/ ... I'm sure you will like this solution ;)