Sep 25 2020 11:45 AM
Hi,
I'm trying to utilize the ExtensionInstallForcelist GPO to install extensions silently for our users.
We want to be able to distribute some extensions globally to all customers (using a global GPO) and then specific extensions to a sub-set of customers (using a local specific GPO).
Currently you appear to get a conflict message when trying to do this. It appears multiple extensions need to be defined in one GPO only, which isn't ideal for scenario above. Is it possible to get round this issue?
Sep 25 2020 01:21 PM
@JBrunsden Hi! I'm checking with our Extension Team about your question. We'll keep you updated if they have any suggestions. Thanks!
-Kelly
Sep 27 2020 09:40 AM
Sep 29 2020 04:00 AM
Hi @ashishpoddar,
Below is the screenshot from the edge://policy/ screen.
I did initially set this up with both exceptions defined in separate GPOs under Computer Config but same error as above even when one is defined in Computer and another in User (still separate GPOs).
Thanks,
John
Oct 06 2020 10:18 AM - edited Oct 06 2020 10:19 AM
Hi @ashishpoddar @Kelly_Y any update on this?
Oct 11 2020 03:51 AM
Hi @JBrunsden
The suggestion here is to always apply the device policies after the user policies, so device will always win when there is a conflict between them.
Could you try this approach and confirm if this works?
Thanks
Ashish.
Oct 11 2020 11:55 AM - edited Oct 11 2020 12:02 PM
@ashishpoddar Hi,
Unfortunately that just isn't possible with a current scenario, we enforce a Cyber GPO that pushes the ATP extension among other things, so this will always be above any user policies.
I think the issue here would ultimately be resolved if the ExtensionInstallForcelist could just be populated with values from multiple GPOs, even in two separate Device GPOs one has to take precedence of the other and we cannot implement the way you described because of the reason above.
It looks like Chrome has GPOs that could work around this:
https://cloud.google.com/docs/chrome-enterprise/policies/?policy=PolicyListMultipleSourceMergeList
This presumably allows for separate values to be merged, so something like this could work in Edge?
For now we will probably have to look at putting all our extensions in one policy, but as initially stated, this isn't really flexible in an Enterprise environment for certain use cases.
Thanks
Aug 13 2021 07:01 PM
Aug 15 2021 10:53 PM
Could you tell us the use case or the issue that you are facing for which you are suggesting this policy?
Thanks
Ashish
Sep 22 2021 09:08 AM
May 10 2023 10:14 AM