SOLVED

RoamingProfileSupportEnabled - referred to in other policies desc but no policies designed to set it

Brass Contributor

Hi,

 

I am preparing the deployment of Microsoft Edge (Chromium), I've downloaded the MSI and GPO templates and have started going through them. I've set everything I pretty much need to but have hit a hiccup which I'm hoping for some clarity on. 

 

I wish for all AppData to save to the Roaming profile instead of Local profile for my users. This is doable on Google Chrome by setting the policy named "Enable the creation of roaming copies for Google Chrome profile data" to "Enabled" which then sets the "RoamingProfileSupportEnabled" registry entry to "1". There does not appear to be a policy which sets this functionality for Edge but in the policy named "Disable synchronization of data using Microsoft sync services" it states in the description "Do not enable this policy when the policy 'RoamingProfileSupportEnabled' is enabled." - this proves that the functionality is there in some sense or will eventually be there. I tried to manually enter this registry key in HKCU>Software>Policies>Microsoft>Edge and when you launch Edge it does not load up the application unfortunately but it does create the folder "Edge" and "User Data" inside the Roaming AppData folders. So potentially Edge is just crashing because of this key. If I remove the registry key or set it to "0" then Edge works again but the data is still stored to Local AppData.

 

Is functionality supposed to be enabled in v79 or v80 (beta)? Or is this something for future development? This is the only thing causing me to not roll this out for our users currently.

 

Thanks in advance,

 

Mike

67 Replies

 just saw this: Ensure that a profile is associated with an Active Directory account

 

So i configured the ConfigureOnPremisesAccountAutoSignIn  to SignInAndMakeDomainAccountNonRemovable

 

Didn't seem to help :(

 

EDIT: Just tried on a new machine and it seems to be working!

Hi,

these whole things looks terrible to me and is a complete break of the default behaviour of Microsoft to differ between roaming and local app data.

 

We have the need to have edge on our terminal servers but do not roam the local part of the profile. So users have always a blank new edge after next login. What the f...

 

Ok i checked those GPOs and have done the AD sync (we are on-premises only NO cloud at all).

Added "ConfigureOnPremisesAccountAutoSignIn" to 1 (signinand...), changed RoamingProfileLocation to ${roaming_app_data}\Microsoft\edge-profile and RoamingProfileSupportEnabled to true but only favorites and settings are synced. Other options are greyed out (such like passwords, history, opentabs and so on). There is block sign "is set from your organization". No its NOT. Looks like some default values that other things are not synced but nothing is further more described in the policy explanations (which i very like also the direct linking in edge://policy).

 

Using edge 88.0.705.63 with latest admx applied.

 

If i reset sync its asking me if really want to reset sync and start sync again after reset :) but why is it saying it want to delete it from microsoft server if the sync is AD only. Did i miss something?

 

tried disable SyncTypesListDisabled but no change, also when i only disable passwords. Still no change on the other settings.

 

 

 

@saxe123 

 

Has anyone had any luck getting GPO to work? I am running a 4 node term server environment and I have the GPO's set for roaming profile as saxe123 described and if I login with my test user and open Edge and then check the policies applied with edge://polcies, they show as applied and okay, but they simple do not work. I even defaulted the home page with the GPO, it shows as applied, but it just doesn't work. Is this a Microsoft issue? I also am using the consumer version, not the business version, but I assume it doesn't matter when it comes to GPO, its more of controlling the versions? Maybe not? Let me know what you are all having luck with, because right now, GPO's are not working for me...thank you!

@J-DOT A screenshot of edge://sync-internals/ would help.

@Thilo Langbein also attaching screenshot of edge://policy

@J-DOT 

 

On-Prem Sync only works, if you're sign in to your On-Prem domain!

@Thilo Langbein I am on prem...also, none of the GPO's I have set for Edge are working...

@J-DOT Just checking to see if anyone else has any thoughts on this? Any guidance is appreciated. Thank you.

@J-DOT  we also set HomepageLocation but only as recommended and that works

check settings "show home button" and verify that "new tab page" is not enabled

 

my questions were still not answered and i need that to realize a better user experience on the terminal servers. Mozilla has an enterprise mailing list with much better support/maintenance directly from the developers. Mike Kaply :)

 

It could not be that hard to get some answers to such important questions. How to handle those questions? Open support calls?

I have with the following settings the same problem too:

BrowserSignin 2
ConfigureOnPremisesAccountAutoSignIn 1
ForceSync true
RoamingProfileSupportEnabled true
SyncDisabled true
SignInAndMakeDomainAccountNonRemovable true

@Tom48 @saxe123 @J-DOT Hi!  Yes, if you folks are having issues please feel free to reach out to Microsoft Support (https://microsoftedgesupport.microsoft.com/hc/en-us) .  They would be able to work with you directly and collect the necessary logs to troubleshoot each individual issue.  Thanks! 

 

-Kelly

I opened a case with Microsoft. I will report back on what I find out. If anyone else figures anything out, let us know! Thanks!

@Kelly_Y 

 

I opened a case with Microsoft this morning too. Did not get a confirmation till now.

 

I will tell if we find a solution.

 

When the following setting are configured, the RoamingProfile folder & file are created as described as long as the device that the user is logged onto is NOT AzureAD joined.

Enable using roaming copies for Microsoft Edge profile data
Set the roaming profile directory
Disable synchronization of data using Microsoft sync services
Configure automatic sign in with an Active Directory domain account when there is no Azure AD domain account

It seems that if the device is AzureAD joined, and SSO is enabled then this feature cannot be used. As the setting states...........
Configure automatic sign in with an Active Directory domain account WHEN there is no Azure AD domain account

I need Azure AD join for SSO to teams, office, onedrive etc so that rules out the local roaming profile

You can tell when the feature is working as your profile name will be DOMAIN\User
whereas when Azure Ad joined, the profile is user@domain.com

Would be nice to have to be able to sync locally ONLY even when Azure AD domain joined, or sync locally and to the cloud - new GPO setting please so admins can choose
I agree with you. This was pointed out by me to Edge support.
The current choice goes away with organisations that have a on premise AD and a Azure at the sam time.
We opted to sync to Azure and not locally.
Maybe I should have put it more precise:
Only bookmarks and preferences are synchronized. This is also displayed under edge://settings/profiles/sync

@Tom48 

 

like i said before only favorites and settings are synced and it doesnt care about the other settings even if you set them directly in gpo

 

edit:

 

and you cant enable the other settings at all. it says managed by your organization but thats not true (or not my intention) and its not clear where its coming from.

got a remote session with MS yesterday and they will investigate the restricted possibilites for syncing on prem (only 2 from 8 options are working) and they will also change the message for reset sync which says that the data will be deleted from MS servers, which isnt true for on prem sync.

 

So lets hope and wait.

Great news. Anxiously waiting to hear what you find out!