"Never save password websites" group policy needed
We just deployed Edge to 1000+ devices in our organization but have discovered unwanted save password suggestions from the Password Manager. When users access an internal webpage that uses some kind of integrated windows authentication/SSO/NTLM/Kerberos etc. meaning the user is not prompted for a username and password - the password manager still suggests to save the username and password! There could be many other scenarios in an enterprise where you do not wish passwords on certain internal (or external) websites to be saved, but allow it for others. It looks like Edge automatically populates a list of websites or URL's where passwords are "never saved" and when a website is on that list Edge doesn't prompt if the user want to save the password. It would be very useful for an enterprise to have a Group Policy where we could prepopulate this list with websites we do not want the browser to save passwords for. The browser should of course still fill websites on this list that the user clicks "Never" to save, but so that the list could consist of both websites populated from the group policy and websites added by the user.
PDF Application Clobbering are blocking my ability to use Edge by default for employees.
I would love to use Edge as the default browser. The ability to use enterprise site mode and the built-in IE mode are amazing but Chrome legacy browser support works OK and the PDF issues with Edge are just to much for me to change from using IE 11 as default (lots of legacy web apps here) and Chrome as our supported browsers internally. Generally if Edge would stop trying to be a PDF viewer it would already be deployed, less then a month after its official release. We pay lots of money for 3rd party PDF software that is critical to many aspects of our business and internal process flow to allow Edge within 10 ft of a PDF file other than to download it and open in that program I've got set these settings: 1) Settings -> Downloads -> Ask where to save each file before downloading -> Disabled 2) Settings -> Site permissions -> PDF documents -> Always open PDF files externally -> Enabled When my employee's click on a PDF to download it they are taken to the Edge PDF viewer and given a prompt that says the "PDF reader is disabled" and given directions to either turn it on or download a file. This means the Setting 2 above is not applied right as it shouldn't prompt. Of course they choose "Download file" but when downloading the file they are then prompted and asked where do they want to save the file( This means setting 1 don't ask where to save is broken). Then the file is downloaded to their computer where if they haven't set the option to always open a PDF with system viewer the file is downloaded breaking (setting 2) and not opening externally. Honestly this is a bad and confusing experience for my employees' they need the PDF in external programs as we are using many sophisticated features of 3rd party products that the builtin reader is useless for. It takes way to many clicks and way to much troubleshooting for the users to get PDFs to open in a way that our business needs them to for me to currently make Edge our default browser. Realistically the PDF's should be downloaded to disk by default once the setting to "Always open PDF files externally" is enabled and if the option is set to always open in system viewer that should work when the files are clicked, I also have not found a way to reverse the option to always open in system viewer certainly would be nice to know how to reverse that so I can figure out how to set that as default. I also need some officially supported way to prevent Edge from trying to become the default PDF viewer. I've yet to find a good way, my solution works but it's not good. GPO setting like "Do not clobber or break PDF usage on peoples computers" would be a good start.Unexpected Automatic Windows Server Updates Despite GPO and WSUS Configurations
Hello everyone, I am experiencing a disruptive issue across a number of our Windows servers (ranging from Server 2012 to Server 2022). Despite a carefully managed WSUS implementation and GPO enforcement for Windows Updates, we have been facing an issue where several updates are getting automatically installed on these servers. The problem is, these updates are not ones we have explicitly approved, nor are they manually triggered for download/installation. The automatic reboots following these installations are causing significant service disruptions. Furthermore, the behavior seems to be somewhat random, which makes it even more challenging to root cause. Here is a summary of the GPO and WSUS configurations, and what I have verified so far: The GPO for Windows Updates is configured to '4 - Auto download and schedule the install'. The RSOP confirmed that there are no conflicting GPOs. WSUS is functioning correctly and the automatic approval of updates has been disabled. Dual Scan is not a factor as it's not relevant to the Windows Server versions we're using. It has been confirmed that the updates in question are indeed WSUS updates, but they haven’t been approved by us. The issue does not pertain to pre-downloaded update files or Service Stack Updates (SSUs). Given the above points, I am having a hard time figuring out why these updates are being installed and causing unplanned reboots. I would really appreciate it if anyone who has encountered a similar issue or anyone with insights could shed some light on this. Thank you in advance for your assistance! Best
Group policy setting to manage IE Mode cache
Hi sorry if this has been answered as I have not found an article that addresses this issue. I have a need in our organization to manage the setting "Clear browsing data for Internet Explorer" for our deployed Edge installations. Legacy app issues are needing to be cleared to work correctly and this needs to be done by policy due to the amount of clients I have to manage. I have the GPO for the standard "clear browsing data" key but that does not set the "Clear chosen data for Internet Explorer and Internet Explorer mode every time you exit Microsoft Edge" key to on. I could do this with Registry too if a GPO setting is not available but have yet to find this key info in my searches either. Would someone please let me know what can be done to control this setting? Thanks, Mac
