Block Microsoft from running experiments in the Microsoft Edge browser
Browsers like Firefox, Chrome or Microsoft Edge come with built-in functionality to run experiments. Browser makers like Mozilla or Google may enable or disable features or changes in select browsers; this is often used to A-B test features or get early feedback on new implementations. While most users may not even notice that experiments are running in their browsers, it happened in the past that experiments caused issues. The latest case was revealed in November when administrators from around the world reported that a Chrome experiment would crash browsers in organizations worldwide. Negative side-effects of experiments are a problem for home users and business users alike, and it is often desirable to disable or block experiments from being downloaded and run. Microsoft distinguishes between controlled feature rollouts and experiments in the company's new Chromium-based Microsoft Edge web browser. Both are made available to part of the user base when they start to roll out but similarities end here. Microsoft notes: Microsoft Edge builds have features and functionality that are still in development or are experimental. Experiments are like CFR, but the size of the user group is much smaller for testing the new concept. These features are hidden by default until the feature's rolled out or the experiment's finished. Experiment flags are used to enable and disable these features. System administrators may use the "Control communication with the Experimentation and Configuration Service" on pro and Enterprise editions of Windows 7, 8.1 or 10 to prevent experiments in the browser. Here is what is needed for that: Get the latest Microsoft Edge policy file from the Microsoft Edge Insider website. It is likely that the policies will become available natively eventually when Edge is released and integrated in Windows. Extract the file (first a cab, then a zip). Open Windows > Admx. Copy the two .admx template files to C:\Windows\PolicyDefinitions\. Open the language folder that matches the system language and copy the .adml files to the corresponding language folder of C:\Windows\PolicyDefinitions\ Open Start, type gpedit.msc and hit the Enter-key to open the Group Policy Editor. Consult this Docs page on the Microsoft website for additional scenarios, e.g. when domain controllers are used. Open Computer Configuration > Administrative Templates > Microsoft Edge. Open the policy "Control communication with the Experimentation and Configuration Service" policy. Set the policy to Enabled. Set it to either "Retrieve configurations only" or "Disable communication with the Experimentation and Configuration Service". Retrieve will download configuration payloads only, disable won't download or enable them. The behavior of not configuring the policy differs depending on whether it is a managed or unmanaged device. Managed devices will download the configuration only while unmanaged devices will retrieve configurations and experiments. Source
Camera and Mic Site Permissions
edge settings/privacy/sitePermissions/allPermissions/camera edge settings/privacy/sitePermissions/allPermissions/microphone I was looking to add some sites / urls to automatically permit access to both camera and mic to stop the age old i said no and now cant use service x type service calls from coming in. i added these 2 policies to the admin template Sites that can access audio capture devices without requesting permission Sites that can access video capture devices without requesting permission both succeed in delivery to the device but don't appear in the edge site permission list as expected have i got the wrong policy? is it broke?
Chrome extension managed storage policy
Hi there, I've developed a chrome extension and now we want to deploy it using Intune. Force install of extension works great but I can't pass managed data to the extension. Here is the scheme: { "type": "object", "properties": { "apiKey": { "title": "API Key", "description": "An API key to communicate with server.", "type": "string" } } } This is the policy that I created in Intune: OMA-URI: ./Device/Vendor/MSFT/Policy/Config/Chrome~Policy~googlechrome~3rdparty~extensions~eagefwefpbjpewefliifpgfgoewfknnmk~policy Data type: String Value: {"apiKey":"mykey123"} But it doesn't appear in chrome://policy and when I get policies in my code with: const result = await chrome.storage.managed.get(null); The result is empty! What is the problem here? And how to fix it?There needs to be a policy to enable Edge Secure Network
As soon a single policy is set for Microsoft Edge, either through group policy or registry, the Edge Secure Network becomes unavailable. There needs to be a policy to enable it again. Using a registry key or local policy to control Edge doesn't mean it's controlled by an organization or personal Microsoft accounts are not used.Official Download links for Microsoft Edge Stable Enterprise
I'm not 100% sure it's final but anyone who wishes/wants can test it. Microsoft Edge Stable Enterprise X64.msi http://go.microsoft.com/fwlink/?LinkID=2093437 X86.msi http://go.microsoft.com/fwlink/?LinkID=2093505 MicrosoftEdgePolicyTemplates.cab http://go.microsoft.com/fwlink/?LinkID=2099616 MicrosoftEdgeIntunePolicyTemplate.cab http://go.microsoft.com/fwlink/?LinkID=2099617 macOS.pkg http://go.microsoft.com/fwlink/?LinkID=2093438 Blocker Toolkit to disable automatic delivery of Microsoft Edge https://docs.microsoft.com/en-us/deployedge/microsoft-edge-blocker-toolkit
Edge extension policy
In our extension we want to use one of our micro-frontend application so we will load it inside an iframe in the some part of the our extension, does the extension policy allow this? This application can send events via “post message”, and also we have authentication through auth0. Does this mean that if we will load our micro-frontend application we are violating the policy?
Edge does not use the configured policys
Hi together, We currently have this very strange problem: We've downloaded the Edge Enterprise MSI (97.0.1072.69) including the Windows 64-bit Policys from here: https://www.microsoft.com/en-us/edge/business/download and successfully deployed them to all our Clients. The new ADMX Templates were also copied to the SYSVOL Store of the Main DC, which is a WS 2012 R2 one. We've created a new GPO and "gpreport -H report.html" reports that it was successfully applied to one of our Test-Clients (W10 Pro 21H1): However, the "edge://policy/" Link shows that no single Policy was applied: Can someone explain to me why it doesn't apply the Edge-GPO?
