This week is all about simplifying the management and configuration of your favorite browsers, by using Microsoft Intune. That’s definitely not the sexiest subject, but it’s important to be familiar with the easy options that are available nowadays. With the latest additions to Microsoft Intune, the management and configuration of the different browsers became more of a native functionality. Native functionality was already available for Microsoft Edge, and recently became available for Google Chrome. And now, with the recent addition of importing third-party administrative templates, it became available for every browser that could be easily managed within an on-premises environment, by using Group Policies. Besides that, there are even alternatives when really needed. This post will provide an overview of the different options for managing and configuring browsers.
Managing and configuring Microsoft Edge browser
When looking at managing and configuring your favorite browser, the most obvious browser to start with is Microsoft Edge. Within a Microsoft environment, Microsoft Edge provides the best integrated experience. From a management perspective as well as a Microsoft 365 perspective. When looking at Microsoft Intune, there are actually multiple methods for configuring Microsoft Edge. Let’s briefly walk through the different available options and describe my preference.
- Security baseline: There is a security baseline available for Microsoft Edge that contains the Microsoft recommended configuration. That would be the ideal starting point for configuring Microsoft Edge. The challenge, however, is that the baseline is not very well maintained. At the moment of writing, the baseline is of September 2020 (Edge version 85 and later). From that perspective it’s better to create a custom security baseline configuration, based on the Microsoft Security Compliance Toolkit, by using Administrative Templates or Settings catalog. And keep that up to date.
- Administrative Templates: There are Administrative Templates available, similar to the old-school Group Policies, for configuring and managing anything around Microsoft Edge. It provides the IT administrator with the ability to relatively easy configure settings that are available as an Administrative Template. A valid option for configuring Microsoft Edge.
- Settings catalog: The Settings catalog is the ruler of all configuration options. It provides access to the same settings as Administrative Templates, and more. Besides that, it provides the IT administrator with the ability to create a single profile that contains all the available settings for Microsoft Edge and anything that might be related. My preferred method. Get started with a Settings catalog (as shown in Figure 1) by creating a new configuration profile.
Note: To verify the applied configuration in Microsoft Edge, simply navigate to edge://policy.
Managing and configuring Google Chrome browser
From a management and configuration perspective, the next browser in line would be Google Chrome. Even for Google Chrome, Microsoft Intune provides a native integration. The Group Policies that are provided by Google for managing Google Chrome, are also available within Microsoft Intune and maintained by Microsoft. Those are available by using Administrative Templates and Settings catalog. Just like with Microsoft Edge, my preferred method for configuring Google Chrome is using Settings catalog. For an extensive example see also this post about further simplifying management of the Google Chrome browser on Windows devices. Get started with a Settings catalog (as shown in Figure 2) by creating a new configuration profile.
Note: To verify the applied configuration in Google Chrome, simply navigate to chrome://policy.
Managing and configuring Mozilla Firefox browser
From a management and configuration perspective, there’s not immediately another browser next in line. From a popularity perspective, on the other hand, the next in line would probably be Mozilla Firefox. The Group Policies that are provided by Mozilla for managing Mozilla Firefox, can now also be imported directly into Microsoft Intune. That provides the IT administrator with an easy configuration experience, also for Mozilla Firefox. For an extensive example see also this post about easily managing third-party ADMX-files. Get started with Imported Administrative templates (as shown in Figure 3) by creating a new configuration profile.
Note: To verify the applied configuration in Mozilla Firefox, simply navigate to about:policies.
Managing and configuring any remaining browsers
Besides Microsoft Edge, Google Chrome and Mozilla Firefox, there are many other browsers. And many of those provide management and configuration capabilities. Browsers like Chromium, Brave, and Vivaldi, are all provided with Group Policy configuration capabilities. From a Microsoft Intune perspective, that brings the same configuration options to those browsers, as for Mozilla Firefox. When browsers don’t provide similar options, it gets more challenging. In that case, it really depends on what configuration options that browser does bring to the table. In the end, local configurations can also still be scripted.
For more information about managing and configuring browsers, by using Microsoft Intune, refer to the following docs.
- Create a policy using settings catalog in Microsoft Intune | Microsoft Learn
- Import custom and third party partner ADMX templates in Microsoft Intune | Microsoft Learn
- Use ADMX templates on Windows 10/11 devices in Microsoft Intune | Microsoft Learn
- Learn about Windows security baselines you can deploy with Microsoft Intune | Microsoft Learn
- Manage Chrome browser with Intune Settings Catalog (Windows) – Chrome Enterprise and Education Help (google.com)