Deploy the ConcealBrowse extension to Edge on Windows 10+ using Intune Deploy the ConcealBrowse extension to Edge on Windows 10+ using Intune
  1. Conceal
  2. ConcealBrowse™
  3. Deployment

Deploy the ConcealBrowse extension to Edge on Windows 10+ using Intune

Description

Deploy the ConcealBrowse extension to Microsoft Edge on Windows 10+ endpoints seamlessly with Microsoft Intune.

Applies to

  • Microsoft Intune
  • Microsoft Edge version 77 and newer
    • Windows must be joined to Active Directory or Azure Active Directory
  • Microsoft Windows 10+

Pre-requisite: ConcealBrowse administrative template

Check if the ADMX templates have been imported

  1. In your web browser, log in to the Microsoft Endpoint Manager admin center
  2. On the left, click Devices. Then under the Policy section click Configuration Profiles
  3. While in Configuration Profiles, click the tab labeled Import ADMX
  4. Verify that Windows.admx and ConcealBrowse.admx appear and have a status of Available
    1. If they are all available, you may skip to either Procedure for Normal Installation (users can disable) or Procedure for Enforced Installation (users cannot disable)
    2. If they are not available, continue to the next step below.

Download ConcealBrowse ADMX files

  1. Download the ConcealBrowse.admx and .adml files attached to this article
  2. Note the download location of the files for the import step

Download Windows ADMX files

  1. Navigate to the official Microsoft ADMX templates for Windows 10+ here
  2. Download and run the MSI file which extracts the ADMX files
  3. On step 3 note the path to where the files are extracted, this will be used for the import step
    1. The default location tends to be: C:\Program Files (x86)\Microsoft Group Policy\Windows 10 October 2022 Update (22H2)\PolicyDefinitions

Import the ADMX templates

  1. In your web browser navigate to the Microsoft Endpoint Manager admin center.
  2. On the left click Devices. Then under the Policy section click Configuration Profiles
    Config_Profiles_2.png
  3. While in Configuration Profiles, click the tab labeled Import ADMX
  4. NOTE: You must upload the windows.admx and windows.adml files before ConcealBrowse.admx. If not, the error message "ADMX file referenced not found NamespaceMissing:Microsoft.Policies.Windows. Please upload it first." is displayed.
  5. To import the Windows.admx and Windows.adml files:
    1. Click Import

    2. Select the ADMX file found at .../Windows.admx

    3. Select the ADML file found at .../en-US/Windows.adml

    4. Click Next

    5. Click Create

  6. To import the ConcealBrowse.admx and ConcealBrowse.adml files:
    1. Click Import
    2. Select the ADMX file found at .../ConcealBrowse.admx
    3. Select the ADML file found at .../ConcealBrowse.adml
    4. Click Next
    5. Click Create
  7. Verify the ADMX templates have successfully loaded by refreshing the Import ADMX list and verifying the Status is Available for all templates.

Procedure for Normal Installation (users can disable)

  • In the Microsoft Endpoint Manager admin center, click Devices > Windows > Configuration profiles
  • Click Create Profile
  • In Platforms, select Windows 10 and later
  • In Profile type, select Templates
  • Click Administrative templates
  • Click Create
  • Enter a configuration name, such as Microsoft Edge - ConcealBrowse
  • Click Next
  • Configure the browser based on the Edge Settings Guide below
  • Click Next
  • Select any applicable Scope Tags
  • Click Next
  • Select any applicable Included groups and Excluded groups, and respective Filters. We recommend starting with a small test group to verify the settings work as intended
  • Click Next
  • Click Create

Procedure for Enforced Installation (users cannot disable)

Use the Procedure for Normal Installation and within the "Extension management settings", edit the installation_mode from normal_installed to force_installed

Edge Settings Guide

Required Setting

"Configure extension management settings"

  • Path: Computer Configuration\Microsoft Edge\Extensions\Configure extension management settings
  • Toggle: Enabled
  • Value:
  • { "jmdpihfpelphmllgmamebdbelmobjfpg": {  "installation_mode": "normal_installed",  "toolbar_state": "force_shown",  "update_url": "https://clients2.google.com/service/update2/crx" }}

"Microsoft Edge, ConcealBrowse Company ID"

"Microsoft Edge, ConcealBrowse Site ID"

Recommended Settings

"Configure InPrivate mode availability"

  • Conceal Recommends because extensions cannot be enforced for InPrivate mode (STIG Medium)
  • Path: Computer Configuration\Microsoft Edge\Configure InPrivate mode availability
  • Toggle: Enabled
  • Value: InPrivate mode disabled

"Enable guest mode"

  • Conceal Recommends because extensions cannot be enforced for Guest mode (STIG Medium)
  • Path: Computer Configuration\Microsoft Edge\Enable guest mode
  • Toggle: Disabled

References

Attachments

ConcealBrowse.admx (3 KB) ConcealBrowse.adml (2 KB)

Was this article helpful?

1 out of 1 found this helpful

Related articles

Articles in this section