Device Advice

Teaching you how to be a device management expert

Deploy and manage the new Chromium Edge with Intune!

by · December 13, 2019

If you haven’t had a chance to use the new Edge, you’re really missing out. Other than being Microsoft’s browser strategy going forward (a good enough reason to try it out), it has a ton of great features like AAD Account integration, PDF markup, ARM support, etc. And it already has enterprise management capabilities! Let’s take a look.

Over in the new Microsoft Endpoint Manager admin center, click on Apps > All Apps > +Add:

Apps pane

And you’ll see that Edge has its own category now:

Select Windows 10 (preview) under Microsoft Edge. Under the App information, I wrote the platform in the title (since you can also deploy to MacOS). I also selected the Beta channel under App settings.

Edge – Information
Edge App settings

Click add and you’re done! I’ll also go ahead and assign it to my Intune Users group as required.

Assignments

Perfect! So what about managing configuration for the new Edge?

On the left hand side, click Devices > Configuration profiles > + Create profile.

Configuration profiles

Select Windows 10 and later and Administrative Templates. I’ve named my profile Windows 10 – Administrative Templates – Edge.

Create profile screen

And then in the dropdown, you’ll notice that Edge has it’s own category again! Select Edge version 77 and later.

Administrative Templates settings

And here we have 17 pages of settings. I went ahead and enabled 4 policies: Configure Internet Explorer integration (which we should be using the Enterprise Mode IE website list with, but you can also send all intranet sites to IE), Send all intranet sites to Internet Explorer, Configure Microsoft Defender SmartScreen, and Configure Microsoft Defender SmartScreen for Trusted Downloads.

All Microsoft Edge Policy settings
Configure Internet Explorer integration
Send all intranet sites to Internet Explorer
Configure Microsoft Defender SmartScreen
Configure Microsoft Defender SmartScreen for trusted downloads

And once I’ve configured the settings I’ll go ahead and assign it to my Intune users group.

Assigning profile

Quick note – if you run into issues, double check if your Windows version requires a KB to apply ADMX templates:

Required KB for Edge ADMX

Great! Now on a (newly provisioned) virtual machine, let’s take a look at those settings:

Intune managed device

Once you open Edge, it prompts to sync the AAD account you’re logged in to Windows with:

First launch of Edge

Then if you click the , you’ll notice Managed by your organization at the bottom. The policies have synced!

Managed by your organization

If you click that option, you’ll be presented with a blurb on Edge management, and can dig in a bit deeper to see which policies are applied.

edge://management
edge://policy

Now we’ve deployed and managed the new Edge. The user experience is great and the Enterprise management capabilities are all there. Happy deploying!

Tags:

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *