Google Chrome Leverages Active Directory for Centralized Deployment and Management

1 of 9

Google Chrome Leverages Active Directory for Centralized Deployment and Management

by Andrew Garcia

2 of 9

MSI Installer

The new Chrome MSI installer package can be deployed using standard windows management software, like Active Directory Group Policy.

3 of 9

Install at Reboot

After creating a Group Policy-based installation rule, I issued a policy refresh (above). Chrome installed successfully after the next client reboot.

4 of 9

Rip and Replace

The new installation recognizes and removes any pre-existing versions of Chrome installed within user profiles. The users bookmarks and passwords are migrated to the new instance.

5 of 9

Administrative Templates

Google offers both ADM and ADMX versions of the Chrome Administrative Templates, which can be used to centrally configure Chrome behavior. Each kind of template includes 36 different policies at this time.

6 of 9

Create GPO and Link

To apply Chrome policies, I created a new OU (Organizational Unit) in Active Directory, moved the managed clients to that container, then created a new Group Policy which I applied to the container.

7 of 9

Changing Search Provider

Administrators can change the default search provider in Chrome. Here I set the policy to use Bing instead of Google (top), allowing me to search from the link bar (middle).

8 of 9

Blocking Extensions

Administrators can easily issue a blanket blacklist to deny users the ability to install browser extensions. Blacklisting individual extensions requires more work—finding the extension ID (top left) and creating the blacklist policy (top right). At bottom, the policy is enforced.

9 of 9

Password Controls

By policy, I could allow or deny the ability for the browser to offer to save passwords. When allowed, I could further block the users ability to see saved passwords in clear text. The circle (left) shows where the option would exist, sans blocking policy.

Top White Papers and Webcasts