Today’s post will be about autoinstallation of browser extensions uBlock origin and Privacy Badger viaGPO for Firefox, Edge and Chrome. We will use administration templates for GPO – known as ADMX. Maybe in the future will show you how to migrate this policy to Intune.
Policy templates
In case in your environment there is no administration templates for that browsers, first you need to download it.
Below you will find links to ADMX for specified browsers.
Firefox: https://github.com/mozilla/policy-templates/releases
Edge: https://aka.ms/EdgeEnterprise
Chrome: https://chromeenterprise.google/browser/download/#manage-policies-tab
Files with templates needs to be copied to:
Policy creation
After you will import template files you will see additional folders with configurations of browser settings.
Firefox
First will configure Firefox. Go to subtree with FF configurations.
Here we will need direct links to extensions from mozilla sites. You can can just copy it.
1 2 |
https://addons.mozilla.org/firefox/downloads/file/1672871/ublock_origin-1.18.4-an+fx.xpi https://addons.mozilla.org/firefox/downloads/file/1688114/privacy_badger-2019.2.19-an+fx.xpi |
In addition you can also modify setting for preventing from remove and disable extensions.
Here put below entries.
1 2 |
uBlock0@raymondhill.net jid1-MnnxcxisBPnSXQ@jetpack |
Edge
To configure EDGE extensions go to subtree with Edge settings. Then go to Extensions and there put ID of our extensions. In our case it will be like that:
1 2 |
odfafepnkmbhccpbejgmiehpchacaeak mkejgcgkdlddbggjhhflekkondicpnop |
in GPO editor it looks like that:
Chrome
In case of Chrome configuration looks like in the picture. We have to change setting “configure the list of force-installed apps and extensions” and over there put the values below.
1 2 |
cjpalhdlnbpafiamejdnhcphjbkeiagm;https://clients2.google.com/service/update2/crx pkehgijcmpdhfbdbbnkijodmdjhbjlgp;https://clients2.google.com/service/update2/crx |
First value is ID of extension and second is update server. ID of extension you can see after manual installation in settings.
GPO configuration looks like that.
Now just link the policy to proper OU.