According to statistics, the most popular browser today is Google Chrome, but its position in corporate networks is not too strong. Many administrators are not widely introducing or using Google Chrome because it is quite difficult to manage and update it centrally. In this article we’ll get acquainted with the administrative templates of group policies, provided by Google, that allow to manage Chrome settings centrally and make it easier to deploy and use this browser in corporate networks.
The administrative templates of the GPO for Google Chrome are deployed as follows:
- Download and unpack an archive with ADM/ADMX templates of Group Policies for Google Chrome ( http://dl.google.com/dl/edgedl/chrome/policy/policy_templates.zip).
- There are two types of group policy templates for Windows OS in the archive: ADM and ADMX (the latter is supported in the OS since Windows Vista / 2008 and above).
- Copy the files of an administrative template to the directory where they are to be stored. If you want group policy templates to be localized, don’t forget to copy the corresponding template file.
- Suppose, we are going to use the ADMX format of the GPO template and centralized domain storage of policies. Copy chrome.admx file and localization directories to \\woshub.loc\SYSVOL\woshub.loc\Policies\PolicyDefinitions
- Open the Group Policy Management Console (gpmc.msc) and switch to editing any existing policy (or creating a new one). Make sure that both in User and Computer sections of Policies->Administrative Templates there appeared a new Google folder containing two subsections: Google Chrome and Google Chrome – Default Settings (users can override).
So, we have installed GPO templates for Google Chrome browser. As we have told earlier, the new GPO section contains two subsections: Google Chrome and Google Chrome – Default Settings (users can override). The difference between them is that the settings of the latter section of policies can be changed by users in the browser settings on their computers. The settings of the first section are fixed and even the local administrator won’t be able to change them in the browser.
These administrative templates contain about 260 of different manageable Google Chrome settings.
It doesn’t make any sense to consider all of them, we’ll only demonstrate basic Chrome settings that are often to be configured in a corporate environment.
Let’s configure a proxy server: we are interested in the following policy section Google Chrome -> Proxy Server
- proxy server address: ProxyServer – 192.168.123.123:3128
- an exception list for proxy: ProxyBypassList – http://www.woshub.local,192.168.*, *.corp.woshub.local
Locate a home page: Home page -> HomepageLocation – http://woshub.com/
Change the location of the download folder:
Set download directory: c:\temp\Downloads
Apply the group policy to a client by running the command
Run the browser on the client and make sure that the GPO settings have been applied to its settings (in this screenshot, a user can’t change the values set by the administrator).
To display all settings, set by the group policies directly in the Chrome, go to the address Chrome://policy.