MSEndpointMgr

Meet your new browser – Microsoft Edge

Internet browsers have become more than just a means of accessing lines of HTML, JavaScript and CSS over the years. Today we use browsers to control core functions of our business, through portals into technologies including Azure, Office 365, AWS, Google Gsuite and many, many more. The one thing that has become apparent though over the past 10 years in particular, is the need to support multiple browsers for end-users. The personal choice of browser is not so much a cosmetic thing, but more so about functionality, and an apparent light feel to the browser. As we all know Internet Explorer ended up being beaten by many other upcoming browsers such as Mozilla Firefox and Google’s Chrome during this time.

Windows 10 – Edge

Microsoft introduced us to Edge in Windows 10, but by this time Chrome in particular had become the dominant browser. Organisations around the globe had adopted Edge due its leading technology support, multi platform support, and the fact it could be managed through group policy with ADMX templates being available. Microsoft Edge had an uphill battle against the now established leader and unfortunately it quickly became a much unloved addition. In my experience working with customers around the globe, they had two views on the world, the first was maintaining Internet Explorer 11 for legacy systems and then running Chrome for everything else. Microsoft had to rethink its strategy if it wanted to deliver a corporate browser that was feature rich and attempt to lure users back to their browser.

Introducing the new “Microsoft Edge”

Released on January 15th 2020, Microsoft Edge marks a new departure for Microsoft.

The browser is the first to be developed on top of the underlying engine of Google Chrome, known as Chromium. So this was more than just a mere change in icon, this was a completely new browser, not something that was bolted on top of the existing and unloved Edge, but something that people were already used to, but this time in a Microsoft skin and with some enhancements from the maker of the underlying OS.

Having been an early adopter of the browser running the canary (dev) build, I was waiting in anticipation of the release date as it meant that clients would now have a native Microsoft browser that truly worked, not that there was anything wrong with Chrome. So know that Edge has gone to general release / aka “stable” build, how can we deploy and manage the new browser?

Deploying Microsoft Edge

If Microsoft are doing one good thing today, it is getting their individual product teams to talk to each other (well actually I think it is doing a lot of things right.. but for the purpose of this article). This is no more apparent than the levels of integration we see with the Configuration Manager and Endpoint Manager (Intune) product teams, which of course makes sense. I mean where better else can you have mass deployment of your new shiny version of Office or Edge, than through the management solution which is running on them.

Configuration Manager

Edge support was introduced in Configuration Manager 1910, native in the console, just like Office 365 C2R. In the Software Library blade you will notice the addition of Microsoft Edge Management.

  • Open the Microsoft Endpoint Configuration Manager console and click on the “Software Library” blade
  • Here if you right click you have the option to create a new “Microsoft Edge Application“;

  • We now can specify a name for the application and of course we need provide the path to the storage path used to download and package the application from;

  • Now we can select the channel for Edge, typically this is going to be the “Stable” channel for your end users, but you can of course provision “Beta” or “Dev” to your test users as you see fit;

  • In the next few screens we will do the usual, selecting the Distribution Points, whether the application is required or available, etc
  • At this point you can now confirm all of your settings;

  • Clicking Next and then Close on the wizard we can then see the new Edge available in your Applications list;

  • Looking into the properties of the app we can see that both x86 and x64 are catered for, along with the installation command (which are in the form of a PowerShell wrapper), detection method, and the supported OSes.
  • Going back to the properties you will notice that there is no icon set for the application. If like me you like the Software Center to appear as you would expect any other app store to appear, you can select an icon to use. You can of course browse to the EXE and obtain the icon, however you are better to find an alternative PNG file, which usually will look much better;

Upon installing the new Edge browser, it will automatically remove the previous in-build Windows 10 version. You do have the option to keep the old version using the following registry setting, however, you must specify this prior to installing the new version;

  • Key: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\EdgeUpdate
  • Value Name: Allowsxs
  • Value Type: ‘REG_DWORD’
  • Value: 00000001

More details on running the two Edge browsers side by side can be found here – https://docs.microsoft.com/en-au/deployedge/microsoft-edge-sysupdate-access-old-edge

Endpoint Manager / Intune

To deploy Edge in Endpoint Manager, we have the option of using a new in-built application. Simply follow the below steps and then assign the application as required;

  • Open the Endpoint Manager admin center (https://devicemanagement.portal.azure.com) or the Azure Admin Portal and use the Intune blade
  • Go to Apps and then Add a new App
  • Underneath “Microsoft Edge, version 77 and later” select the “Windows 10 (Preview)
  • You should now have a screen similar to the one below;

  • On the next screen you can select the channel to deploy. The stable release again would be used for general deployments;

  • Stepping through to the end we are presented with a summery of the settings, then all you need to do is assign the app;

Managing Edge

The temptation to start firing out Edge to your end users must not get in the way of managing the browser of course. The usual suspects apply here, group policy if you are managing devices on-premise or Intune MDM profiles if you are managing devices through the cloud.

Group Policy

Microsoft provide up to date administrative templates (aka ADMX files) from the following URL – https://www.microsoft.com/en-us/edge/business/download. Contained within the cab file that is downloaded you will find the usual ADMX and ADML files to add to your central store;

MSEdge.ADMX
MSEdgeUpdate.ADMX

Once added, you can obviously go ahead and configure the settings you desire inside a new or existing GPO. Below we have an example of settings applied to set the default search provider as Google;

Opening Microsoft Edge and performing a search then results in Google’s search engine being used;

Repeat the process for all other search methods, using the examples contained within the group policy settings;

Endpoint Manager /Intune

For management of Edge in a cloud managed world we use the the Administrative Templates profile type. In the below we will talk through configuring the default search provider to be Google as we did in the GPO example;

  • Go back to the Endpoint Manager admin center
  • Go to Devices and Create a Configuration Profile
  • Provide a name, select “Windows 10 and later” as the platform, and select “Administrative Templates” as the type;

  • Selecting “Edge version 77 and later” will display all of the settings for the new Edge browser
  • Now lets enter “Search” in the search field to display the browser search options;

  • Edit the “Default search provider search URL“, select enabled and enter the following;

    {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}ie={inputEncoding}

  • Edit the “Default search provider URL for suggestions“, select enabled and enter the following;

    {google:baseURL}complete/search?output=chrome&q={searchTerms}

  • Edit the “Parameters for an image URL that uses POST“, select enabled and enter the following;

    encoded_image={google:imageThumbnail},image_url={google:imageURL},sbisrc={google:imageSearchSource},original_width={google:imageOriginalWidth},original_height={google:imageOriginalHeight}

  • Edit the “Specifies the search-by-image feature for the default search provider“, select enabled and enter the following;

    {google:baseURL}searchbyimage/upload

The browser should now be set to use Google for your normal search methods, not of course that you don’t want to use Bing.

Legacy Compatibility

One of the issues with Google’s native chrome was around legacy sites, those which still work with older browsers such as Internet Explorer only. Microsoft have catered for this in the new Edge with simple solutions, such as redirection of all intranet traffic to IE11;

Furthermore we also still have the ability to specify an Enterprise site list;

Blocking the new Microsoft Edge

For organisations who wish to block the roll out of the new browser, for testing or other reasons, Microsoft provides documentation on how to achieve this at the following doc site – https://docs.microsoft.com/en-au/deployedge/microsoft-edge-blocker-toolkit 

Conclusion

Microsoft have listened to their customers here, re-building Edge from a foundation that the majority of users had moved to with Google’s own branded browser, but also adding those features that are still useful for management of the browser. Deploying Edge to replace the existing version in many organisations is probably the first entry point, as it offers far more functionality and allows end-users to have a good alternative before slowly enforcing a change in default browser.

So download it, package it, deploy it and test it. I’ve already switched, job well done Microsoft.

Maurice Daly

Maurice has been working in the IT industry for the past 20 years and currently working in the role of Senior Cloud Architect with CloudWay. With a focus on OS deployment through SCCM/MDT, group policies, active directory, virtualisation and office 365, Maurice has been a Windows Server MCSE since 2008 and was awarded Enterprise Mobility MVP in March 2017. Most recently his focus has been on automation of deployment tasks, creating and sharing PowerShell scripts and other content to help others streamline their deployment processes.

Add comment

Sponsors