Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Using Microsoft Group Policy to control access to Edge policies

Updated on November 10, 2022

Most enterprises use group policy to control which extensions can be run by the Edge browser. While you can add entries locally, it is best practice to specify these settings for your entire enterprise. This article discusses how to specify the following settings:

Installing the extension

Explicitly allow the Edge extension in the Group Policy Editor to use the Edge extension when you create or run automations in the Microsoft Edge browser. There are two ways that you can allow the extension:

  • Force install the extension -- Best practice is to force install the extension because that also enables the extension.

  • Add the extension to the Allow list -- If you add the extension to the Allow list, then end users must enable the extension when they open Edge.

Download and install the Administrative Templates for Edge for group policy before you allow the extension. Download the templates from the following website:

https://www.microsoft.com/en-us/edge/business/download

Force installing the Edge extension

Force install the Microsoft Edge extension when you create or run automations in the Microsoft Edge browser to install and enable the extension.

  1. In the Search box the Taskbar, enter Run.
  2. In the Run dialog box, enter gpmc.msc.
     
    Starting the Group Policy Management console
    Run dialog box
  3. In the Group Policy Management console, select Administrative Templates > Microsoft Edge > Extensions and enable Control which extensions are installed silently.
  4. In the Control which extensions are installed silently dialog box, add an entry to the update.xml file a value that includes the extension ID and the path to the update.xml file for the browser extension. The following is an example:
Software\Policies\Microsoft\Edge\ExtensionInstallForcelist\1 = iodegoagldeabbkcidchfdifcghijihb;file:///C:/Program Files (x86)/Pegasystems/Pega Browser Extension/BrowserExtensions/Edge/update.xml
  1. Installing the Pega Browser Extension creates the update.xmlfile in the Pegasystems/Pega Browser Extension/BrowserExtensions/Edge directory. You can complete this step before or after you set up the group policy setting.

 

Adding the Edge extension to the Allow List

Add the Microsoft Edge extension to the group policy allow list when you create or run automations in the Microsoft Edge browser to install the extension.

  1. From the Taskbar, enter Run.
  2. In the Run dialog box, enter gpmc.msc.
     
    Starting the Group Policy Management console
    Run dialog box
  3. In the Group Policy Management console, select Administrative Templates > Microsoft Edge > Extensions and enable Allow specific extensions to be installed.
  4. In the Allow specific extensions to be installed field, add a value with the extension ID. The following is an example:
Software\Policies\Microsoft\Edge\ExtensionInstallAllowlist\1 = iodegoagldeabbkcidchfdifcghijihb

 

Ensuring that the Edge extension can connect to the Messaging Host

If you use a Microsoft Group Policy Object (GPO) to control Edge policies, and you enable the Configure native messaging block list setting in the Native Messaging section to block all extensions, perform the following steps to provide Robot Studio and Robot Runtime with the access they need to function correctly.

  1. Start the Microsoft Group Policy Management Console.
  2. Select Computer Configuration > Administrative Templates > Microsoft Edge > Native Messaging
  3. In the Control which native messaging hosts users can use setting, add the messaging-host executable so that messaging host is not blocked. The following is an example:
Software\Policies\Microsoft\Edge\NativeMessagingAllowlist\1 = pega.web.chrome.messaginghost
  1. Save your changes and close the Group Policy Management Console.

What to do next: Enable the extension on each computer that you use to create or run automations.

  • Previous topic Using Microsoft Group Policy to control access to Chrome policies
  • Next topic Robotic Process Automations and screen locking

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us