Steps to deploy Microsoft Edge for Business with GPO
How to Deploy Microsoft Edge for Business with GPO
- Create a share folder with Everyone Read Only Access (Default Permission) in AVENTIS-AD01 Server
$Path = "C:\Applications";$ShareName = "Applications"
#Create a New Folder - Applications
New-Item -Path $Path -ItemType Directory
#New SMB Share
New-SmbShare -Name $ShareName -Path $Path
#Assign Full Access permission to Domain Administrator (Optional)
Grant-SmbShareAccess -Name $ShareName -AccountName "LAB\Administrator" -AccessRight Full
- Download MicrosoftEdgeEnterpriseX64.msi (Microsoft Edge for Business) and store it in C:\Applications
- Create a new GPO and link it to the OU where computer object located
#New GPO
New-GPO -Name "UAT-Computers" -Comment "UAT GPO for Computers"
#Link the GPO to OU
New-GPLink -Name "UAT-Computers" -Target "OU=Computers,OU=LAB,DC=LAB,DC=AVENTISLAB,DC=COM"
-
Enable Always wait for the network at computer startup and logon
Computer Configuration – Administrative Templates – System – Logon – Always wait for the network at computer startup and logon
The software installation just failed with the error message below if the above setting is NOT configured
Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : %%1274
-
Create a New Assigned Package in
Computer Configuration – Policies – Software Settings – Software Installation
Verification on Windows 10 1909 Machine
Microsoft Edge for Business will be installed after user restarted their machine
Check the event log to ensure that Edge for Business is deployed successfully
Get-WinEvent -LogName System -ComputerName AVENTIS-WIN10A | ? ProviderName -eq "Application Management Group Policy"
ProviderName: Application Management Group Policy
TimeCreated Id LevelDisplayName Message
----------- -- ---------------- -------
applied successfully.
3/10/2020 5:55:03 PM 302 Information The install of application Microsoft Edge from policy UAT-Computer succeeded.
3/10/2020 5:54:36 PM 301 Information The assignment of application Microsoft Edge from policy UAT-Computer succeeded.
GPO Template for Edge for Business
- Download GPO Template and extract it
- Ensure that Central Store for Group Policy Administrative Templates is configured in AD Domain Controller or refer to the link to configure it
- Copy the adm & adml files to PolicyDefinations Folder
- C:\Users\administrator.LAB\Documents\MicrosoftEdgePolicyTemplates\windows\adm\en-US\msedge.adm to \192.168.1.230\c$\Windows\SYSVOL\sysvol\LAB.AVENTISLAB.COM\Policies\PolicyDefinitions
- C:\Users\administrator.LAB\Documents\MicrosoftEdgePolicyTemplates\windows\admx\en-US\msedge.adml to \192.168.1.230\c$\Windows\SYSVOL\sysvol\LAB.AVENTISLAB.COM\Policies\PolicyDefinitions\en-US
- C:\Users\administrator.LAB\Documents\MicrosoftEdgePolicyTemplates\windows\admx\en-US\msedgeupdate.adml \192.168.1.230\c$\Windows\SYSVOL\sysvol\LAB.AVENTISLAB.COM\Policies\PolicyDefinitions\en-US
The GPO for Microsoft Edge for Business is ready
Change Default Search Engine to Google
Go to Computer Configuration – Policies – Administrative Template – Classic Administrative Template (ADM) – Microsoft Edge – Default Search Provider
- Enable the default search provider = ENABLED
- Default Search Provider Search URL = google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}ie={inputEncoding}
Force GPO to update in client machine with "gpupdate /force" and Microsoft Edge for Business will use Google as default search provider now
Bravo – Superb and straight forward..!