Use Registry to Manage Chrome for Domain Joined Workstations

  • by

Google Chrome do provide the ADMX / ADM file to be imported to AD for centralize managment with GPO. However, we do facing some difficultity in some of our client side, which we do not have sufficient Administrator Right to imported the Chrome Template and we have to use Registry to manage Chrome for Domain Joined Workstations

  1. Download Chrome bundle for Windows 64-bit
  2. Extracted the download zip file to C:\Temp and open the Chrome.reg in C:\temp\GoogleChromeEnterpriseBundle64\Configuration\examples
  3. You can see all the Registry Setting in the Chrome.reg and modify to suit your enviroment

How to set default homepage for Chrome

  1. Prepare the following PowerShell Script and configure it as Computer Startup Script in GPO
$Chrome = "HKLM:\SOFTWARE\Policies"
$ChromePath = "HKLM:\SOFTWARE\Policies\Google\Chrome"

if (Test-Path ($ChromePath)) {

    Write-Host "Registry Path Existed!!"
} 

Else {

    New-Item -Path $Chrome -Name "Google"
    New-Item -Path $Chrome\Google -Name "Chrome"

    New-ItemProperty -Path $ChromePath -Name "HomepageLocation" -PropertyType "String" -Value "https://AventisTech.com"
    New-ItemProperty -Path $ChromePath -Name "NewTabPageLocation" -PropertyType "String" -Value "https://AventisTech.com"

}
  1. User will be redirected to https://AventisTech.com when they open Chrome next time. However, it is recommended to manually reboot the PC to let the GPO to be applied immediately

Windows periodically refreshes group policy settings throughout the network. On client computers, this is done by default every 90 minutes, with a randomized offset of plus or minus 30 minutes. When you make a change to a group policy, you may need to wait two hours (90 minutes plus a 30 minute offset) before you see any changes on the client computers. Even then, some changes will not take effect until after a reboot of the computer.

Import Chrome ADMX to Centralize SYSVOL for All AD Domain Controllers

  1. Create PolicyDefinitions Folder in SYSVOL and copy all local PolicyDefinitions files to SYSVOL
#Create PolicyDefinitions Folder in SYSVOL - replace the Domain to your own domain
New-Item -Path C:\Windows\SYSVOL\sysvol\mylab.local\Policies\PolicyDefinitions -ItemType Directory 

#Copy local PolicyDefinitions to Central Location 
Copy-Item -Path C:\Windows\PolicyDefinitions\* -Destination C:\Windows\SYSVOL\sysvol\mylab.local\Policies\PolicyDefinitions
  1. Copy the Chrome ADMX & ADML file to SYSVOL
Copy-Item -Path C:\Temp\GoogleChromeEnterpriseBundle64\Configuration\admx\chrome.admx -Destination C:\Windows\SYSVOL\sysvol\mylab.local\Policies\PolicyDefinitions 


Copy-Item -Path C:\Temp\GoogleChromeEnterpriseBundle64\Configuration\admx\en-US\chrome.adml -Destination C:\Windows\SYSVOL\sysvol\mylab.local\Policies\PolicyDefinitions\en-US
  1. You should be able to see the Chrome Policy is availbe to be configured in GPO now

GPO-Chrome-01