Microsoft Edge Multiple Statup Pages (via GPO)

Microsoft Edge KB ID 0001818

Problem

Controlling Microsoft Edge with Group Policy is pretty straight forward, you just need to ensure the msedge.admx and msedgeupdates.admx files have been added to your policy definitions store in the right folders. If you have no idea what I’m talking about, see the following article.

Microsoft Edge on Server 2019/2016 (and Citrix)

Then you can deploy group policies to your server’s/client’s Microsoft Edge browsers.

Solution: Microsoft Edge ‘Start Pages’

Create a new GPO (or edit an existing one) that’s linked to your target COMPUTERS OU > Navigate to.

[box]

Computer configuration > Policies > Administrative Templates > Microsoft Edge > Sites to Open When the Browser Starts

[/box]

Enable the policy > Show > Enter the URLs you want to open line by line > OK > Exit the group policy editor.

Then wait, or force a policy update to test.

Related Articles, References, Credits, or External Links

NA

Edge View Certificate Information

Edge View Certificate Information KB ID 0001815

Problem

Not sure why, but I spend a large amount of time working on certificate problems, being asked questions about certificates, or fixing certificate problems. For certs that are web presented, back in the days of IE I could simply do this.

For those sniggering at my IE use – I typically work on client’s sites where I can’t go round installing browsers that are not terrible! Now that was all fine, now we (finally have got rid of IE (mostly)). How do I do the same with Edge?

I was losing my temper trying to fix my test Exchange server certificates today. Because I could not find the same information with Microsoft Edge. As it transpires the information is there, Microsoft have just done their best to hide it!

Edge View Certificate Information: Solution

You need to click the ‘padlock’ > Connection is Secure > Then click the small Icon at the top > the certificate details are then displayed on two tabs, the information is not as well formatted as it used to be, but it’s all there.

 

 

Related Articles, References, Credits, or External Links

NA

Microsoft Edge on Server 2019/2016 (and Citrix)

KB ID 0001657

Problem

In a fit of lunacy Microsoft have called ‘their’ new browser Microsoft Edge, so we can spend the next few months confusing it with Edge. Plus every Google search for GPO settings, error messages etc will all now show search results for the old Edge Browser not the new Microsoft Edge browser! Perhaps the same doofus at Microsoft who called the Exchange sync Active Sync when Microsoft already had a product called Active Sync was involved?

Anyway I got a request from a client this week to have Microsoft Edge on their Citrix environment, there was some confusion (imagine that), because Edge does not work on server 2016, (and it’s not shipped as part of server 2016), but would Microsoft Edge work?

Installing Microsoft Edge on Server 2019/2016 (With IE11)

Why is Internet explorer still alive? Anyway If you want to install Edge on a modern Windows server firstly ensure you are fully up to date with updates! Then open IE. Internet Options > Security > Custom > Scripting > Enable Active Scripting > OK > Yes > Apply > OK.

 Then go to https://www.microsoft.com/en-us/edge/business and install it manually.

Microsoft Edge on Server 2019/2016

The first test was, ‘would it run on Server 2016’, it detected the OS as Windows 10 (unsurprisingly), and installed fine;

Microsoft Edge on Remote Desktop Services

Well Citrix is really just Remote Desktop Services in a leather jacket, so the next test was,’ would it work in RDS?’ I span up an RDS farm on the bench, and was pleased to see I could select Microsoft Edge as a RemoteApp, (not that I needed to deploy it using RemoteApp, but it being detected was promising).

And in an RDS session it worked faultlessly.

Deploy Microsoft Edge on Citrix (Server 2016)

Here’s where we had a problem, it installed fine, but every time I went to open it, all I got was a ‘white screen’ for about 5 minutes, after this it burst into life, which I couldn’t really ask the client to put up with!

As this was happening when I launched the browser I ‘wrongly’ assumed it was a ‘first run‘ problem (for the uninitiated, previous Microsoft browsers got an annoying ‘how do you want to set the browser up’ routine, then finally dumped you on the MSN webpage, (does anyone actually use the MSN webpage?) While it didn’t cure my problem it’s worth mentioning how I stopped the first run dialog happening);

Controlling Microsoft Edge with Group Policies

If you are used to importing ADMX and ADML files then this will be a breeze to you. If you are really interested I cover the subject in great deal in the following post;

Setup up a Central ‘PolicyDefinitions’ Store (for ADMX files)

Essentially download the latest msedge.adml and msedgeupdate.adml files and (on a Domain controller,) copy them to;

[box]

C:\Windows\SYSVOL\{domain-name}\Policies\PolicyDefinitions\en-US

[/box]

Note: Other Input locales are available, my servers are using English (US).

Then copy the msedge.admx and msedgeupdates.admx files to;

[box]

C:\Windows\SYSVOL\{domain-name}\Policies\PolicyDefinitions

[/box]

Microsoft Edge Stop ‘First Run’ With Group Policy

The two policies I used are both located at;

[box]

Computer configuration > Policies > Administrative Templates > Microsoft Edge

[/box]

Microsoft Edge: Stop Importing of Bookmarks/Favourites

Locate: ‘Automatically import another browser’s data and settings at first run‘ > Enable the policy, and select ‘Disable automatic import and the import section of the first run experience is skipped‘ > Apply > OK.

Microsoft Edge: First Run

This will disable the entire first run dialog;

Locate: ‘Hide the First-run experience and splash screen‘ > Enable the policy > Apply > OK.

Then either wait or force a policy refresh.

Deploy Microsoft Edge on Citrix

As it was working in RDS and not working on Citrix, then the problem was probably Citrix*. Citrix is one of my weaker subjects, so credit for the actual fix should go to my colleague (Dan Brookes). 

*After I had discounted existing group policies, and other installed applications.

Running Microsoft Edge while it was ‘hanging’ and looking at what was going on in ‘Process Monitor’ showed a lot of hook64.dll entries;

This pointed to the culprit, open the registry Editor (regedit) and navigate to;

[box]

HKEY_LOCAL_MACHINE > System > CurrentControlSet > Services > CtxUvi

[/box]

Locate the UviProcesExcludes REG_SZ value, edit it and add ‘msedge.exe;‘ to the end.

Theres probably one service you can restart, but I simply rebooted the server, (problem solved).

FSLogix and Microsoft Edge

If you are running FSLogix you should also add an ‘exclusion’ to the Redirections.xml file, (located in your \\{domain-name}\NETLOGON folder).

[box]

<Exclude>AppData\Local\Microsoft\Edge Dev\User Data\Default\Cache</Exclude>

[/box]

 

Related Articles, References, Credits, or External Links

Microsoft Edge (macOS) Migrate Bookmarks from Safari

Outlook URL Shortening?

KB ID 0001735

Problem

Outlook URL: I first noticed this a few weeks ago, When copying and pasting a URL into an email it shortens the URL and  gives it the pages title. At first i thought my firms Devs had changed  the way our CRM works, but then  I noticed it happening with SharePoint URLs as well, this is  what I mean;

I don’t have a problem with it, in fact I much prefer it! However I got an email this morning from someone asking how to turn it off.  As it transpires it has nothing to do with Outlook at all.  It’s a feature of the Microsoft Edge browser.

Outlook URL Shortening is Really Microsoft Edge 

Within Microsoft Edge > Preferences > Share, Copy, and Paste > Select your preference, if you want  to disable this feature select ‘Plain Text’

And now the actual URL will be posted.

Related Articles, References, Credits, or External Links

NA

Microsoft Edge (macOS) Migrate Bookmarks from Safari

KB ID 0001641

Problem

So now theres a version of Microsoft Edge for macOS! Normally I would not bother, but I spend a lot of time in SharePoint and Azure so I thought, rather than my usual approach of playing ‘Browser Roulette’ I’d try Microsoft Edge and see what it was like.

My usual browser of choice is Safari, but the install wizard defaults to wanting to import bookmarks / favourites* from Chrome. (I do also have Chrome, but I don’t use it often!)

*Note: Wow! Microsoft have spelled Favourites correctly for once!

So how to get my Safari Bookmarks?

Solution

Firstly Edge needs full disk access to get the bookmarks > Apple Logo > System Preferences > Security & Privacy > Privacy > Full Disk Access > ‘UNLOCK’ > Tick Microsoft edge.

Launch Edge > {ellipses} > Settings > Import Browser Data > Select ‘Safari’ > Import.

So now they are there, but they look like a ‘bag of spanners’ all my neat folders have been moved into another folder called ‘Imported from Safari”.

From ‘Manage Favourites’, you can drag everything to where you want it.

Related Articles, References, Credits, or External Links

NA

Microsoft Edge Can’t Be Opened Using The Built-In Administrator Account

KB ID 0001096 

Problem

Not only the built in administrator account, if you try and open Microsoft Edge whilst logged in as the Domain Administrator you will also see the same error message.

To be honest this is a good thing, you shouldn’t be doing something potentially dangerous like going on the Internet as the administrator anyway. However for my test Windows 10 machine on the bench I’m not really bothered, I just want it to work,

Solution

Enable Microsoft Edge for Administrators (one machine)

1. From the Start/Run menu type and execute secpol.msc (local security policy editor).

2. Navigate to;

[box]Security Settings > Local Policies > Security Options > User Account control: Admin Approval Mode for the Built-in Administrator account[/box]

3. Set the policy to ‘Enabled’ >Apply > OK.

4. Reboot.

5. Boom! There it is.

Enable Microsoft Edge for Administrators (Multiple Domain Machines via GPO)

Warning: With great power comes great responsibility, if you have some test machines in one OU and you want to do this for them, thats fine. But REMEMBER this setting is a good thing DO NOT go linking this GPO to the root of your domain!

1. On a DC or a machine with the RSAT tool installed, Launch Group Policy Editor. Create a new GPO or edit and existing one.

2. Navigate to;

[box]Computer Configuration >Policies > Windows Settings > Security Settings > Local Policies > Security Options > User Account control: Admin Approval Mode for the Built-in Administrator account[/box]

3. Set the policy to ‘Enabled’ > Apply > OK.

4. Close the Group Policy Management Editor. If you have a Windows 2012 domain you can force the policy refresh on a particular OU, or simply run ‘gpupdate /force’ on the target machine, (or you could also wait a couple of hours, or simply reboot the target machines).

Enable Microsoft Edge for Administrators (one machines via the registry)

‘Home’ editions of windows have local policy editing options, for those you will have to edit the registry directly.

1. Open regedit.

2. Navigate to;

[box]HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft >Windows > CurrentVersion > Policies > System[/box] Locate and set the value of ‘FilterAdministratorToken’ (Note: You may need to create the 32-bit DWORD,) to 1.

3. Navigate to;

[box]HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > Policies > System > UIPI[/box]

Locate and set the value of ‘(Default)’ to 1.

Related Articles, References, Credits, or External Links

NA