Manage Google Chrome Update With intune
Hello, I’m reaching out because I’m trying to understand why my Google Chrome browsers are taking so long to update. I have deployed the ADMX/ADML templates and configured the required policies, but despite this, the update process works poorly. You will find attached some screenshots that may help ? Thanks PS : The update engine is always up to date, but the browser itself is not.
Find a way to block Incognito if specific extension isn't allowed in Incognito
Our product is for AI security and one of the main challenges we have is how do we make sure the extension will always run even in Incogntio mode. I'm talking about the Chrome browser. There is a flag that seems to be not supported MandatoryExtensionsForIncognitoNavigation while Edge do support this. This is very critical to us and I assume all enterprises that would like to keep Incognito mode but still keep security. If this is no an option can we at least have a formal way to check from command line if an extension is allowed in Incognito mode so we can disable Incognito for these users if our ext isn't allowed?Removing completely the Use AI mode from Google search widget.
Hi All, I'm trying to remove completly the option of AI mode in Google chrome. I was able to use these settings. AIModeSettings=1 GenAiDefaultSettings=2 How ever it doesn't remove the AI mode from the Google.com search bar that is inside the page. Any formal way to remove this option?
DnsOverHttpsTemplatesWithIdentifiers forcibly hashes all variables, making them useless
Hi folks, This post relates to a recent change in the DnsOverHttpsTemplatesWithIdentifiers setting, which appears to no longer allow for plaintext variables to be passed to the DNS-over-HTTPS resolver, and everything is now forcibly hashed, with no ability to turn this off and restore original behavior. While I understand the reason for this, when it comes to public DNS resolvers, this change now poses a major hindrance to end users who use private DNS resolvers, and WANT to pass plaintext identifying information (USER_EMAIL specifically) to the DNS-over-HTTPS resolver, so they can see who is responsible for the DNS traffic on the other end, in the Analytics and DNS logs that are streamed into the SIEM. Considering DNS payload is already encrypted (DOH is used) and the org admin wants to see the plaintext identifiers, this poses a major UX issue since now they cannot correlate activity easily, and requires creation of mapping files, and constant need to sync them out of band. Without this, you see useless hashes that don't serve a purpose. We feel there should be a setting that allows the admin of an organization to pass plaintext identifiers if they so choose to, as it poses no security issues for private DNS resolvers, over HTTPS. Are there any plans to restore this original behavior, or at least offer a setting to allow it to behave as it did before, and not hash these variables? Thanks
