Microsoft发布了组策略模板(Group Policy Templates)的预览版,它支持基于Chromium的(Chromium)新 Microsoft Edge Web 浏览器(new Microsoft Edge web browser)。组(Group)策略是自定义(Policies)Windows 11/10上已安装软件的行为的好方法。它主要由系统(System)管理员(Administrators)用于自定义计算机的配置。
(Group Policy Templates)Edge浏览器的组策略模板
值得注意的是,这些组策略模板(Group Policy Templates)仅提供英文版(English)(美国版),并非最终版本。随着发布普遍可用,它们将不断更新和修改为最佳版本。
1] 下载最新版本的组策略模板(Group Policy Templates)
您可以从Microsoft(Microsoft)官方服务器获取当前最新版本的组策略模板。(Group Policy)转到此处(Go here)并单击下载策略模板文件(Policy template file)按钮。
要让自己了解这些组策略模板(Group Policy Templates)开发的最新信息,请参阅docs.microsoft.com上的官方(docs.microsoft.com)Microsoft Edge文档页面。新的跨平台Edge可在Windows、macOS、iOS 和Android设备上运行。
2]将(Adding)这些组策略(Group Policy)模板添加到组策略编辑器(Group Policy Editor)
您下载的包将包含Windows 10和 macOS 的(Windows 10)组(Group) 策略(Policies)。将名为 windows 的文件夹提取到本地计算机。
打开组策略编辑器(Group Policy Editor)。右键单击(Right-click)计算机 Computer Configuration > Administrative Templates ,然后选择 Add/Remove Templates.
选择 添加 (Add )并导航到提取的 windows 文件夹内的以下路径:windows\adm\en-US
选择 msedge.adm
关闭 Add/Remove Templates… 对话框。
您现在将在以下路径下找到所有组策略:(Group Policies)
User Configuration > Administrative Templates > Classic Administrative Templates.
还包括一个HTML文件,其中包含为用户偏好编制索引的所有策略。
3]人们应该知道的事情
Microsoft做了以下说明,他们希望用户知道:
- 这是一个正在进行的工作。我们正在与您分享这份早期草案以征求您的反馈,但从现在到我们的最终版本之间,列表将发生变化,政策会根据反馈进行添加、删除或更改。
- HTML文件包括Mac和(Mac)Windows策略(Windows)。
- 不包括管理更新的策略;这些将在一个单独的管理模板文件中。
- 这些只有英语(English)(美国)。我们正在努力在最终发布之前本地化政策描述和文档。
新的组策略(New Group Policy)设置Microsoft Edge可用
Microsoft 现在有一个专门的页面(has a dedicated page),他们将在其中提供有关新功能和非安全更新的信息。在最新更新中, Microsoft Edge 稳定频道(Microsoft Edge Stable Channel)新增了 16 条策略。IT 管理员或管理员(Admin)用户可以手动下载Edge ( Chromium ) 的(Chromium)组策略(Group Policy)设置并将它们与现有策略合并。
要下载更新的管理模板(Administrative Templates),您必须转到Microsoft Edge Enterprise登录页面。在那里您可以选择通道或构建、平台,然后单击获取策略文件(Get Policy Files)链接。该链接位于下载按钮旁边,它将下载Edge浏览器。确保(Make)单击它旁边的链接以下载Group Policy Settings Edge。
它将下载需要在策略文件夹中提取的CAB文件或将msedge.admx 文件复制到PolicyDefinition文件夹中。
示例:%systemroot%sysvoldomainpoliciesPolicyDefinitions。
或者,您可以使用组策略编辑器导入 Microsoft Edge 模板。(Group Policy Editor to import the Microsoft Edge templates.)
以下是适用于稳定版 80的新 16 条策略列表(Version 80)
- AlternateErrorPagesEnabled –在找不到网页时建议类似页面。(Suggest)
- DefaultInsecureContentSetting –控制(Control)不安全内容异常的使用。
- DNS InterceptionChecksEnabled –启用DNS拦截检查。(DNS)
- HideFirstRunExperience – 隐藏(HideFirstRunExperience – Hide)首次运行(First-run)体验和闪屏。
- InsecureContentAllowedForUrls – 允许(InsecureContentAllowedForUrls – Allow)指定站点上的不安全内容。
- InsecureContentBlockedForUrls – 阻止(InsecureContentBlockedForUrls – Block)指定站点上的不安全内容。
- Legacy SameSite CookieBehavior Enable d –启用(Enable)默认的旧SameSite cookie 行为设置。
- LegacySameSiteCookieBehaviorEnabledForDomainList – 恢复(LegacySameSiteCookieBehaviorEnabledForDomainList – Revert)到指定站点上 cookie 的旧SameSite行为。
- PaymentMethodQueryEnabled –允许(Allow)网站查询可用的支付方式。
- PersonalizationReportingEnabled –通过向Microsoft发送浏览历史记录,(Microsoft)允许(Allow)个性化广告、搜索和新闻。
- PinningWizardAllowed – 允许固定(PinningWizardAllowed – Allow Pin)到任务栏向导。
- SmartScreenPuaEnabled –配置 Microsoft Defender SmartScreen(Configure Microsoft Defender SmartScreen)以阻止可能不需要的应用程序。
- TotalMemoryLimitMb – 设置(TotalMemoryLimitMb – Set)单个Microsoft Edge实例可以使用的兆字节内存限制。
- WebAppInstallForceList – 配置(– Configure)强制安装的Web 应用(Web Apps)列表。
- WebComponentsV0Enabled – 在M84(M84)之前重新启用Web Components v0 API。
- WebRtcLocalIpsAllowedUrls – 通过WebRTC管理本地 IP 地址的公开。
其中一些政策非常有趣
- DNSInterceptionChecksEnabled:可用于禁用DNS拦截检查。这些检查试图发现浏览器是否位于重定向未知主机名的代理后面。
- DefaultInsecureContentSetting:允许用户设置用户是否可以添加例外以允许特定站点的混合内容。如果您的网站同时提供安全和不安全的内容,则可以启用它。
Edge 团队还弃用了 NewTabPageCompanyLogo,(deprecated the NewTabPageCompanyLogo,)它允许 IT 设置新的标签页公司徽标。他们还解决了两个问题(resolved two issues)。一个解决了Citrix环境没有音频问题。其次(Second),Microsoft Edge和旧版Microsoft Edge的并行体验会导致旧版链接中断和崩溃。
我希望这些针对新Microsoft Edge Chromium浏览器的(Microsoft Edge Chromium)组策略(Group Policy)模板的发布对您有所帮助。
阅读(Read):
- 适用于 Windows 11 的组策略设置参考电子表格和 ADMX 模板
- 如何安装或更新组策略管理模板 (ADMX)(Install or Update Group Policy Administrative Templates (ADMX))。
Download Group Policy Templates for Microsoft Edge browser
Microsoft has released a preview version of Group Policy Templates that supports the new Microsoft Edge web browser based on Chromium. Group Policies are a great way to customize the behavior of an installed piece of software on Windows 11/10. It is mainly used by System Administrators to customize the configuration of computers.
Group Policy Templates for Edge browser
It is worth noting that these Group Policy Templates are only available in English (US version) and are not final. They will continuously be updated and modified to the most optimal version as the release is generally available.
1] Downloading the latest release of the Group Policy Templates
You can get the current latest release of the Group Policy Templates from the official Microsoft servers. Go here and click on the Download Policy template file button.
To keep yourself with the latest about the development of these Group Policy Templates, please refer to the official Microsoft Edge documentation page on docs.microsoft.com. The new cross-platform Edge runs on Windows, macOS, iOS and Android devices.
2] Adding these Group Policy Templates to the Group Policy Editor
The package that you download will contain the Group Policies for both Windows 10 and macOS.Extract the folder called windows to your computer locally.
Open the Group Policy Editor. Right-click on Computer Configuration > Administrative Templates and select Add/Remove Templates.
Select Add and navigate to the following path inside that extracted windows folder: windows\adm\en-US
Select msedge.adm
Close the Add/Remove Templates… dialog box.
You will now find all the Group Policies under the following path:
User Configuration > Administrative Templates > Classic Administrative Templates.
There is also an HTML file included that contains all the policies indexed for a user’s preference.
3] Things one should know
Microsoft has made the following notes that they expect a user to know:
- This is a work in progress. We are sharing this early draft with you for your feedback, but the list will change between now and our final release, with policies being added, removed or changed based on feedback.
- The HTML file includes both Mac and Windows policies.
- Policies for managing updates aren’t included; those will be in a separate administrative template file.
- These are only in English (US). We are working on localizing the policy descriptions and documentation before our final release.
New Group Policy settings Microsoft Edge available
Microsoft now has a dedicated page where they will provide information about new features and non-security updates. In the latest update, there are new sixteen policies that have been added to Microsoft Edge Stable Channel. IT admins or Admin users can manually download Group Policy settings for Edge (Chromium) and merge them with existing policies.
To download the updated Administrative Templates, you will have to go to the Microsoft Edge Enterprise landing page. There you can select the channel or build, platform, and click on Get Policy Files link. The link is next to the download button, which will download the Edge browser. Make sure to click on the link next to it to download Group Policy Settings Edge.
It will download a CAB file that needs to extract in the policy folder or Copy the msedge.admx file to the PolicyDefinition folder.
Example: %systemroot%\sysvol\domain\policies\PolicyDefinitions.
Or you can use the Group Policy Editor to import the Microsoft Edge templates.
Here is the list of new sixteen policies available for Stable Version 80
- AlternateErrorPagesEnabled – Suggest similar pages when a webpage can’t be found.
- DefaultInsecureContentSetting – Control use of insecure content exceptions.
- DNSInterceptionChecksEnabled – DNS interception checks enabled.
- HideFirstRunExperience – Hide the First-run experience and splash screen.
- InsecureContentAllowedForUrls – Allow insecure content on specified sites.
- InsecureContentBlockedForUrls – Block insecure content on specified sites.
- LegacySameSiteCookieBehaviorEnabled – Enable default legacy SameSite cookie behavior setting.
- LegacySameSiteCookieBehaviorEnabledForDomainList – Revert to legacy SameSite behavior for cookies on specified sites.
- PaymentMethodQueryEnabled – Allow websites to query for available payment methods.
- PersonalizationReportingEnabled – Allow personalization of ads, search, and news by sending browsing history to Microsoft.
- PinningWizardAllowed – Allow Pin to taskbar wizard.
- SmartScreenPuaEnabled – Configure Microsoft Defender SmartScreen to block potentially unwanted apps.
- TotalMemoryLimitMb – Set limit on megabytes of memory a single Microsoft Edge instance can use.
- WebAppInstallForceList – Configure a list of force-installed Web Apps.
- WebComponentsV0Enabled – Re-enable Web Components v0 API until M84.
- WebRtcLocalIpsAllowedUrls – Manage exposure of local IP addresses by WebRTC.
Some of these policies are very interesting
- DNSInterceptionChecksEnabled: It can be used to disable DNS interception checks. These checks attempt to discover whether the browser is behind a proxy that redirects unknown hostnames.
- DefaultInsecureContentSetting: Allows users to set whether users can add exceptions to allow mixed content for specific sites. If you have sites that serve both secure and insecure content, then you can enable it.
Edge team has also deprecated the NewTabPageCompanyLogo, which allowed IT to set a new tab page company logo. They have also resolved two issues. One resolved no audio issue with the Citrix environment. Second where Microsoft Edge and legacy Microsoft Edge side by side experience results in broken legacy links and crashes.
I hope the release of these Group Policy Templates for the new Microsoft Edge Chromium browser is helpful to you.
Read: