So you hate yourself or you work in a big company. Either way, you will probably have to set up Intune at some point (assuming you use cloud-based solutions). Here's how to install Chrome and how to install Chrome extensions with Intune
Start by heading to the chrome enterprise download center and download the chrome MSI package
Get the Intune Content Prep Tool from here and download the
After the file is downloaded move it to a separate folder. In the folder create a folder named
Dest and one named
Source. Now take the MSI file from google and move it to the Source folder.
Now your file structure should look something like this
Open IntuneWinAppUtil and put the entire path to the Source folder
You can easily get the entire path by going to your file explorer and clicking on the path field (where the arrow is pointing in the reference image below)
Now it will ask you for the setup file. Take the full name of the MSI file (including the file extension) and past that in
Then proceed to specify the output folder. So far your terminal should look like this
It will then ask you if you want to specify catalog folder put
After all, is done hit enter and let the software do its job
Now in the Dest folder, you should see a file called
All that's left now is adding it to intune.
Open Intune > Apps > Add > Win32
Proceed to upload the .intunewin file found in the Dest folder
Fill out the app information click next. Then click next again
Under requirements select Operating system architecture and check off the 64-bit box
And then select the minimum operating system
Then click next.
Under step 4 select manually configure detection rules and then click next
When it comes to dependencies you don't need any so click next again and again
Then under step 7 select the groups you wish to install chrome to. For me, I'll be putting it under All devices
And then create it
Now intune will upload and take care of chrome. Wait a couple minutes and let it finish (you will see a notification in the top right)
Now extensions are an even bigger pain. There are a couple ways of doing it but here we'll be doing it using ADMX Configuration policies.
Head on back to the chrome download center and move over to policies
Move from Windows to Manage Policies and download the ADMX Policy template
Unzip the zip folder it gives you and then move to the following directory
policy_templates > windows > admx
Take the contents of chrome.admx and copy them for later.
Now head back to Intune and create a new configuration profile and use the custom template
Name the first profile Chrome - ADMX Ingestion
Then add a new OMA-URI row
Name the row
ADMX Ingestion and set the OMA-URI to
Set the data type to
string and paste the contents you copied earlier from chrome.admx
Click next and assign it to the devices you want and click next then review + create.
Now we have to create a new custom profile and name it
ADMX Config Now create a new row again and name it
ExtensionInstallForcelist with the OMA-URI
As for the string put in the following
<enabled/> <data id="ExtensionInstallForcelistDesc"value="1ppnbnpeolgkicgegkbkbjmhlideopiji;https://clients2.google.com/service/update2/crx2hdokiejnpimakedhajhdlcegeplioahd;https://clients2.google.com/service/update2/crx"/>
Now you see where it says
hdokiejnpimakedhajhdlcegeplioahd these are what you replace with your own extension IDs. So let us say you wanted Grammarly you'd open the extension in the chrome webstore
Note the last part of the URL (highlighted) with the random letters. This is the extension ID that you want to replace the other IDs with
After that is done click save, set it to the devices and then you're done. Next time your computer syncs with intune it'll have the extensions installed on Chrome.
If you want to check if the policy applied itself correctly you can go to the URL bar and enter
chrome://policy which will bring up all the device policies set for that instance of Chrome.
This is what it should look like