Skip to main content

Apty Widget Mass Distribution for different Browsers with GPO

  • Updated

Mass Distribution for Google Chrome with GPO

Introduction 

This document provides step-by-step instructions on how to utilize your Active Directory Group Policy Management against Google Chrome templates, to deploy the Apty Client Browser extension to all PCs in your organization.  

 Topics

Step 1: Downloading Chrome Policy Templates

1. Download Chrome templates by visiting the link below:
https://dl.google.com/dl/edgedl/chrome/policy/policy_templates.zip

2. Extract archive in the temporary location

Step 2: Adding Chrome .admx  and .adml files to Group Policy  

1. Navigate to the directory in which you extracted the Policy Templates and copy the chrome.admx file located at\policy-templates\windows\admx directory toC:\Windows\PolicyDefinitions

2. Navigate to the directory in which you extracted the Google Chrome Bundle and copy the chrome.adml file  located within the policy-templates\windows\admx\en-USdirectory toC:\Windows\PolicyDefinitions\en-US

Note: If a different language is desired instead of en-US, please navigate to the directory for the correct language of your choosing. Ex: es-ES  

Step 3: Create or Configure your Chrome Policy 

1. Open the Group Policy Manager on your domain controller and expand out your domain -> Group Policy Objects. If you currently do not have a Group Policy created in which you want to utilize for Chrome Policies, proceed to right clicking on Group Policy Objects and create a New Policy.

2. Name the policy something relevant. Ex: “ChromePolicy”  

3. Once created, right click the new policy and select Edit.

4. Expand out Chrome Policy > Computer Configuration > Policies -> Administrative Templates > Google  Chrome  > Extensions then right click and Edit the Configure the list of force-installed apps and extensions

5. Select the Enable radio button, and then click the  Show  button  

6. Add the following value.

 

{extension-id};https://apty-assist-production-s3.s3.amazonaws.com/production/{tenant-id}/update.xml
AmazonAWSURL.png

7. Click OK

Note: Extension ID will be provided to you by the Customer Support team.

8. Click Apply, and then click OK

9. Next, right click the Configure extension installation whitelist and select Edit from the context menu

10. Select the Enabled radio button, and then click the Show button.

11. Add the Application Key and Click OK

12. Click Apply and then click OK

13. Exit the Group Policy Management Editor, Right Click the OU of your choice, in which contains your Computers or Users and select Link an Existing GPO.

14. Select the “Chrome Policy”(the one which is created now) and click OK

15. For any PC or User within that OU, the “Chrome Policy” will automatically install the  Apty Client Browser Extension   

Step 4: Check Your Chrome Policies

1. On a target client device, open Chrome Browser and navigate to chrome://policy to see all policies that are applied.

2. You can also check your extension by navigating to chrome://extensions and ensuring your extensions are being forcefully installed.  

Note: You may need to run gpupdate/force, in an elevated command prompt, to apply this new group policy to the PCs.

 

Introduction

The extension for the Apty Assist Client is provided to the customers as an installable MSI file. The MSI needs to be installed by all the users but this can also be done by the system admins for mass installation. This step-by-step article describes how to use Group Policy to automatically distribute programs to client computers or users. You can use Group Policy to distribute computer programs by using the following methods:  

Assigning Software  

You can assign a program distribution to users or computers. If you assign the program to a user, it is installed when the user logs on to the computer. When the user first runs the program, the installation is completed. If you assign the program to a computer, it is installed when the computer starts, and it is available to all users who log on to the computer. When a user first runs the program, the installation is completed.  

Publishing Software  

You can publish a program distribution to users. When the user logs on to the computer, the published program is displayed in the Add or Remove Programs dialog box, and it can be installed from there.  

 TOPICS

To create a distribution point 

To publish or assign a computer program, you must create a distribution point on the publishing server. To do this, follow these steps:  

  1. Log into the server as an Administrator.
  2. Create a shared network folder where you will put the Microsoft Windows Installer package (.msi file) that you want to distribute.  
  3. Set permissions for sharing to allow access to the distribution package. 
  4. Copy or install the package to the distribution point. For example, to distribute Microsoft Office XP, run the administrative installation (setup.exe /a) to copy the files to the distribution point.    

To create a Group Policy Object (GPO) to distribute the software package, follow these steps:

  1. Start the Active Directory Users and Computers snap-in. To do this, click  Start, point to Administrative Tools, and then click Active Directory Users and Computers
  2. In the console tree, right-click your domain, and then click Properties
  3. Click the Group Policy tab > New.
  4. Type a name for this new policy (for example, Office XP distribution), and then press Enter.
  5. Access Properties > Security tab.
  6. Clear the Apply Group Policy check box for the security groups that you don't want this policy to apply to. Alternatively, select the Apply Group Policy check box for the groups that you want this policy to apply to.
  7. Once all the required settings have been defined, click OK.

To assign a package 

To assign a program to computers that are running Windows Server 2003, Windows 2000, or Windows XP Professional, or to users who are logging on to one of these workstations, follow these steps:    

  1. Start the Active Directory Users and Computers snap-in. To do this, click Start, point to Administrative Tools, and then click Active Directory Users and Computers.  
  2. In the console tree, right-click your domain, and then click Properties.
  3. Click the Group Policy tab > Edit.  
  4. Under Computer Configuration, expand Software Settings.  
  5. Right-click Software installation, point to New and then click Package.  
  6. In the Open dialog box, type the full Universal Naming Convention (UNC) path of the shared installer package that you want. For example, \\file server\share\file name.msi.  
  7. Click Open
  8. Click Assigned > OK. The package is listed in the right-pane of the Group Policy window.  
  9. Close the Group Policy snap-in, click OK, and then close the Active Directory Users and Computers snap-in. 

When the client computer starts, the managed software package is automatically installed.  

To publish a package  

To publish a package to computer users and make it available for installation from the Add or Remove Programs list in Control Panel, follow these steps:  

  1. Start the Active Directory Users and Computers snap-in. To do this, click Start, point to Administrative Tools, and then click Active Directory Users and Computers.  
  2. In the console tree, right-click your domain, and then click Properties.  
  3. Click the Group Policy tab > Edit
  4. Under User Configuration, expand Software Settings.
  5. Right-click Software installation, point to New, and then click Package.  
  6. In the Open dialog box, type the full UNC path of the shared installer package that you want. For example,\\file server\share\file name.msi.
  7. Click Open.  
  8. Click Publish, and then click OK.  
  9. The package is listed in the right-pane of the Group Policy window.  
  10. Close the Group Policy snap-in, click OK, and then close the Active Directory Users and Computers snap-in.  
  11. Test the package.

To auto Enable Remote Extension Installation

With the latest update on IE any third party add-ons do not auto enable directly once we deploy them remotely.  There are few settings that needs to configured to avoid users from enabling or disabling any add-on. There are two methods that can be used for this process:

Method 1: Using Group policy Editor: 

  1. Type gpedit.msc in RUN or Start search box and press Enter. The Group Policy Editor opens.  
  2. Navigate to following path: Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer  
  3. In right-side pane, double-click the Automatically activate/enable newly installed add-ons option and set it to Enabled.  
  4. Applying this setting permanently disable the popup notification message in the Internet Explorer.  

Method 2: Using Registry Editor(regedit)  

  1. Type regedit in RUN or Start search box and press Enter. The Group Policy Editor opens.
  2. Now go to following key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\  
  3. Create a new key under Policies  key and set its name to "Ext"
  4. Now select the new "Ext" key and in right-side pane, create a new DWORD IgnoreFrameApprovalCheck and set its value to 1.  

To redeploy a package 

In some cases, you may want to redeploy a software package (for example, if you upgrade or change the package). To redeploy a package, follow these steps:  

  1. Start the Active Directory Users and Computers snap-in. To do this, click Start, point to Administrative Tools, and then click Active Directory Users and Computers.
  2. In the console tree, right-click your domain, and then click Properties.  
  3. Click the Group Policy tab > Group Policy Object that you used to deploy the package > Edit.  
  4. Expand the Software Settings container that contains the software installation item that you used to deploy the package.  
  5. Click the software installation container that contains the package.  
  6. In the right-pane of the Group Policy window, right-click the program, point to All Tasks, and then click Redeploy application. The following message is displayed: Redeploying this application will reinstall the application everywhere it is already installed. Do you want to continue?  
  7. Click Yes.  
  8. Quit the Group Policy snap-in, click OK, and then close the Active Directory Users and Computers snap-in.

To remove a package

To remove a published or assigned package, follow these steps:  

1.Start the Active Directory Users and Computers snap-in. To do this, click Start, point to Administrative Tools, and then click Active Directory Users and Computers.

2.In the console tree, right-click your domain, and then click Properties.

3.Click the Group Policy tab > Group Policy Object that you used to deploy the package > Edit.  

4.Expand the Software Settings container that contains the software installation item that you used to deploy the package. 

5.Click the software installation container that contains the package.  

6.In the right-pane of the Group Policy window, right-click the program, point to All Tasks, and then click Remove.

7.Do one of the following: 

  • Click Immediately uninstall the software from users and computers, and then click OK.
  • Click Allow users to continue to use the software but prevent new installations, and then click OK.

8.Close the Group Policy snap-in, click OK, and then closet the Active Directory Users and Computers snap-in.

 

Mass Distribution for Mozilla Firefox with GPO

Introduction

This document provides step-by-step instructions on how to utilize your Active Directory Group Policy Management against Firefox Policy templates to deploy the Apty Client Browser extension to all PCs in your organization.

Topics

Step 1: Downloading Firefox Policy Templates 

1. Download Firefox templates by visiting the link below:

https://github.com/mozilla/policy-templates/releases

2. Extract archive in the temporary location 

Step 2: Adding Firefox .admx and .adml files to Group Policy 

1. Navigate to the directory in which you extracted the Firefox Policy Template file and copy the firefox.admx file located within the\policy_templates_v.(version)\windows directory to C:\Windows\PolicyDefinitions 

2. Navigate to the directory in which you extracted the Firefox Policy Template file and copy the firefox.adml file located within the\policy_templates_v.(version)\windows\en-US directory to C:\Windows\PolicyDefinitions\en-US 

Note: If a different language is desired instead of en-US, please navigate to the directory for the correct language of your choosing. Example: es-ES 

Step 3: Create or Configure your Firefox Policy 

1.  Open the Group Policy Manager on your domain controller and expand out your domain -> Group Policy Objects. If you currently do not have a Group Policy created in which you want to utilize for Chrome Policies, proceed to right-click on Group Policy Objects and create a New Policy.

2. Name the policy something relevant. Ex: “FirefoxAptyAddon”

3. Once created, right-click the new policy, and select Edit.

4. Expand out Firefox Policy -> Computer Configuration -> Policies -> Administrative Templates -> Firefox -> Extensions

5. Edit the Extensions to Install setting.

6. Tick the Enabled button, and then click the Show button.

7. Add the following text.

https://client.app.apty.io/production/<tenantID>/client-firefox-4.5.1.xpi

8. Click OK

9. Click Apply and then click OK 

10. Next, right-click and Edit the Prevent extensions from being disabled or removed

11. Tick the Enable button, and then click the Show button.

12. Add the following text and click OK.

      aptyprod@gmail.com

13. Click Apply and then click OK 

14. Exit the Group Policy Management Editor, Right Click the OU of your choice, which contains your Computers or Users, and select Link an Existing GPO.

15. Select the Firefox Apty Addon Policy and click OK 

16. For any PC or User within that OU, the Firefox Apty Addon Policy will automatically install the Apty Client Browser Extension

Step 4: Check Your Firefox Policies

1. On a target client device, open Firefox and navigate to about:policies to see all policies that are applied. 

2. You can also check your extension getting installed in the addons list

Note: You may need to run gpupdate /force, in an elevated command prompt, to apply this new group policy to the PCs. 

 

Mass Distribution for Microsoft Edge Chromium with GPO

Introduction

This document provides step-by-step instructions on how to utilize your Active Directory Group Policy Management against Microsoft Edge templates to deploy the Apty Client Browser extension to all PCs in your organization.

Topics

Step 1: Downloading Edge Policy Templates 

1. Download Edge templates by visiting the link below 

https://www.microsoft.com/en-us/edge/business/download

2. Choose your operating system and Edge version 

3. Click Get Policy Files 

4. Browse to the directory in which you saved the downloaded Microsoft Edge Policy Templates.zip file. Extract the contents of the Microsoft Edge Policy Templates.zip file to your desired location. Example: C:\temp 

Step 2: Adding Edge .admx and .adml files to Group Policy 

1. Navigate to the directory in which you extracted the Microsoft Edge Templates zip file and copy the msedge.admx file located within the\windows\admx directory to C:\Windows\PolicyDefinitions 

2. Navigate to the directory in which you extracted the Microsoft Edge Templates zip file and copy the msedge.adml file located within the\windows\admx\en-US directory to C:\Windows\PolicyDefinitions\en-US

Note: If a different language is required instead of en-US, please navigate to the directory for the correct language of your choosing.Example:es-ES 

 

Step 3: Create or Configure your Edge Policy 

1. Open the Group Policy Manager on your domain controller and expand out your domain -> Group Policy Objects. If you currently do not have a Group Policy created in which you want to utilize for Chrome Policies, proceed to right-click on Group Policy Objects and create a New Policy.

2. Name the policy something relevant. Example: “Edge Policy”

3. Once created, right-click the new policy and select Edit.

4. Expand out Edge Policy -> Computer Configuration -> Policies -> Administrative Templates -> Microsoft Edge -> Extensions then right click and Edit in the “Control which extensions are installed silently” 

 

5. Select the Enable radio button, and then click the Show button. 

6. Add the following value.

{extension-id};https://apty-assist-production-s3.s3.amazonaws.com/production/{tenant-id}/update.xml

7. Click OK

Note: The Extension ID will be provided to you by the Customer Success Manager.

8. Click Apply and then click OK

9. Next, right-click the Configure extension installation whitelist and select Edit from the context menu

10. Select the Enabled radio button, and then click the Show button. 

11. Add the following text and click OK

https://apty-assist-production-s3.s3.amazonaws.com/*

12. Click Apply and then click OK 

13. Exit the Group Policy Management Editor, right-click the OU of your choice, which contains your Computers or Users,  and select Link an Existing GPO

14. Select the “Edge Policy” (the one which is created now) and click OK

15. For any PC or User within that OU, the “Edge Policy” will automatically install the Apty Client Browser Extension

Step 4: Check Your Edge Policies

1. On a target client device, open Microsoft Edge and navigate to edge://policy  to see all policies that are applied. 

2. You can also check your extension by navigating to edge://extensions and ensuring your extensions are being forcefully installed. 

NOTE: You may need to run gpupdate /force, in an elevated command prompt, to apply this new group policy to the PCs. 

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk