With the end of support for Internet Explorer (IE) in June 2022, companies will have to switch to a modern browser. In many cases, it will be Microsoft Edge because it offers some compatibility features. First and foremost, it can use the integrated IE engine to open legacy pages or applications. Group policies offer several options for this.
The various removable storage media, which can be connected to a PC via plug-and-play, pose a risk of data theft or infection with malware. Admins can prevent the installation of such devices via Group Policy. A recently introduced setting now allows whitelisting of the approved peripherals.
GPOZaurr and other tools help you with consolidation in the short-to-medium term, but as you move forward, there are other changes you can make that will make things much simpler and easier to manage. To make a significant difference to these user KPIs, there are two areas that must be concentrated on—folder redirection and loopback policy processing. This is my third post in my series about Group Policy consolidation.
GPOZaurr from Evotec IT is a PowerShell module that is very useful for consolidating and managing Group Policy. In this post, I will demonstrate how you can use GPOZaurr to create Group Policy reports and deal with broken, disabled, invalid, or inapplicable GPOs. This is the second post in my series about Group Policy consolidation.
In this series of three posts, I will discuss various tools that allow you to manage and consolidate your Group Policy environment. In today's article, I will make some general remarks and take a look at two useful GPO tools: Get-GpoReport and Advanced Group Policy Management.
Chromium-based Edge has been part of Windows 10 since 20H2. Internet Explorer (IE) is still on board, but its support ends in June 2022. If you want to replace it with a managed Edge, you will have to deal with tasks such as configuring GPOs and updates or redirecting legacy websites to IE.
Each Windows PC contains its own set of administrative templates for group policies. However, they can be better managed in a central location. This is all the more true when ADMX files are added for several applications. Updating templates in the Group Policy Central Store can be tricky, though.
You can use group policies to set access rights to directories or files for multiple computers. They not only save you the interactive configuration but also ensure that permissions do not deviate from the default in the future.
Since Windows 10 1909, Microsoft has displayed a widget in the taskbar that shows content from MSN, such as weather or stock quotes. These "news and interests" are probably not required or desired in most professional environments. They can be deactivated via Group Policy.
The new Edge is great but since it’s from Microsoft, Bing is the default search engine out of the box. To change it, you can simply go to the Settings page, Privacy, search, and services, and click the Address bar and search at the bottom of the page. From there, you can manage search engines, add or set one as default, etc.
This will be fine if you are setting it for yourself. If you have many computers to manage through Active Directory, setting it up via Group Policy make things a lot easier.
Open Group Policy Manager, heading over to the following:
User Configuration > Policies > Administrative Templates > Microsoft Edge
Double click the Manage Search Engines setting on the right.
Microsoft Edge has a beautiful new tab page that has a search box defaulting to Bing. So to make things a bit more consistently, I’d recommend to enable and set the “Configure the new tab page search box experience” policy to Address bar. What it does is that when you type the search term in the search box in the new tab page, it will redirect you to the address bar, which uses the browser’s default search engine.
The policy is located at:
User Configuration > Policies > Administrative Templates > Microsoft Edge > Default search provider