Disable sync account Chrome/Edge

jessil
New Contributor II

Hi,

I'm trying to disable the sync options in the browsers mentioned above.

For Chrome I've found <key>SyncDisabled</key> https://chromeenterprise.google/policies/#SyncDisabled but for some reason is not working, not sure if this is happening because I'm not editing the correct file or saving in the correct path.

Can somebody help me out with this issue?

Thanks in advance.

2 ACCEPTED SOLUTIONS

AJPinto
Valued Contributor II

Your "upload file" should look something like the bit below, and target the com.google.Chrome Preference Domain. Make sure the level in General is set to Computers Level and not User Level.

 

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>SyncDisabled</key>
</dict>
</plist>

 

This is not the key you are trying to set, but an example of what the configuration profile should look like. 

AJPinto_0-1674569176832.png

AJPinto_1-1674569212999.png

 

You can navigate to chrome://policy/ to see what the current policies the browser sees are.

AJPinto_2-1674569295858.png

 

 

View solution in original post

jessil
New Contributor II

I have found the solution.

<dict>
<key>PayloadContent</key>
<dict>
<key>com.google.Chrome</key> -- For Chrome

<key>com.microsoft.Edge</key> -- For Edge

<key></key> -- Firefox (I'm still working on this one)
<dict>
<key>Forced</key>
<array>
<key>SyncDisabled</key>
<true/>
<key>RestrictSigninToPattern</key>
<string>*@example.com</string>
</array>
</dict>
</dict>
</dict>

View solution in original post

4 REPLIES 4

AJPinto
Valued Contributor II

Your "upload file" should look something like the bit below, and target the com.google.Chrome Preference Domain. Make sure the level in General is set to Computers Level and not User Level.

 

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>SyncDisabled</key>
</dict>
</plist>

 

This is not the key you are trying to set, but an example of what the configuration profile should look like. 

AJPinto_0-1674569176832.png

AJPinto_1-1674569212999.png

 

You can navigate to chrome://policy/ to see what the current policies the browser sees are.

AJPinto_2-1674569295858.png

 

 

jessil
New Contributor II

Hi @AJPinto,

Thanks for your answer.

Is it possible to block personal account and allow company one? example *@company.com

jessil
New Contributor II

I have found the solution.

<dict>
<key>PayloadContent</key>
<dict>
<key>com.google.Chrome</key> -- For Chrome

<key>com.microsoft.Edge</key> -- For Edge

<key></key> -- Firefox (I'm still working on this one)
<dict>
<key>Forced</key>
<array>
<key>SyncDisabled</key>
<true/>
<key>RestrictSigninToPattern</key>
<string>*@example.com</string>
</array>
</dict>
</dict>
</dict>

AJPinto
Valued Contributor II

Looks like you are on the right path. Edge and Chrome are both chromium browsers, for the most part their keys are interchangeable. However FireFox is not chromium and will follow its own rules, the key will likely be different assuming its available at all.

 

This should be the list of keys you have for FireFox, but there may be others.

Releases · mozilla/policy-templates (github.com)