Question

Creating Custom Configuration Profile Payload for Google Chrome

8 years ago
September 2, 2016
6 replies
0 views

+19

dstranathan
Valued Contributor
568 replies

Im working on my first custom payload for an OS X configuration profile. This particular profile will be for Google Chrome. I want to mange these (2) SSO settings:

AuthNegotiateDelegateWhitelist=.mycompany.org
AuthServerWhitelist=.mycompany.org

I'm looking for advice to confirm if Im understand the steps correctly:

-Manually configure up the prefences I want in Googe Chrome on a "clean" IT test Mac. Quit Chrome.
-Open the com.google.Chrome.plist file in a text editor and remove all extraneous key/value pairs that I do NOT want to manage.
-Convert the .plist file to XML (/usr/bin/plutil -convert xml1 /path/to/file)
-Create a new Configuration Profile in the JSS and chose "Custom" Payload.
-Upload the customized XML com.google.Chrome.plist file to the JSS.
- Scope the Configuration Profile accordingly, etc

Do these steps look correct?

Once created and uploaded, can I manage this profile at the computer level? Or does it have to be managed at the user level (Im asking because Chrome preferences generally exisit at the user level). Will computer level settings trump all user preferences for these specific settings?

Is this a best way to manage the Google Chrome settings, than compared to my current method of running a Policy/script that uses OS X's /usr/bin/defaults command to recursivley write these settings to each user's Google Chrome preferenes?

+22

boberito
Jamf Heroes
449 replies
8 years ago
September 3, 2016

Not sure about that exact setting

But that's what we do to manage some settings in Chrome

We do DisablePrintPreview=true which then makes chrome use the system printing dialog vs Chrome's. And we have a bunch of extensions I block with ExtensionInstallBlacklist.

+19

dstranathan
Author
Valued Contributor
568 replies
8 years ago
September 3, 2016

Do you apply to the computer level or the user level?

+22

boberito
Jamf Heroes
449 replies
8 years ago
September 3, 2016

Computer level so that it sets it for all potential users on the computer

+23

milesleacy
Valued Contributor
512 replies
8 years ago
September 3, 2016

@dstranathan Your general methodology is correct.

@boberito I'd be interested in seeing more about your ExtensionInstallBlacklist settings.

+22

boberito
Jamf Heroes
449 replies
8 years ago
September 3, 2016

So we found kids using VPN extensions to get around our content filtering. Unfortunately, it's a cat and mouse game to block them. BUUUUUT it kind of works.

{ExtensionInstallBlacklist=[gjknjjomckknofjidppipffbpoekiipm, omdakjcmkglenbhjadbccaookpfjihpa, mjnbclmflcpookeapghfhapeffmpodij, ckiahbcmlmkpfiijecbpflfahoimklke, kpiecbcckbofpmkkkdibbllpinceiihk, fdcgdnkidjaadafnichfpabhfomcebme, gkojfkhlekighikafcpjkiklfbnlmeio, omghfjlpggmjjaagoclmmobgdodcjboh, fcbnikgemihknccdjaihjnfbapinljpi, nlbejmccbhkncgokjcmghpfloaajcffj, enhcpffgidjhkgnnmiaeennhgjldopeh, caaaookbdgdemjmegjgnbpmlchibhmpd, eoeecjmgnmpnljngnagabdpmahamaaoh, mafcnffiekamcoipelofhbnpnhjppged, pbfcogippadlgmoiejpmcpooakejfbma, bmafohpcljaaadcongfnhcikddlnaoin, bohjiepdaibaajbeedilfpdniijmmccf, odiddbcijempnhhobijfbggjogofdlgl, deoodoglhbmpafkajmlggnjnngdclnie, fjfggdolkejgbladjgiafdfdddahiipg, omghfjlpggmjjaagoclmmobgdodcjboh, eelphgpfmjhndihoopgadghfonahifel, aonncbclmineeaebnfdadmaclpbogbdl, heajfgnegopeedndeahkdjedjkjcmnpb, majigdgagomodbnkdkllbdmcjhmkpomo, kfblffmcfhcclgeeialffpdamibbpkma, bihmplhobchoageeokmgbdihknkjbknd, oknedbefhljbabbioodiahaapfbogceg, icpklikeghomkemdellmmkoifgfbakio, dpplabbmogkhghncfbfdeeokoefdjegm, padekgcemlokbadohgkifijomclgjgif, cmgnmcnlncejehjlnhaglpnoolgbflbd, pooljnboifbodgifngpppfklhifechoe, gcknhkkoolaabfmlnjonogaaifnjlfnp, dookpfaalaaappcdneeahomimbllocnb, iilpibhiihokecnbdkaminemnmecjfed, nbcojefnccbanplpoffopkoepjmhgdgh, mpmikmnnnoacchojfpdgfdgpkfgajhim], DisablePrintPreview=true}

If you go to the chrome web store and click on any of the things in there the address has the unique ID for each chrome app - for example for Polar Photo Editor - https://chrome.google.com/webstore/detail/polarr-photo-editor/djonnbgfieijldcieafgjcnhmpcfpmgg?utm_source=chrome-ntp-icon

deborahgagnon
New Contributor
1 reply
7 years ago
February 1, 2018

I tried this but am very confused. How does the config profile I created override the default Chrome settings? More to the question - I did this and it did not do anything .... I modified the plist to change default home page etc and when I open Chrome (after I deploy my config profile) - it does NOT open to the home page I set in my plist....confused?

Reply

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

Cookie settings

We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.

Basic
Functional

Normal
Functional + analytics

Complete
Functional + analytics + social media + embedded videos + marketing

Reply

Related topics

Set Home Page for MS Edge using a Configuration Profileicon

Custom Schemas For Application Configuration Profilesicon

Upgrading to El Capitanicon

Google Chrome Manifest force Flag to Enabledicon

Need help with deployment of Google chrome extension using jssicon

Most helpful members this week

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded

Cookie policy

Cookie settings