Help

Restrict primary accounts in Google Chrome

Steven_Xu
Contributor
Contributor

Posted on ‎11-08-2023 06:24 AM

To prevent user from syncing Chrome data with their personal google account, a custom setting for Google Chrome can be set and deployed by Jamf Pro. 

screenshot-jamfpro.png

Preference Domain: com.google.Chrome

Plist file content:

 

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>RestrictSigninToPattern</key>
    <string>(?:.*@domain1.com|.*@domain2.com)</string>
</dict>   
</plist>

 

 

let's check the managed chrome policy status and the sync result.

Screenshot 2023-11-08 at 22.06.05.pngScreenshot 2023-11-08 at 21.38.49.png

 

 

Labels:
4 REPLIES 4

czarmark
New Contributor III

Posted on ‎11-08-2023 06:45 AM

Intriguing! This is for new installs or new sign-in attempts only? If Chrome's already installed and signed into, pushing out this configuration would have no effect on those situations, right? 

0 Kudos

Steven_Xu
Contributor
Contributor
In response to czarmark

Posted on ‎11-08-2023 06:59 AM

Good question. if Chrome is already installed and logged in, synchronization will be forcibly turned off if the login domain is not on the list, but all current data(bookmarks, history, etc.) will be retained.

0 Kudos

czarmark
New Contributor III

Posted on ‎11-08-2023 09:05 AM

Aha yes I created the configuration profile in our sandbox, signed into a Google account (not in a restricted to domain) in Chrome on a test Mac, then scoped the profile to the Mac, and upon restarting Chrome, it was signed out of the Google account. This is awesome, thanks so much for posting this!

0 Kudos

khinkelman
New Contributor II

2 weeks ago

Is there a way to restrict the sign-in all together? 

0 Kudos