Group Policy and Mobile Device Management (MDM) settings for Microsoft Edge

Applies to: Microsoft Edge on Windows 10 and Windows 10 Mobile

You can customize your organization’s browser settings in Microsoft Edge with Group Policy or Microsoft Intune, or other MDM service. When you do this, you set the policy once and then copy it onto many computers—that is, touch once, configure many. For example, you can set up multiple security settings in a Group Policy Object (GPO) linked to a domain, and then apply those settings to every computer in the domain.

Other policy settings in Microsoft Edge include allowing Adobe Flash content to play automatically, provision a favorites list, set default search engine, and more. You configure a Group Policy setting in the Administrative Templates folders, which are registry-based policy settings that Group Policy enforces. Group Policy stores these settings in a specific registry location, which users cannot change. Also, Group Policy-aware Windows features and applications look for these settings in the registry, and if found the policy setting gets used instead of the regular settings.

You can find the Microsoft Edge Group Policy settings in the following location of the Group Policy Editor:

      Computer Configuration\Administrative Templates\Windows Components\Microsoft Edge\

When you edit a Group Policy setting, you have the following configuration options:

  • Enabled - writes the policy setting to the registry with a value that enables it.
  • Disabled - writes the policy setting to the registry with a value that disables it.
  • Not configured - leaves the policy setting undefined. Group Policy does not write the policy setting to the registry and has no impact on computers or users.

Some policy settings have additional options you can configure. For example, if you want to set the default search engine, set the Start page, or configure the Enterprise Mode Site List, you would type the URL.

Allow a shared books folder

Supported versions: Microsoft Edge on Windows 10, version 1803
Default setting: Disabled or not configured (Not allowed)

Microsoft Edge does not use a shared folder by default but downloads book files to a per-user folder for each user. With this policy, you can configure Microsoft Edge to store books from the Books Library to a default, shared folder in Windows, which decreases the amount of storage used by book files. When you enable this policy, Microsoft Edge downloads books to a shared folder after user action to download the book to their device, which allows them to remove downloaded books at any time. For this policy to work correctly, you must also enable the Allow a Windows app to share application data between users group policy. Also, the users must be signed in with a school or work account.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured
(default)
0 0 Prevented. Microsoft Edge downloads book files to a per-user folder for each user. Most restricted value
Enabled 1 1 Allowed. Microsoft Edge downloads book files to a shared folder. For this policy to work correctly, you must also enable the Allow a Windows app to share application data between users group policy, which you can find:

Computer Configuration\Administrative Templates\Windows Components\App Package Deployment\

Also, the users must be signed in with a school or work account.


Allow a shared books folder

ADMX info and settings

ADMX info

  • GP English name: Allow a shared Books folder
  • GP name: UseSharedFolderForBooks
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/UseSharedFolderForBooks
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/UseSharedFolderForBooks
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\BooksLibrary
  • Value name: UseSharedFolderForBooks
  • Value type: REG_DWORD

Allow a Windows app to share application data between users: With this policy, you can configure Windows 10 to share application data among multiple users on the system and with other instances of that app. Data shared through the SharedLocal folder is available through the Windows.Storage API. If you previously enabled this policy and now want to disable it, any shared app data remains in the SharedLocal folder.


Allow Address bar drop-down list suggestions

Supported versions: Microsoft Edge on Windows 10, version 1703 or later
Default setting: Enabled or not configured (Allowed)

Microsoft Edge shows the Address bar drop-down list and makes it available by default, which takes precedence over the Configure search suggestions in Address bar policy. We recommend disabling this policy if you want to minimize network connections from Microsoft Edge to Microsoft service, which hides the functionality of the Address bar drop-down list. When you disable this policy, Microsoft Edge also disables the Show search and site suggestions as I type toggle in Settings.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled 0 0 Prevented. Hide the Address bar drop-down list and disable the Show search and site suggestions as I type toggle in Settings. Most restricted value
Enabled or not configured (default) 1 1 Allowed. Show the Address bar drop-down list and make it available.

ADMX info and settings

ADMX info

  • GP English name: Allow Address bar drop-down list suggestions
  • GP name: AllowAddressBarDropdown
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowAddressBarDropdown
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowAddressBarDropdown
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\ServiceUI
  • Value name: ShowOneBox
  • Value type: REG_DWORD

Configure search suggestions in Address bar: By default, users cannot add, remove, or change any of the search engines in Microsoft Edge, but they can set a default search engine. You can set the default search engine using the Set default search engine policy. However, with this policy, you can configure up to five additional search engines and set any one of them as the default. If you previously enabled this policy and now want to disable it, disabling deletes all configured search engines.


Allow Adobe Flash

Supported versions: Microsoft Edge on Windows 10
Default setting: Enabled or not configured (Allowed)

Adobe Flash is integrated with Microsoft Edge and runs Adobe Flash content by default. With this policy, you can configure Microsoft Edge to prevent Adobe Flash content from running.

Supported values

Group Policy MDM Registry Description
Disabled 0 0 Prevented
Enabled (default) 1 1 Allowed

ADMX info and settings

ADMX info

  • GP English name: Allow Adobe Flash
  • GP name: AllowFlash
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowFlash
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowAdobeFlash
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Addons
  • Value name: FlashPlayerEnabled
  • Value type: REG_DWORD

Allow clearing browsing data on exit

Supported versions: Microsoft Edge on Windows 10, version 1703 or later
Default setting: Disabled or not configured (Prevented)

Microsoft Edge does not clear the browsing data on exit by default, but users can configure the Clear browsing data option in Settings. Browsing data includes information you entered in forms, passwords, and even the websites visited. With this policy, you can configure Microsoft Edge to clear the browsing data automatically each time Microsoft Edge closes.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured (default) 0 0 Prevented. Users can configure the Clear browsing data option in Settings.
Enabled 1 1 Allowed. Clear the browsing data upon exit automatically. Most restricted value

ADMX info and settings

ADMX info

  • GP English name: Allow clearing browsing data on exit
  • GP name: AllowClearingBrowsingDataOnExit
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/ClearBrowsingDataOnExit
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/ClearBrowsingDataOnExit
  • Data type: Integer

Registry

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Privacy
  • Value name: ClearBrowsingHistoryOnExit
  • Value type: REG_DWORD

Allow configuration updates for the Books Library

Supported versions: Microsoft Edge on Windows 10, version 1803 or later
Default setting: Enabled or not configured (Allowed)

Microsoft Edge automatically updates the configuration data for the Books library. Disabling this policy prevents Microsoft Edge from updating the configuration data. If Microsoft receives feedback about the amount of data about the Books library, the data comes as a JSON file.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled 0 0 Prevented. Most restricted value
Enabled or not configured
(default)
1 1 Allowed. Microsoft Edge updates the configuration data for the Books Library automatically.

ADMX info and settings

ADMX info

  • GP English name: Allow configuration updates for the Books Library
  • GP name: AllowConfigurationUpdateForBooksLibrary
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowConfigurationUpdateForBooksLibrary
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowConfigurationUpdateForBooksLibrary
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\BooksLibrary
  • Value name: AllowConfigurationUpdateForBooksLibrary
  • Value type: REG_DWORD

Manage connections from Windows operating system components to Microsoft services: Learn about the network connections from Windows to Microsoft services. Also, learn about the privacy settings that affect the data shared with either Microsoft or apps and how to manage them in an enterprise. You can configure diagnostic data at the lowest level for your edition of Windows and evaluate which other connections Windows makes to Microsoft services you want to turn off in your environment.


Allow Cortana

Supported versions: Microsoft Edge on Windows 10
Default setting: Enabled (Allowed)

Since Microsoft Edge is integration with Cortana, Microsoft Edge allows users to use Cortana voice assistant by default. With this policy, you can configure Microsoft Edge to prevent users from using Cortana but can still search to find items on their device.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled 0 0 Prevented. Users can still search to find items on their device. Most restricted value
Enabled
(default)
1 1 Allowed.

ADMX info and settings

ADMX info

  • GP English name: Allow Cortana
  • GP name: AllowCortana
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Experience/AllowCortana
  • Supported devices: Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Experience/AllowCortana
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\Windows\Windows Search
  • Value name: AllowCortana
  • Value type: REG_DWORD

Allow Developer Tools

Supported versions: Microsoft Edge on Windows 10, version 1511 or later
Default setting: Enabled (Allowed)

Microsoft Edge allows users to use the F12 developer tools to build and debug web pages by default. With this policy, you can configure Microsoft Edge to prevent users from using the F12 developer tools.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled 0 0 Prevented Most restricted value
Enabled 1 1 Allowed

ADMX info and settings

ADMX info

  • GP English name: Allow Developer Tools
  • GP name: AllowDeveloperTools
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowDeveloperTools
  • Supported devices: Desktop
  • URI full Path: ./Vendor/MSFT/Policy/Config/Browser/AllowDeveloperTools
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\F12
  • Value name: AllowDeveloperTools
  • Value type: REG_DWORD

Allow extended telemetry for the Books tab

Supported versions: Microsoft Edge on Windows 10, version 1803 or later
Default setting: Disabled or not configured (Gather and send only basic diagnostic data)

By default, and depending on the device configuration, Microsoft Edge gathers basic diagnostic data about the books in the Books Library and sends it to Microsoft. Enabling this policy gathers and sends both basic and additional diagnostic data, such as usage data.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured
(default)
0 0 Gather and send only basic diagnostic data. Most restricted value
Enabled 1 1 Gather all diagnostic data. For this policy to work correctly, you must set the diagnostic data in Settings > Diagnostics & feedback to Full.

ADMX info and settings

ADMX info

  • GP English name: Allow extended telemetry for the Books tab
  • GP name: EnableExtendedBooksTelemetry
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/EnableExtendedBooksTelemetry
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/EnableExtendedBooksTelemetry
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\BooksLibrary
  • Value name: EnableExtendedBooksTelemetry
  • Value type: REG_DWORD

Allow Extensions

Supported versions: Microsoft Edge on Windows 10, version 1607 or later
Default setting: Enabled or not configured (Allowed)

Microsoft Edge allows users to add or personalize extensions in Microsoft Edge by default. With this policy, you can configure Microsoft to prevent users from adding or personalizing extensions.

Supported values

Group Policy MDM Registry Description
Disabled 0 0 Prevented
Enabled or not configured
(default)
1 1 Allowed

ADMX info and settings

ADMX info

  • GP English name: Allow Extensions
  • GP name: AllowExtensions
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowExtensions
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowExtensions
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Extensions
  • Value name: ExtensionsEnabled
  • Value type: REG_DWORD

Microsoft browser extension policy: This document describes the supported mechanisms for extending or modifying the behavior or user experience of Microsoft Edge and Internet Explorer or the content displayed by these browsers. Any technique not explicitly listed in this document is considered unsupported.


Allow fullscreen mode

Supported versions: Microsoft Edge on Windows 10, version 1809
Default setting: Enabled or not configured (Allowed)

Microsoft Edge allows fullscreen mode by default, which shows only the web content and hides the Microsoft Edge UI. When allowing fullscreen mode, users and extensions must have the proper permissions. Disabling this policy prevents fullscreen mode in Microsoft Edge.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled 0 0 Prevented Most restricted value
Enabled
(default)
1 1 Allowed

ADMX info and settings

ADMX info

  • GP English name: Allow fullscreen mode
  • GP name: AllowFullScreenMode
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowFullscreen
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowFullscreen
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: AllowFullScreenMode
  • Value type: REG_DWORD

Allow InPrivate browsing

Supported versions: Microsoft Edge on Windows 10, version 1511 or later
Default setting: Enabled or not configured (Allowed)

By default, Microsoft Edge allows InPrivate browsing, and after closing all InPrivate tabs, Microsoft Edge deletes the browsing data from the device. With this policy, you can configure Microsoft Edge to prevent InPrivate web browsing.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled 0 0 Prevented Most restricted value
Enabled or not configured
(default)
1 1 Allowed

ADMX info and settings

ADMX info

  • GP English name: Allow InPrivate browsing
  • GP name: AllowInPrivate
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowInPrivate
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowInPrivate
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: AllowInPrivate
  • Value type: REG_DWORD

Allow Microsoft Compatibility List

Supported versions: Microsoft Edge on Windows 10, version 1607 or later
Default setting: Enabled or not configured (Allowed)

During browser navigation, Microsoft Edge checks the Microsoft Compatibility List for websites with known compatibility issues. If found, users are prompted to use Internet Explorer, where the site loads and displays correctly. Periodically during browser navigation, Microsoft Edge downloads the latest version of the list and applies the updates. With this policy, you can configure Microsoft Edge to ignore the compatibility list. You can view the compatibility list at about:compat.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled 0 0 Prevented Most restricted value
Enabled or not configured
(default)
1 1 Allowed

ADMX info and settings

ADMX info

  • GP English name: Allow Microsoft Compatibility List
  • GP name: AllowCVList
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowMicrosoftCompatibilityList
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowMicrosoftCompatibilityList
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\BrowserEmulation
  • Value name: MSCompatibilityMode
  • Value type: REG_DWORD

Allow Microsoft Edge to pre-launch at Windows startup, when the system is idle, and each time Microsoft Edge is closed

Supported versions: Microsoft Edge on Windows 10, version 1809
Default setting: Enabled or not configured (Allowed)

Microsoft Edge pre-launches as a background process during Windows startup when the system is idle waiting to be launched by the user. Pre-launching helps the performance of Microsoft Edge and minimizes the amount of time required to start Microsoft Edge. You can also configure Microsoft Edge to prevent from pre-launching.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled 0 0 Prevented Most restrictive value
Enabled or not configured
(default)
1 1 Allowed

ADMX info and settings

ADMX info

  • GP English name: Allow Microsoft Edge to pre-launch at Windows startup, when the system is idle, and each time Microsoft Edge is closed
  • GP name: AllowPreLaunch
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowPrelaunch
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowPrelaunch
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\
  • Value name: AllowPrelaunch
  • Value type: REG_DWORD

Allow Microsoft Edge to load the Start and New Tab page at Windows startup and each time Microsoft Edge is closed

Supported versions: Microsoft Edge on Windows 10, version 1802
Default setting: Enabled or not configured (Allowed)

Microsoft Edge allows preloading of the Start and New Tab pages during Windows sign in, and each time Microsoft Edge closes by default. Preloading minimizes the amount of time required to start Microsoft Edge and load a new tab. With this policy, you can configure Microsoft Edge to prevent preloading of tabs.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled 0 0 Prevented. Most restricted value
Enabled or not configured
(default)
1 1 Allowed. Preload Start and New Tab pages.

ADMX info and settings

ADMX info

  • GP English name: Allow Microsoft Edge to load the Start and New Tab pages in the background at Windows startup and each time Microsoft Edge is closed
  • GP name: AllowTabPreloading
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowTabPreloading
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowTabPreloading
  • Data type: Integer

Registry settings

  • Path: HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\TabPreloader
  • Value name: AllowTabPreloading
  • Value type: REG_DWORD

Allow printing

Supported versions: Microsoft Edge on Windows 10, version 1809
Default setting: Enabled or not configured (Allowed)

Microsoft Edge allows users to print web content by default. With this policy, you can configure Microsoft Edge to prevent users from printing web content.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled 0 0 Prevented Most restrictive value
Enabled or not configured
(default)
1 1 Allowed

ADMX info and settings

ADMX info

  • GP English name: Allow printing
  • GP name: AllowPrinting
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowPrinting
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowPrinting
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: AllowPrinting
  • Value type: REG_DWORD

Allow Saving History

Supported versions: Microsoft Edge on Windows 10, version 1809
Default setting: Enabled or not configured (Allowed)

Microsoft Edge saves the browsing history of visited websites and shows them in the History pane by default. Disabling this policy prevents Microsoft Edge from saving the browsing history. If browsing history existed before disabling this policy, the previous browsing history remains in the History pane. Disabling this policy does not stop roaming of existing browsing history or browsing history from other devices.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled 0 0 Prevented Most restricted value
Enabled or not configured
(default)
1 1 Allowed

ADMX info and settings

ADMX info

  • GP English name: Allow Saving History
  • GP name: AllowSavingHistory
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowSavingHistory
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowSavingHistory
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: AllowSavingHistory
  • Value type: REG_DWORD

Allow search engine customization

Supported versions: Microsoft Edge on Windows 10, version 1703 or later
Default setting: Enabled or not configured (Allowed)

By default, users can add new search engines or change the default search engine, in Settings. With this policy, you can prevent users from customizing the search engine in Microsoft Edge.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled 0 0 Prevented Most restricted value
Enabled or not configured
(default)
1 1 Allowed

ADMX info and settings

ADMX info
  • GP English name: Allow search engine customization
  • GP name: AllowSearchEngineCustomization
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowSearchEngineCustomization
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowSearchEngineCustomization
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Protected
  • Value name: AllowSearchEngineCustomization
  • Value type: REG_DWORD
  • Set default search engine: By default, Microsoft Edge uses the search engine specified in App settings, letting users make changes at any time unless the Allow search engine customization policy is disabled, which restricts users from making changes. With this policy, you can either remove or use the policy-set search engine. When you remove the policy-set search engine, Microsoft Edge uses the specified search engine for the market, which lets users make changes to the default search engine. You can use the policy-set search engine specified in the OpenSearch XML, which prevents users from making changes.

  • Configure additional search engines: By default, users cannot add, remove, or change any of the search engines in Microsoft Edge, but they can set a default search engine. You can set the default search engine using the Set default search engine policy. However, with this policy, you can configure up to five additional search engines and set any one of them as the default. If you previously enabled this policy and now want to disable it, disabling deletes all configured search engines.

  • Manage connections from Windows operating system components to Microsoft services: Learn about the network connections from Windows to Microsoft services. Also, learn about the privacy settings that affect the data shared with either Microsoft or apps and how to manage them in an enterprise. You can configure diagnostic data at the lowest level for your edition of Windows and evaluate which other connections Windows makes to Microsoft services you want to turn off in your environment.

  • Search provider discovery: Microsoft Edge follows the OpenSearch 1.1 specification to discover and use web search providers. When a user browses to a search service, the OpenSearch description is picked up and saved for later use. Users can then choose to add the search service to use in the Microsoft Edge address bar.


Allow sideloading of Extensions

Supported versions: Microsoft Edge on Windows 10, version 1809
Default setting: Enabled (Allowed)

By default, Microsoft Edge allows sideloading, which installs and runs unverified extensions. Disabling this policy prevents sideloading of extensions but does not prevent sideloading using Add-AppxPackage via PowerShell. You can only install extensions through Microsoft store (including a store for business), enterprise storefront (such as Company Portal) or PowerShell (using Add-AppxPackage).

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured 0 0 Prevented. Disabling does not prevent sideloading of extensions using Add-AppxPackage via PowerShell. To prevent this, you must enable the Allows development of Windows Store apps and installing them from an integrated development environment (IDE) group policy, which you can find:

Computer Configuration\Administrative Templates\Windows Components\App Package Deployment\

For the MDM setting, set the ApplicationManagement/AllowDeveloperUnlock policy to 1 (enabled).

Most restricted value
Enabled
(default)
1 1 Allowed.

ADMX info and settings

ADMX info

  • GP English name: Allow sideloading of Extensions
  • GP name: AllowSideloadingOfExtensions
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowSideloadingExtensions
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowSideloadingExtensions
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Extensions
  • Value name: AllowSideloadingOfExtensions
  • Value type: REG_DWORD

Enable your device for development: Access development features, along with other developer-focused settings to make it possible for you to develop, test, and debug apps. Learn how to configure your environment for development, the difference between Developer Mode and sideloading, and the security risks of Developer mode.


Allow web content on New Tab page

Supported versions: Microsoft Edge on Windows 10
Default setting: Enabled (the default New Tab page loads)

By default, Microsoft Edge loads the default New Tab page and lets the users make changes. If you disable this policy, a blank page loads instead of the New Tab page and prevents users from changing it.

Supported values

Group Policy MDM Registry Description
Disabled 0 0 Load a blank page instead of the default New Tab page and prevent users from making changes.
Enabled or not configured (default) 1 1 Load the default New Tab page and the users make changes.

ADMX info and settings

ADMX info

  • GP English name: Allow web content on New Tab page
  • GP name: AllowWebContentOnNewTabPage
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowWebContentOnNewTabPage
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowWebContentOnNewTabPage
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\ServiceUI
  • Value name: AllowWebContentOnNewTabPage
  • Value type: REG_DWORD

Set New Tab page URL: Microsoft Edge loads the default New Tab page by default. Enabling this policy lets you set a New Tab page URL in Microsoft Edge, preventing users from changing it. When you enable this policy, and you disable the Allow web content on New Tab page policy, Microsoft Edge ignores any URL specified in this policy and opens about:blank.


Always show the Books Library in Microsoft Edge

Supported versions: Microsoft Edge on Windows 10, version 1709 or later
Default setting: Disabled or not configured

Microsoft Edge shows the Books Library only in countries or regions where supported. With this policy, you can configure Microsoft Edge to show the Books Library regardless of the device’s country or region.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured
(default)
0 0 Show the Books Library only in countries or regions where supported. Most restricted value
Enabled 1 1 Show the Books Library, regardless of the device’s country or region.

ADMX info and settings

ADMX info

  • GP English name: Always show the Books Library in Microsoft Edge
  • GP name: AlwaysEnableBooksLibrary
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AlwaysEnableBooksLibrary
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AlwaysEnableBooksLibrary
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: AlwaysEnableBooksLibrary
  • Value type: REG_DWORD

Configure additional search engines

Supported versions: Microsoft Edge on Windows 10, version 1703 or later
Default setting: Disabled or not configured (Prevented)

By default, users cannot add, remove, or change any of the search engines in Microsoft Edge, but they can set a default search engine. You can set the default search engine using the Set default search engine policy. However, with this policy, you can configure up to five additional search engines and set any one of them as the default. If you previously enabled this policy and now want to disable it, disabling deletes all configured search engines.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured
(default)
0 0 Prevented. Use the search engine specified in App settings.

If you enabled this policy and now want to disable it, all previously configured search engines get removed.

Most restricted value
Enabled 1 1 Allowed. Add up to five additional search engines and set any one of them as the default.

For each search engine added you must specify a link to the OpenSearch XML file that contains, at a minimum, the short name and URL template (HTTPS) of the search engine. For more information about creating the OpenSearch XML file, see Search provider discovery.


ADMX info and settings

ADMX info

  • GP English name: Configure additional search engines
  • GP name: ConfigureAdditionalSearchEngines
  • GP element: ConfigureAdditionalSearchEngines_Prompt
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/ConfigureAdditionalSearchEngines
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/ConfigureAdditionalSearchEngines
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\OpenSearch
  • Value name: ConfigureAdditionalSearchEngines
  • Value type: REG_SZ
  • Set default search engine: By default, Microsoft Edge uses the search engine specified in App settings, letting users make changes at any time unless the Allow search engine customization policy is disabled, which restricts users from making changes. With this policy, you can either remove or use the policy-set search engine. When you remove the policy-set search engine, Microsoft Edge uses the specified search engine for the market, which lets users make changes to the default search engine. You can use the policy-set search engine specified in the OpenSearch XML, which prevents users from making changes.

  • Allow search engine customization: By default, users can add new search engines or change the default search engine, in Settings. With this policy, you can prevent users from customizing the search engine in Microsoft Edge.

  • Microsoft browser extension policy: This document describes the supported mechanisms for extending or modifying the behavior or user experience of Microsoft Edge and Internet Explorer or the content displayed by these browsers. Any technique not explicitly listed in this document is considered unsupported.

  • Search provider discovery: Rich search integration is built into the Microsoft Edge address bar, including search suggestions, results from the web, your browsing history, and favorites.


Configure Autofill

Supported versions: Microsoft Edge on Windows 10
Default setting: Not configured (Blank)

By default, users can choose to use the Autofill feature to populate the form fields automatically. With this policy, you can configure Microsoft Edge, when enabled to use Autofill or, when disabled to prevent using Autofill.

Supported values

Group Policy MDM Registry Description Most restricted
Not configured
(default)
Blank Blank Users can choose to use Autofill.
Disabled 0 no Prevented. Most restricted value
Enabled 1 yes Allowed.

ADMX info and settings

ADMX info

  • GP English name: Configure Autofill
  • GP name: AllowAutofill
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowAutofill
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowAutofill
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: Use FormSuggest
  • Value type: REG_SZ

Configure collection of browsing data for Microsoft 365 Analytics

Supported versions: Microsoft Edge on Windows 10, version 1809
Default setting: Disabled or not configured (No data collected or sent)

Microsoft Edge does not send browsing history data to Microsoft 365 Analytics by default. With this policy though, you can configure Microsoft Edge to send intranet history only, internet history only, or both to Microsoft 365 Analytics for enterprise devices with a configured Commercial ID.

Important

For this policy to work, enable the Allow Telemetry group policy with the Enhanced option and enable the Configure the Commercial ID group policy by providing the Commercial ID.

You can find these policies in the following location of the Group Policy Editor:

Computer Configuration\Administrative Templates\Windows Components\Data Collection and Preview Builds\

  • Allow Telemetry = Enabled and set to Enhanced
  • Configure the Commercial ID = String of the Commercial ID
  • Configure collection of browsing data for Microsoft 365 Analytics = Enabled

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured
(default)
0 0 No data collected or sent Most restricted value
Enabled 1 1 Send intranet history only
Enabled 2 2 Send Internet history only
Enabled 3 3 Send both intranet and Internet history

ADMX info and settings

ADMX info

  • GP English name: Configure collection of browsing data for Microsoft 365 Analytics
  • GP name: ConfigureTelemetryForMicrosoft365Analytics
  • GP element: ZonesListBox
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

Registry settings

  • Path: HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection
  • Value name: MicrosoftEdgeDataOptIn
  • Value type: REG_DWORD
  • Allow Telemetry: Allows Microsoft to run diagnostics on the device and troubleshoot. The default setting for Allow Telemetry is set to Enhanced (2 for MDM).

  • Configure the Commercial ID: Define the Commercial ID used to associate the device's telemetry data as belonging to a given organization.


Configure cookies

Supported versions: Microsoft Edge on Windows 10
Default setting: Disabled or not configured (Allow all cookies from all sites)

Microsoft Edge allows all cookies from all websites by default. With this policy, you can configure Microsoft to block only 3rd-party cookies or block all cookies.

Supported values

Group Policy MDM Registry Description Most restricted
Enabled 0 0 Block all cookies from all sites. Most restricted value
Enabled 1 1 Block only coddies from third party websites.
Disabled or not configured
(default)
2 2 Allow all cookies from all sites.

ADMX info and settings

ADMX info

  • GP English name: Configure cookies
  • GP name: Cookies
  • GP element: CookiesListBox
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowCookies
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowCookies
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: Cookies
  • Value type: REG_DWORD

Configure Do Not Track

Supported versions: Microsoft Edge on Windows 10
Default setting: Not configured (Do not send tracking information)

Microsoft Edge does not send ‘Do Not Track’ requests to websites asking for tracking information, but users can choose to send tracking information to sites they visit. With this policy, you can configure Microsoft Edge to send or never send tracking information.

Supported values

Group Policy MDM Registry Description Most restricted
Not configured
(default)
Blank Blank Do not send tracking information but let users choose to send tracking information to sites they visit.
Disabled 0 0 Never send tracking information.
Enabled 1 1 Send tracking information. Most restricted value

ADMX info and settings

ADMX info

  • GP English name: Configure Do Not Track
  • GP name: AllowDoNotTrack
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowDoNotTrack
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowDoNotTrack
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: DoNotTrack
  • Value type: REG_DWORD

Configure Favorites

Discontinued in the Windows 10 October 2018 Update. Use the Provision Favorites group policy instead.


Configure Favorites Bar

Supported versions: Microsoft Edge on Windows 10, version 1809
Default setting: Not configured (Hidden but shown on the Start and New Tab pages)

Microsoft Edge hides the favorites bar by default but shows it on the Start and New Tab pages. Also, by default, the Favorites Bar toggle, in Settings, is set to Off but enabled letting users make changes. With this policy, you can configure Microsoft Edge to either show or hide the Favorites Bar on all pages.

Supported values

Group Policy MDM Registry Description
Not configured (default) Blank Blank Hidden but shown on the Start and New Tab pages.

Favorites Bar toggle (in Settings) = Off and enabled letting users make changes.

Disabled 0 0 Hidden on all pages.
  • Favorites Bar toggle (in Settings) = Off and disabled preventing users from making changes
  • Show bar/Hide bar option (in the context menu) = hidden
Enabled 1 1 Shown on all pages.
  • Favorites Bar toggle (in Settings) = On and disabled preventing users from making changes
  • Show bar/Hide bar option (in the context menu) = hidden

ADMX info and settings

ADMX info

  • GP English name: Configure Favorites Bar
  • GP name: ConfigureFavoritesBar
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/ConfigureFavoritesBar
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/ConfigureFavoritesBar
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: ConfigureFavoritesBar
  • Value type: REG_DWORD

Configure Home Button

Supported versions: Microsoft Edge on Windows 10, version 1809
Default setting: Disabled or not configured (Show home button and load the Start page)

Microsoft Edge shows the home button and by clicking it the Start page loads by default. With this policy, you can configure the home button to load the New Tab page or a URL defined in the Set Home Button URL policy. You can also configure Microsoft Edge to hide the home button.

Supported values

Group Policy MDM Registry Description
Disabled or not configured
(default)
0 0 Load the Start page.
Enabled 1 1 Load the New Tab page.
Enabled 2 2 Load the custom URL defined in the Set Home Button URL policy.
Enabled 3 3 Hide the home button.

Tip

If you want to make changes to this policy:

  1. Enable the Unlock Home Button policy.
  2. Make changes to the Configure Home Button policy or Set Home Button URL policy.
  3. Disable the Unlock Home Button policy.

ADMX info and settings

ADMX info

  • GP English name: Configure Home Button
  • GP name: ConfigureHomeButton
  • GP element: ConfigureHomeButtonDropdown
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/ConfigureHomeButton
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/ConfigureHomeButton
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Internet Settings
  • Value name: ConfigureHomeButton
  • Value type: REG_DWORD
  • Set Home Button URL: By default, Microsoft Edge shows the home button and loads the Start page, and locks down the home button to prevent users from changing what page loads. Enabling this policy loads a custom URL for the home button. When you enable this policy, and enable the Configure Home Button policy with the Show home button & set a specific page option selected, a custom URL loads when the user clicks the home button.

  • Unlock Home Button: By default, when you enable the Configure Home Button policy or provide a URL in the Set Home Button URL policy, Microsoft Edge locks down the home button to prevent users from changing the settings. When you enable this policy, users can make changes to the home button even if you enabled the Configure Home Button or Set Home Button URL policies.


Configure kiosk mode

Supported versions: Microsoft Edge on Windows 10, version 1809
Default setting: Not configured

Configure how Microsoft Edge behaves when it’s running in kiosk mode with assigned access, either as a single-app or as one of many apps running on the kiosk device. You can control whether Microsoft Edge runs InPrivate full screen, InPrivate multi-tab with a tailored experience for kiosks, or normal browsing in Microsoft Edge.

For this policy to work, you must configure Microsoft Edge in assigned access; otherwise, Microsoft Edge ignores the settings in this policy. To learn more about assigned access and kiosk configuration, see Configure kiosk and shared devices running Windows desktop editions.

Supported values

Single-app

thumbnail

Digital/interactive signage

Displays a specific site in full-screen mode, running Microsoft Edge InPrivate protecting user data.

  • Digital signage does not require user interaction.

    Example. Use digital signage for things like a rotating advertisement or menu.

  • Interactive signage, on the other hand, requires user interaction within the page but doesn’t allow for any other uses, such as browsing the internet.

    Example. Use interactive signage for things like a building business directory or restaurant order/pay station.

Policy setting = Not configured (0 default)

 

thumbnail

Public browsing

Runs a limited multi-tab version of Microsoft Edge, protecting user data. Microsoft Edge is the only app users can use on the device, preventing them from customizing Microsoft Edge. Users can only browse publically or end their browsing session.

The single-app public browsing mode is the only kiosk mode that has an End session button. Microsoft Edge also resets the session after a specified time of user inactivity. Both restart Microsoft Edge and clear the user’s session.

Example. A public library or hotel concierge desk are two examples of public browsing that provides access to Microsoft Edge and other apps.

Policy setting = Enabled (1)

Multi-app

thumbnail

Normal browsing

Runs a full-version of Microsoft Edge with all browsing features and preserves the user data and state between sessions.

Some features may not work depending on what other apps you have configured in assigned access. For example, installing extensions or books from the Microsoft store are not allowed if the store is not available. Also, if Internet Explorer 11 is set up in assigned access, you can enable EnterpriseModeSiteList to automatically switch users to Internet Explorer 11 for sites that need backward compatibility support.

Policy setting = Not configured (0 default)

 

thumbnail

Public browsing

Runs a multi-tab version of Microsoft Edge InPrivate with a tailored experience for kiosks that runs in full-screen mode. Users can open and close Microsoft Edge and launch other apps if allowed by assigned access. Instead of an End session button to clear their browsing session, the user closes Microsoft Edge normally.

In this configuration, Microsoft Edge can interact with other applications. For example, if Internet Explorer 11 is set up in multi-app assigned access, you can enable EnterpriseModeSiteList to automatically switch users to Internet Explorer 11 for sites that need backward compatibility support.

Example. A public library or hotel concierge desk are two examples of public browsing that provides access to Microsoft Edge and other apps.

Policy setting = Enabled (1)


ADMX info and settings

ADMX info

  • GP English name: Configure kiosk mode
  • GP name: ConfigureKioskMode
  • GP element: ConfigureKioskMode_TextBox
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/ConfigureKioskMode
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/ConfigureKioskMode
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\KioskMode
  • Value name: ConfigureKioskMode
  • Value type: REG_SZ

Configure kiosk reset after idle timeout: You can configure Microsoft Edge kiosk mode to reset to the configured start experience after a specified amount of idle time in minutes (0-1440). The reset timer begins after the last user interaction. Once the idle time meets the time specified, a confirmation message prompts the user to continue, and if no user action, Microsoft Edge kiosk mode resets after 30 seconds. Resetting to the configured start experience deletes the current user’s browsing data.

Deploy Microsoft Edge kiosk mode: Microsoft Edge kiosk mode works with assigned access to allow IT administrators, to create a tailored browsing experience designed for kiosk devices. In this deployment guidance, you learn about the different Microsoft Edge kiosk mode types to help you determine what configuration is best suited for your kiosk device. You also learn about the other group policies to help you enhance the how to set up your Microsoft Edge kiosk mode experience.


Configure kiosk reset after idle timeout

Supported versions: Microsoft Edge on Windows 10, version 1809
Default setting: 5 minutes

You can configure Microsoft Edge kiosk mode to reset to the configured start experience after a specified amount of idle time in minutes (0-1440). The reset timer begins after the last user interaction. Once the idle time meets the time specified, a confirmation message prompts the user to continue, and if no user action, Microsoft Edge kiosk mode resets after 30 seconds. Resetting to the configured start experience deletes the current user’s browsing data.

You must set the Configure kiosk mode policy to enabled (1 - InPrivate public browsing) and configure Microsoft Edge as a single-app in assigned access for this policy to take effect; otherwise, Microsoft Edge ignores this setting. To learn more about assigned access and kiosk configuration, see Configure kiosk and shared devices running Windows desktop editions.

Supported values

  • Any integer from 1-1440 (5 minutes is the default) – The time in minutes from the last user activity before Microsoft Edge kiosk mode resets to the default kiosk configuration. A confirmation dialog displays for the user to cancel or continue and automatically continues after 30 seconds.

  • 0 – No idle timer.

ADMX info and settings

ADMX info

  • GP English name: Configure kiosk reset after idle timeout
  • GP name: ConfigureKioskResetAfterIdleTimeout
  • GP element: ConfigureKioskResetAfterIdleTimeout_TextBox
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/ConfigureKioskResetAfterIdleTimeout
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/ConfigureKioskResetAfterIdleTimeout
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\KioskMode
  • Value name:ConfigureKioskResetAfterIdleTimeout
  • Value type: REG_DWORD

Configure kiosk mode: Configure how Microsoft Edge behaves when it’s running in kiosk mode with assigned access, either as a single-app or as one of many apps running on the kiosk device. You can control whether Microsoft Edge runs InPrivate full screen, InPrivate multi-tab with a tailored experience for kiosks, or normal browsing in Microsoft Edge.

Deploy Microsoft Edge kiosk mode: Microsoft Edge kiosk mode works with assigned access to allow IT administrators, to create a tailored browsing experience designed for kiosk devices. In this deployment guidance, you learn about the different Microsoft Edge kiosk mode types to help you determine what configuration is best suited for your kiosk device. You also learn about the other group policies to help you enhance the how to set up your Microsoft Edge kiosk mode experience.


Configure Open Microsoft Edge With

Supported versions: Microsoft Edge on Windows 10, version 1809
Default setting: Enabled (A specific page or pages)

By default, Microsoft Edge loads a specific page or pages defined in the Configure Start Pages policy and allow users to make changes. With this policy, you can configure Microsoft Edge to load either the Start page, New Tab page, previously opened pages. You can also configure Microsoft Edge to prevent users from changing or customizing the Start page. For this policy to work correctly, you must also configure the Configure Start Pages. If you want to prevent users from making changes, don’t configure the Disable Lockdown of Start Pages policy.

Version 1703 or later:
If you don't want to send traffic to Microsoft, use the <about:blank> value, which honors both domain and non domain-joined devices when it's the only configured URL.

version 1809:
When you enable this policy (Configure Open Microsoft Edge With) and select an option, and also enable the Configure Start Pages policy, Microsoft Edge ignores the Configure Start Page policy.

Supported values

Group Policy MDM Registry Description
Not configured Blank Blank If you don't configure this policy and you enable the Disable Lockdown of Start Pages policy, users can change or customize the Start page.
Enabled 0 0 Load the Start page.
Enabled 1 1 Load the New Tab page.
Enabled 2 2 Load the previous pages.
Enabled
(default)
3 3 Load a specific page or pages.

Tip

If you want to make changes to this policy:

  1. Set the Disabled Lockdown of Start Pages policy to not configured.
  2. Make changes to the Configure Open Microsoft With policy.
  3. Enable the Disabled Lockdown of Start Pages policy.

ADMX info and settings

ADMX info

  • GP English name: Configure Open Microsoft Edge With
  • GP name: ConfigureOpenMicrosoftEdgeWith
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/ConfigureOpenEdgeWith
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/ConfigureOpenEdgeWith
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Internet Settings
  • Value name: ConfigureOpenEdgeWith
  • Value type: REG_DWORD
  • Configure Start pages: By default, Microsoft Edge loads the pages specified in App settings as the default Start pages. With this policy, you can configure one or more Start pages when you enable this policy and enable the Configure Open Microsoft Edge With policy. Once you set the Start pages, either in this policy or Configure Open Microsoft Edge With policy, users cannot make changes.

  • Disable lockdown of Start pages: By default, the Start pages configured in either the Configure Start Pages policy or Configure Open Microsoft Edge policies cannot be changed and remain locked down. Enabling this policy unlocks the Start pages, and lets users make changes to either all configured Start page or any Start page configured with the Configure Start pages policy.


Configure Password Manager

Supported versions: Microsoft Edge on Windows 10
Default setting: Enabled (Allowed/users can change the setting)

By default, Microsoft Edge uses Password Manager automatically, allowing users to manager passwords locally. Disabling this policy restricts Microsoft Edge from using Password Manager. Don’t configure this policy if you want to let users choose to save and manage passwords locally using Password Manager.

Supported values

Group Policy MDM Registry Description Most restricted
Not configured Blank Blank Users can choose to save and manage passwords locally.
Disabled 0 no Not allowed. Most restricted value
Enabled
(default)
1 yes Allowed.

Verify not allowed/disabled settings:

  1. Click or tap More (…) and select Settings > View Advanced settings.
  2. Verify the settings Save Password is toggled off or on and is greyed out.

ADMX info and settings

ADMX info

  • GP English name: Configure Password Manager
  • GP name: AllowPasswordManager
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowPasswordManager
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowPasswordManager
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: FormSuggest Passwords
  • Value type: REG_SZ

Configure Pop-up Blocker

Supported versions: Microsoft Edge on Windows 10
Default setting: Disabled (Turned off)

By default, Microsoft Edge turns off Pop-up Blocker, which opens pop-up windows. Enabling this policy turns on Pop-up Blocker preventing pop-up windows from opening. If you want users to choose to use Pop-up Blocker, don’t configure this policy.

Supported values

Group Policy MDM Registry Description Most restricted
Not configured Blank Blank Users can choose to use Pop-up Blocker.
Disabled
(default)
0 0 Turned off. Allow pop-up windows to open.
Enabled 1 1 Turned on. Prevent pop-up windows from opening. Most restricted value

ADMX info and settings

ADMX info

  • GP English name: Configure Pop-up Blocker
  • GP name: AllowPopups
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowPopups
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowPopups
  • Data type: Integer

Registry

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: AllowPopups
  • Value type: REG_SZ

Configure search suggestions in Address bar

Supported versions: Microsoft Edge on Windows 10
Default setting: Not configured (Blank)

By default, users can choose to see search suggestions in the Address bar of Microsoft Edge. Disabling this policy hides the search suggestions and enabling this policy shows the search suggestions.

Supported values

Group Policy MDM Registry Description Most restricted
Not configured
(default)
Blank Blank Users can choose to see search suggestions.
Disabled 0 0 Prevented. Hide the search suggestions. Most restricted value
Enabled 1 1 Allowed. Show the search suggestions.

ADMX info and settings

ADMX info

  • GP English name: Configure search suggestions in Address bar
  • GP name: AllowSearchSuggestionsinAddressBar
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowSearchSuggestionsinAddressBar
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowSearchSuggestionsinAddressBar
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\SearchScopes
  • Value name: ShowSearchSuggestionsGlobal
  • Value type: REG_DWORD

Configure Start pages

Supported versions: Microsoft Edge on Windows 10, version 1703 or later
Default setting: Blank or not configured (Load pages specified in App settings)

By default, Microsoft Edge loads the pages specified in App settings as the default Start pages. With this policy, you can configure one or more Start pages when you enable this policy and enable the Configure Open Microsoft Edge With policy. Once you set the Start pages, either in this policy or Configure Open Microsoft Edge With policy, users cannot make changes.

Supported values

Group Policy MDM Registry Description
Not configured Blank Blank Load the pages specified in App settings as the default Start pages.
Enabled String String Enter the URLs of the pages you want to load as the Start pages, separating each page using angle brackets:

    <support.contoso.com><support.microsoft.com>

Version 1703 or later:
If you do not want to send traffic to Microsoft, use the <about:blank> value, which honors both domain and non-domain-joined devices when it's the only configured URL.

Version 1809:
When you enable the Configure Open Microsoft Edge With policy with any option selected, and you enable the Configure Start Pages policy, the Configure Open Microsoft Edge With policy takes precedence, ignoring the Configure Start Pages policy.


ADMX info and settings

ADMX info

  • GP English name: Configure Start pages
  • GP name: HomePages
  • GP element: HomePagesPrompt
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/HomePages
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/HomePages
  • Data type: String

Registry settings

  • Path: HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Internet Settings
  • Value name: ProvisionedHomePages
  • Value type: REG_SZ
  • Disable Lockdown of Start Pages: By default, the Start pages configured in either the Configure Start Pages policy or Configure Open Microsoft Edge policies cannot be changed and remain locked down. Enabling this policy unlocks the Start pages, and lets users make changes to either all configured Start page or any Start page configured with the Configure Start pages policy.

  • Configure Open Microsoft Edge With: By default, Microsoft Edge loads a specific page or pages defined in the Configure Start Pages policy and allow users to make changes. With this policy, you can configure Microsoft Edge to load either the Start page, New Tab page, previously opened pages. You can also configure Microsoft Edge to prevent users from changing or customizing the Start page. For this policy to work correctly, you must also configure the Configure Start Pages. If you want to prevent users from making changes, don’t configure the Disable Lockdown of Start Pages policy.


Configure the Adobe Flash Click-to-Run setting

Supported versions: Microsoft Edge on Windows 10, version 1703 or later
Default setting: Enabled or not configured (Does not load content automatically)

Microsoft Edge supports Adobe Flash as a built-in feature rather than as an external add-on and updates automatically via Windows Update. By default, Microsoft Edge prevents Adobe Flash content from loading automatically, requiring action from the user, for example, clicking the Click-to-Run button. Depending on how often the content loads and runs, the sites for the content gets added to the auto-allowed list. Disable this policy if you want Adobe Flash content to load automatically.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled 0 0 Load and run Adobe Flash content automatically.
Enabled or not configured
(default)
1 1 Do not load or run Adobe Flash content and require action from the user. Most restricted value

ADMX info and settings

ADMX info

  • GP English name: Configure the Adobe Flash Click-to-Run setting
  • GP name: AllowFlashClickToRun
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowFlashClickToRun
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowFlashClickToRun
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Security
  • Value name: FlashClickToRunMode
  • Value type: REG_DWORD

Configure the Enterprise Mode Site List

Supported versions: Microsoft Edge on Windows 10
Default setting: Disabled or not configured

Microsoft Edge does not support ActiveX controls, Browser Helper Objects, VBScript, or other legacy technology. If you have sites or apps that use this technology, you can configure Microsoft Edge to check the Enterprise Mode Site List XML file that lists the sites and domains with compatibility issues and switch to IE11 automatically. You can use the same site list for both Microsoft Edge and IE11, or you can use separate lists. By default, Microsoft Edge ignores the Enterprise Mode and the Enterprise Mode Site List XML file. In this case, users might experience problems while using legacy apps. These sites and domains must be viewed using Internet Explorer 11 and Enterprise Mode.

Supported values

Group Policy MDM Registry Description
Disabled or not configured
(default)
0 0 Turned off. Microsoft Edge does not check the Enterprise Mode Site List, and in this case, users might experience problems while using legacy apps.
Enabled 1 1 Turned on. Microsoft Edge checks the Enterprise Mode Site List if configured. If an XML file exists in the cache container, IE11 waits 65 seconds and then checks the local cache for a new version from the server. If the server has a different version, Microsoft Edge uses the server file and stores it in the cache container. If you already use a site list, Enterprise Mode continues to work during the 65 seconds, but uses the existing file. To add the location to your site list, enter it in the {URI} box.

For details on how to configure the Enterprise Mode Site List, see Interoperability and enterprise guidance.


ADMX info and settings

ADMX info

  • GP English name: Configure the Enterprise Mode Site List
  • GP name: EnterpriseModeSiteList
  • GP element: EnterSiteListPrompt
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/EnterpriseModeSiteList
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/EnterpriseModeSiteList
  • Data type: String

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Main\EnterpriseMode
  • Value name: SiteList
  • Value type: REG_SZ

Show message opening sites in IE: Microsoft Edge does not show a notification before opening sites in Internet Explorer 11. However, with this policy, you can configure Microsoft Edge to display a notification before a site opens in IE11 or let users continue in Microsoft Edge. If you want users to continue in Microsoft Edge, enable this policy to show the Keep going in Microsoft Edge link in the notification. For this policy to work correctly, you must also enable the Configure the Enterprise Mode Site List or Send all intranet sites to Internet Explorer 11, or both.

  • Use Enterprise Mode to improve compatibility. If you have specific websites and apps that you know have compatibility problems with Microsoft Edge, you can use the Enterprise Mode site list so that the websites automatically open using Internet Explorer 11. Additionally, if you know that your intranet sites aren't going to work correctly with Microsoft Edge, you can set all intranet sites to open using IE11 automatically. Using Enterprise Mode means that you can continue to use Microsoft Edge as your default browser, while also ensuring that your apps continue working on IE11.

  • Use the Enterprise Mode Site List Manager. You can use IE11 and the Enterprise Mode Site List Manager to add individual website domains and domain paths and to specify whether the site renders using Enterprise Mode or the default mode.

  • Enterprise Mode for Internet Explorer 11. Learn how to set up and use Enterprise Mode and the Enterprise Mode Site List Manager in your company.

  • Enterprise Mode and the Enterprise Mode Site List. Internet Explorer and Microsoft Edge can work together to support your legacy web apps, while still defaulting to the higher bar for security and modern experiences enabled by Microsoft Edge. Working with multiple browsers can be difficult, particularly if you have a substantial number of internal sites. To help manage this dual-browser experience, we are introducing a new web tool targeted explicitly towards larger organizations: the Enterprise Mode Site List Portal.

  • Enterprise Mode and the Enterprise Mode Site List XML file. The Enterprise Mode Site List is an XML document that specifies a list of sites, their compat mode, and their intended browser. When you use the Enterprise Mode Site List Manager schema v.2, you can automatically start a webpage using a specific browser. In the case of IE11, the webpage can also launch in a specific compat mode, so it always renders correctly. Your users can quickly view this site list by typing about:compat in either Microsoft Edge or IE11.


Configure Windows Defender SmartScreen

Supported versions: Microsoft Edge on Windows 10
Default setting: Enabled (Turned on)

Microsoft Edge uses Windows Defender SmartScreen (turned on) to protect users from potential phishing scams and malicious software by default. Also, by default, users cannot disable (turn off) Windows Defender SmartScreen. Enabling this policy turns off Windows Defender SmartScreen and prevent users from turning it on. Don’t configure this policy to let users choose to turn Windows defender SmartScreen on or off.

Supported values

Group Policy MDM Registry Description Most restricted
Not configured Blank Blank Users can choose to use Windows Defender SmartScreen.
Disabled 0 0 Turned off. Do not protect users from potential threats and prevent users from turning it on.
Enabled 1 1 Turned on. Protect users from potential threats and prevent users from turning it off. Most restricted value

To verify Windows Defender SmartScreen is turned off (disabled):

  1. Click or tap More (…) and select Settings > View Advanced settings.
  2. Verify the setting Help protect me from malicious sites and download with SmartScreen Filter is disabled.

    Verify that Windows Defender SmartScreen is turned off (disabled)

ADMX info and settings

ADMX info

  • GP English name: Configure Windows Defender SmartScreen
  • GP name: AllowSmartScreen
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/AllowSmartScreen
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/AllowSmartScreen
  • Data type: Integer

Registry settings

  • Path: HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter
  • Value name: EnabledV9
  • Value type: REG_DWORD

Disable lockdown of Start pages

Supported versions: Microsoft Edge on Windows 10
Default setting: Enabled (Start pages are not editable)

By default, the Start pages configured in either the Configure Start Pages policy or Configure Open Microsoft Edge policies cannot be changed and remain locked down. Enabling this policy unlocks the Start pages, and lets users make changes to either all configured Start page or any Start page configured with the Configure Start pages policy.

Supported values

Group Policy MDM Registry Description Most restricted
Not configured 0 0 Locked. Start pages configured in either the Configure Open Microsoft Edge With policy and Configure Start Pages policy are not editable. Most restricted value
Enabled 1 1 Unlocked. Users can make changes to all configured start pages.

When you enable this policy and define a set of URLs in the Configure Start Pages policy, Microsoft Edge uses the URLs defined in the Configure Open Microsoft Edge With policy.


ADMX info and settings

ADMX info

  • GP English name: Disable lockdown of Start pages
  • GP name: DisableLockdownOfStartPages
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/DisableLockdownOfStartPages
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/DisableLockdownOfStartPages
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Internet Settings
  • Value name: DisableLockdownOfStartPages
  • Value type: REG_SZ
  • Configure Start pages: By default, Microsoft Edge loads the pages specified in App settings as the default Start pages. With this policy, you can configure one or more Start pages when you enable this policy and enable the Configure Open Microsoft Edge With policy. Once you set the Start pages, either in this policy or Configure Open Microsoft Edge With policy, users cannot make changes.

  • Configure Open Microsoft Edge With: By default, Microsoft Edge loads a specific page or pages defined in the Configure Start Pages policy and allow users to make changes. With this policy, you can configure Microsoft Edge to load either the Start page, New Tab page, previously opened pages. You can also configure Microsoft Edge to prevent users from changing or customizing the Start page. For this policy to work correctly, you must also configure the Configure Start Pages. If you want to prevent users from making changes, don’t configure the Disable Lockdown of Start Pages policy.

Microsoft browser extension policy: This document describes the supported mechanisms for extending or modifying the behavior or user experience of Microsoft Edge and Internet Explorer or the content displayed by these browsers. Any technique not explicitly listed in this document is considered unsupported.


Do not sync

Supported versions: Microsoft Edge on Windows 10
Default setting: Disabled or not configured (Allowed/turned on)

By default, Microsoft Edge turns on the Sync your settings toggle in Settings > Device sync settings letting users choose what to sync on their devices. Enabling this policy turns off and disables the Sync your settings toggle preventing the syncing of user’s settings between their devices. If you want syncing turned off by default in Microsoft Edge but not disabled, enable this policy and select the Allow users to turn syncing on option.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured
(default)
0 0 Allowed/turned on. Users can choose what to sync to their device.
Enabled 2 2 Prevented/turned off. Disables the Sync your Settings toggle and prevents syncing. Most restricted value

ADMX info and settings

ADMX info

  • GP English name: Do not sync
  • GP name: AllowSyncMySettings
  • GP path: Windows Components/Sync your settings
  • GP ADMX file name: SettingSync.admx

MDM settings

  • MDM name: Experience/AllowSyncMySettings
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Experience/AllowSyncMySettings
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\Windows\SettingSync
  • Value name: DisableSettingSyn
  • Value type: REG_DWORD

About sync setting on Microsoft Edge on Windows 10 devices: Learn about what settings are synced.


Do not sync browser settings

Supported versions: Microsoft Edge on Windows 10
Default setting: Disabled or not configured (Allowed/turned on)

By default, the “browser” group syncs automatically between user’s devices and allowing users to choose to make changes. The “browser” group uses the Sync your Settings option in Settings to sync information like history and favorites. Enabling this policy prevents the “browser” group from using the Sync your Settings option. If you want syncing turned off by default but not disabled, select the Allow users to turn “browser” syncing option.

Supported values

Group Policy MDM Registry Description
Disabled or not configured
(default)
0 0 Allowed/turned on. The “browser” group syncs automatically between user’s devices and lets users to make changes.
Enabled 2 2 Prevented/turned off. The “browser” group does not use the Sync your Settings option.

ADMX info and settings

ADMX info

  • GP English name: Do not sync browser settings
  • GP name: DisableWebBrowserSettingSync
  • GP path: Windows Components/Sync your settings
  • GP ADMX file name: SettingSync.admx

MDM settings

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\Windows\SettingSync
  • Value name: DisableWebBrowserSettingSyncUserOverride
  • **Value

Prevent users from turning on browser syncing: By default, the “browser” group syncs automatically between the user’s devices, letting users make changes. With this policy, though, you can prevent the “browser” group from syncing and prevent users from turning on the Sync your Settings toggle in Settings. If you want syncing turned off by default but not disabled, select the Allow users to turn “browser” syncing option in the Do not sync browser policy. For this policy to work correctly, you must enable the Do not sync browser policy.

About sync setting on Microsoft Edge on Windows 10 devices


Keep favorites in sync between Internet Explorer and Microsoft Edge

Supported versions: Microsoft Edge on Windows 10, version 1703 or later
Default setting: Disabled or not configured (Turned off/not syncing)

By default, Microsoft Edge does not sync the user’s favorites between IE and Microsoft Edge. Enabling this policy syncs favorites between Internet Explorer and Microsoft Edge. Changes to favorites in one browser reflect in the other, including additions, deletions, modifications, and ordering of favorites.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured
(default)
0 0 Turned off/not syncing
Enabled 1 1 Turned on/syncing Most restricted value

ADMX info and settings

ADMX info

  • GP English name: Keep favorites in sync between Internet Explorer and Microsoft Edge
  • GP name: SyncFavoritesBetweenIEAndMicrosoftEdge
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/SyncFavoritesBetweenIEAndMicrosoftEdge
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/SyncFavoritesBetweenIEAndMicrosoftEdge
  • Data type: Integer

Registry settings

  • Path: HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: SyncFavoritesBetweenIEAndMicrosoftEdge
  • Value type: REG_DWORD

Prevent access to the about:flags page

Supported versions: Microsoft Edge on Windows 10, version 1607 or later
Default setting: Disabled or not configured (Allowed)

By default, users can access the about:flags page in Microsoft Edge, which is used to change developer settings and enable experimental features. Enabling this policy prevents users from accessing the about:flags page.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured
(default)
0 0 Allowed
Enabled 1 1 Prevented Most restricted value

ADMX info and settings

ADMX info

  • GP English name: Prevent access to the about:flags page in Microsoft Edge
  • GP name: PreventAccessToAboutFlagsInMicrosoftEdge
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/PreventAccessToAboutFlagsInMicrosoftEdge
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/PreventAccessToAboutFlagsInMicrosoftEdge
  • Data type: Integer

Registry settings

  • Path: HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: PreventAccessToAboutFlagsInMicrosoftEdge
  • Value type: REG_DWORD

Prevent bypassing Windows Defender SmartScreen prompts for files

Supported versions: Microsoft Edge on Windows 10, version 1511 or later
Default setting: Disabled or not configured (Allowed/turned off)

By default, Microsoft Edge allows users to bypass (ignore) the Windows Defender SmartScreen warnings about potentially malicious files, allowing them to continue downloading the unverified file(s). Enabling this policy prevents users from bypassing the warnings, blocking them from downloading of the unverified file(s).

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured
(default)
0 0 Allowed/turned off. Users can ignore the warning and continue to download the unverified file(s).
Enabled 1 1 Prevented/turned on. Most restricted value

ADMX info and settings

ADMX info

  • GP English name: Prevent bypassing Windows Defender SmartScreen prompts for files
  • GP name: PreventSmartScreenPromptOverrideForFiles
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/PreventSmartScreenPromptOverrideForFiles
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/PreventSmartScreenPromptOverrideForFiles
  • Data type: Integer

Registry settings

  • Path: HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter
  • Value name: PreventOverrideAppRepUnknown
  • Value type: REG_DWORD

Prevent bypassing Windows Defender SmartScreen prompts for sites

Supported versions: Microsoft Edge on Windows 10, version 1511 or later
Default setting: Disabled or not configured (Allowed/turned off)

By default, Microsoft Edge allows users to bypass (ignore) the Windows Defender SmartScreen warnings about potentially malicious sites, allowing them to continue to the site. With this policy though, you can configure Microsoft Edge to prevent users from bypassing the warnings, blocking them from continuing to the site.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured
(default)
0 0 Allowed/turned off. Users can ignore the warning and continue to the site.
Enabled 1 1 Prevented/turned on. Most restricted value

ADMX info and settings

ADMX info

  • GP English name: Prevent bypassing Windows Defender SmartScreen prompts for sites
  • GP name: PreventSmartscreenPromptOverride
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/PreventSmartscreenPromptOverride
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/PreventSmartscreenPromptOverride
  • Data type: Integer

Registry settings

  • Path: HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter
  • Value name: PreventOverride
  • Value type: REG_DWORD

Prevent certificate error overrides

Supported versions: Microsoft Edge on Windows 10, version 1809
Default setting: Disabled or not configured (Allowed/turned off)

Microsoft Edge, by default, allows overriding of the security warnings to sites that have SSL errors, bypassing or ignoring certificate errors. Enabling this policy prevents overriding of the security warnings.

Group Policy MDM Registry Description Most restricted
Disabled or not configured
(default)
0 0 Allowed/turned on. Override the security warning to sites that have SSL errors.
Enabled 1 1 Prevented/turned on. Most restricted value

ADMX info and settings

ADMX info

  • GP English name: Prevent certificate error overrides
  • GP name: PreventCertErrorOverrides
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/PreventCertErrorOverrides
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/PreventCertErrorOverrides
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Internet Setting
  • Value name: PreventCertErrorOverrides
  • Value type: REG_DWORD

Prevent changes to Favorites on Microsoft Edge

Supported versions: Microsoft Edge on Windows 10, version 1709 or later
Default setting: Disabled or not configured (Allowed/not locked down)

By default, users can add, import, and make changes to the Favorites list in Microsoft Edge. Enabling this policy locks down the Favorites list in Microsoft Edge, preventing users from making changes. When enabled, Microsoft Edge turns off the Save a Favorite, Import settings, and context menu items, such as Create a new folder. Enable only this policy or the Keep favorites in sync between Internet Explorer and Microsoft Edge policy. If you enable both, Microsoft Edge prevents users from syncing their favorites between the two browsers.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured
(default)
0 0 Allowed/unlocked. Users can add, import, and make changes to the Favorites list.
Enabled 1 1 Prevented/locked down. Most restricted value

ADMX info and settings

ADMX info

  • GP English name: Prevent changes to Favorites on Microsoft Edge
  • GP name: LockdownFavorites
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/LockdownFavorites
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/LockdownFavorites
  • Data type: Integer

Registry settings

  • Path: HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Favorites
  • Value name: LockdownFavorites
  • Value type: REG_DWORD

Prevent Microsoft Edge from gathering Live Tile information when pinning a site to Start

Supported versions: Microsoft Edge on Windows 10, version 1703 or later
Default setting: Disabled or not configured (Collect and send)

By default, Microsoft Edge collects the Live Tile metadata and sends it to Microsoft to help provide users a complete experience when they pin Live Tiles to the Start menu. However, with this policy, you can configure Microsoft Edge to prevent Microsoft from collecting Live Tile metadata, providing users with a limited experience.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured
(default)
0 0 Collect and send Live Tile metadata.
Enabled 1 1 Do not collect data. Most restricted value

ADMX info and settings

ADMX info

  • GP English name: Prevent Microsoft Edge from gathering Live Tile information when pinning a site to Start
  • GP name: PreventLiveTileDataCollection
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/PreventLiveTileDataCollection
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/PreventLiveTileDataCollection
  • Data type: Integer

Registry settings

  • Path: HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: PreventLiveTileDataCollection
  • Value type: REG_DWORD

Prevent the First Run webpage from opening on Microsoft Edge

Supported versions: Microsoft Edge on Windows 10, version 1703 or later
Default setting: Disabled or not configured (Allowed)

By default, when launching Microsoft Edge for the first time, the First Run webpage (a welcome page) hosted on Microsoft.com loads automatically via an FWLINK. The welcome page lists the new features and helpful tips of Microsoft Edge. With this policy, you can configure Microsoft Edge to prevent loading the welcome page on first explicit user-launch.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured
(default)
0 0 Allowed. Load the First Run webpage.
Enabled 1 1 Prevented. Most restricted value

ADMX info and settings

ADMX info

  • GP English name: Prevent the First Run webpage from opening on Microsoft Edge
  • GP name: PreventFirstRunPage
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/PreventFirstRunPage
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/PreventFirstRunPage
  • Data type: Integer

Registry

  • Path: HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: PreventFirstRunPage
  • Value type: REG_DWORD

Prevent turning off required extensions

Supported versions: Microsoft Edge on Windows 10, version 1809
Default setting: Disabled or not configured (Allowed)

Microsoft Edge allows users to uninstall extensions by default. Enabling this policy prevents users from uninstalling extensions but lets them configure options for extensions defined in this policy, such as allowing InPrivate browsing. Any additional permissions requested by future updates of the extension gets granted automatically. If you enabled this policy and now you want to disable it, the list of extension package family names (PFNs) defined in this policy get ignored after disabling this policy.

Supported values

Group Policy Description
Disabled or not configured
(default)
Allowed. Users can uninstall extensions. If you previously enabled this policy and you decide to disable it, the list of extension PFNs defined in this policy get ignored.
Enabled Provide a semi-colon delimited list of extension PFNs. For example, adding the following OneNote Web Clipper and Office Online extension prevents users from turning it off:

Microsoft.OneNoteWebClipper8wekyb3d8bbwe;Microsoft.OfficeOnline8wekyb3d8bbwe

After defining the list of extensions, you deploy them through any available enterprise deployment channel, such as Microsoft Intune.

Removing extensions from the list does not uninstall the extension from the user’s computer automatically. To uninstall the extension, use any available enterprise deployment channel. If you enable the Allow Developer Tools policy, then this policy does not prevent users from debugging and altering the logic on an extension.


ADMX info and settings

ADMX info

  • GP English name: Prevent turning off required extensions
  • GP name: PreventTurningOffRequiredExtensions
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Extensions
  • Value name: PreventTurningOffRequiredExtensions
  • Value type: REG_SZ

Allow Developer Tools: Microsoft Edge allows users to use the F12 developer tools to build and debug web pages by default. With this policy, you can configure Microsoft Edge to prevent users from using the F12 developer tools.


Prevent users from turning on browser syncing

Supported versions: Microsoft Edge on Windows 10, version 1809
Default setting: Enabled or not configured (Prevented/turned off)

By default, the “browser” group syncs automatically between the user’s devices, letting users make changes. With this policy, though, you can prevent the “browser” group from syncing and prevent users from turning on the Sync your Settings toggle in Settings. If you want syncing turned off by default but not disabled, select the Allow users to turn “browser” syncing option in the Do not sync browser policy. For this policy to work correctly, you must enable the Do not sync browser policy.

Supported values

Group Policy MDM Registry Description
Disabled 0 0 Allowed/turned on. Users can sync the browser settings.
Enabled or not configured
(default)
1 1 Prevented/turned off.

ADMX info and settings

ADMX info

  • GP English name: Prevent users from turning on browser syncing
  • GP name: PreventUsersFromTurningOnBrowserSyncing
  • GP path: Windows Components/Sync your settings
  • GP ADMX file name: SettingSync.admx

MDM settings

  • MDM name: Experience/PreventUsersFromTurningOnBrowserSyncing
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Experience/PreventUsersFromTurningOnBrowserSyncing
  • Data type: String

Do not sync browser settings: By default, the “browser” group syncs automatically between user’s devices and allowing users to choose to make changes. The “browser” group uses the Sync your Settings option in Settings to sync information like history and favorites. Enabling this policy prevents the “browser” group from using the Sync your Settings option. If you want syncing turned off by default but not disabled, select the Allow users to turn “browser” syncing option..

About sync setting on Microsoft Edge on Windows 10 devices


Prevent using Localhost IP address for WebRTC

Supported versions: Microsoft Edge on Windows 10, version 1511 or later
Default setting: Disabled or not configured (Allowed/show localhost IP addresses)

By default, Microsoft Edge shows localhost IP address while making calls using the WebRTC protocol. Enabling this policy hides the localhost IP addresses.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured
(default)
0 0 Allowed. Show localhost IP addresses.
Enabled 1 1 Prevented. Most restricted value

ADMX info and settings

ADMX info

  • GP English name: Prevent using Localhost IP address for WebRTC
  • GP name: HideLocalHostIPAddress
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/PreventUsingLocalHostIPAddressForWebRTC
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/PreventUsingLocalHostIPAddressForWebRTC
  • Data type: Integer

Registry settings

  • Path: HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: HideLocalHostIPAddress
  • Value type: REG_DWORD

Provision Favorites

Supported versions: Microsoft Edge on Windows 10, version 1511 or later
Default setting: Disabled or not configured (Customizable)

By default, users can customize the Favorites list in Microsoft Edge. With this policy though, you provision a standard list of favorites, which can include folders, to appear in the Favorites list in addition to the user’s favorites. Edge. Once you provision the Favorites list, users cannot customize it, such as adding folders for organizing, and adding or removing any of the favorites configured.

Important

Enable only this policy or the Keep favorites in sync between Internet Explorer and Microsoft Edge policy. If you enable both, Microsoft Edge prevents users from syncing their favorites between the two browsers.

Supported values

Group Policy Description Most restricted
Disabled or not configured
(default)
Users can customize the favorites list, such as adding folders, or adding and removing favorites.
Enabled Define a default list of favorites in Microsoft Edge. In this case, the Save a Favorite, Import settings, and context menu options (such as Create a new folder) are turned off.

To define a default list of favorites, do the following:

  1. In the upper-right corner of Microsoft Edge, click the ellipses (...) and select Settings.
  2. Click Import from another browser, click Export to file and save the file.
  3. In the Options section of the Group Policy Editor, provide the location that points the file with the list of favorites to provision. Specify the URL as:
    • HTTP location: "SiteList"=https://localhost:8080/URLs.html
    • Local network: "SiteList"="\network\shares\URLs.html"
    • Local file: "SiteList"=file:///c:/Users/Documents/URLs.html
Most restricted value

ADMX info and settings

ADMX info

  • GP English name: Provision Favorites
  • GP name: ConfiguredFavorites
  • GP element: ConfiguredFavoritesPrompt
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/ProvisionFavorites
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/ProvisionFavorites
  • Data type: String

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Favorites
  • Value name: ConfiguredFavorites
  • Value type: REG_SZ

Keep favorites in sync between Internet Explorer and Microsoft Edge: By default, Microsoft Edge does not sync the user’s favorites between IE and Microsoft Edge. Enabling this policy syncs favorites between Internet Explorer and Microsoft Edge. Changes to favorites in one browser reflect in the other, including additions, deletions, modifications, and ordering of favorites.


Send all intranet sites to Internet Explorer 11

Supported versions: Microsoft Edge on Windows 10
Default setting: Disabled or not configured

By default, all websites, including intranet sites, open in Microsoft Edge automatically. Only enable this policy if there are known compatibility problems with Microsoft Edge. Enabling this policy loads only intranet sites in Internet Explorer 11 automatically.

Tip

Microsoft Edge does not support ActiveX controls, Browser Helper Objects, VBScript, or other legacy technology. If you have websites or web apps that still use this technology and needs IE11 to run, you can add them to the Enterprise Mode site list, using Enterprise Mode Site List Manager.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured
(default)
0 0 All sites, including intranet sites, open in Microsoft Edge automatically. Most restricted value
Enabled 1 1 Only intranet sites open in Internet Explorer 11 automatically.

Enabling this policy opens all intranet sites in IE11 automatically, even if the users have Microsoft Edge as their default browser.

  1. In Group Policy Editor, navigate to:

    Computer Configuration\Administrative Templates\Windows Components\File Explorer\Set a default associations configuration file

  2. Click Enable and then refresh the policy to view the affected sites in Microsoft Edge.

    A message opens stating that the page needs to open in IE. At the same time, the page opens in IE11 automatically; in a new frame if it is not yet running, or in a new tab.


ADMX info and settings

ADMX info

  • GP English name: Send all intranet sites to Internet Explorer 11
  • GP name: SendIntranetTraffictoInternetExplorer
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/SendIntranetTraffictoInternetExplorer
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/SendIntranetTraffictoInternetExplorer
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: SendIntranetTraffictoInternetExplorer
  • Value type: REG_DWORD
  • Configure the Enterprise Mode Site List: Microsoft Edge does not support ActiveX controls, Browser Helper Objects, VBScript, or other legacy technology. If you have sites or apps that use this technology, you can configure Microsoft Edge to check the Enterprise Mode Site List XML file that lists the sites and domains with compatibility issues and switch to IE11 automatically. You can use the same site list for both Microsoft Edge and IE11, or you can use separate lists. By default, Microsoft Edge ignores the Enterprise Mode and the Enterprise Mode Site List XML file. In this case, users might experience problems while using legacy apps. These sites and domains must be viewed using Internet Explorer 11 and Enterprise Mode.

  • Show message when opening sites in Internet Explorer: Microsoft Edge does not show a notification before opening sites in Internet Explorer 11. However, with this policy, you can configure Microsoft Edge to display a notification before a site opens in IE11 or let users continue in Microsoft Edge. If you want users to continue in Microsoft Edge, enable this policy to show the Keep going in Microsoft Edge link in the notification. For this policy to work correctly, you must also enable the Configure the Enterprise Mode Site List or Send all intranet sites to Internet Explorer 11, or both.

  • Blog: How Microsoft Edge and Internet Explorer 11 on Windows 10 work better together in the Enterprise. Many customers depend on legacy features only available in older versions of Internet Explorer and are familiar with our Enterprise Mode tools for IE11. The Enterprise Mode has been extended to support to Microsoft Edge by opening any site specified on the Enterprise Mode Site List in IE11. IT Pros can use their existing IE11 Enterprise Mode Site List, or they can create a new one specifically for Microsoft Edge. By keeping Microsoft Edge as the default browser in Windows 10 and only opening legacy line of business sites in IE11 when necessary, you can help keep newer development projects on track, using the latest web standards on Microsoft Edge.

  • Enterprise Mode for Internet Explorer 11 (IE11). Learn how to set up and use Enterprise Mode and the Enterprise Mode Site List Manager in your company.

  • Use the Enterprise Mode Site List Manager. You can use IE11 and the Enterprise Mode Site List Manager to add individual website domains and domain paths and to specify whether the site renders using Enterprise Mode or the default mode.


Set default search engine

Supported versions: Microsoft Edge on Windows 10, version 1703 or later
Default setting: Not configured (Defined in App settings)

By default, Microsoft Edge uses the search engine specified in App settings, letting users make changes at any time unless the Allow search engine customization policy is disabled, which restricts users from making changes. With this policy, you can either remove or use the policy-set search engine. When you remove the policy-set search engine, Microsoft Edge uses the specified search engine for the market, which lets users make changes to the default search engine. You can use the policy-set search engine specified in the OpenSearch XML, which prevents users from making changes.

Supported values

Group Policy MDM Registry Description Most restricted
Not configured
(default)
Blank Blank Use the search engine specified in App settings. If you don't configure this policy and disable the Allow search engine customization policy, users cannot make changes.
Disabled 0 0 Remove or don't use the policy-set search engine and use the search engine for the market, letting users make changes.
Enabled 1 1 Use the policy-set search engine specified in the OpenSearch XML file, preventing users from making changes.

Specify a link to the OpenSearch XML file that contains, at a minimum, the short name and the URL template (HTTPS) of the search engine. For more information about creating the OpenSearch XML file, see Search provider discovery. Use this format to specify the link you want to add.

If you want your users to use the default Microsoft Edge settings for each market, then set the string to EDGEDEFAULT.

If you would like your users to use Microsoft Bing as the default search engine, then set the string to EDGEBING.

Most restricted value

ADMX info and settings

ADMX info

  • GP English name: Set default search engine
  • GP name: SetDefaultSearchEngine
  • GP element: SetDefaultSearchEngine_Prompt
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: SetDefaultSearchEngine
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/SetDefaultSearchEngine
  • Data type: Integer

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\OpenSearch
  • Value name: SetDefaultSearchEngine
  • Value type: REG_SZ
  • Configure additional search engines: By default, users cannot add, remove, or change any of the search engines in Microsoft Edge, but they can set a default search engine. You can set the default search engine using the Set default search engine policy. However, with this policy, you can configure up to five additional search engines and set any one of them as the default. If you previously enabled this policy and now want to disable it, disabling deletes all configured search engines.

  • Allow search engine customization: By default, users can add new search engines or change the default search engine, in Settings. With this policy, you can prevent users from customizing the search engine in Microsoft Edge.

  • Microsoft browser extension policy: This document describes the supported mechanisms for extending or modifying the behavior or user experience of Microsoft Edge and Internet Explorer or the content displayed by these browsers. Any technique not explicitly listed in this document is considered unsupported.

  • Search provider discovery: The Microsoft Edge address bar uses rich search integration, including search suggestions, results from the web, your browsing history, and favorites.


Set Home Button URL

Supported versions: Microsoft Edge on Windows 10, version 1809
Default setting: Disabled or not configured (Blank)

By default, Microsoft Edge shows the home button and loads the Start page, and locks down the home button to prevent users from changing what page loads. Enabling this policy loads a custom URL for the home button. When you enable this policy, and enable the Configure Home Button policy with the Show home button & set a specific page option selected, a custom URL loads when the user clicks the home button.

Supported values

Group Policy MDM Registry Description
Disabled or not configured
(default)
Blank Blank Show the home button, load the Start pages, and lock down the home button to prevent users from changing what page loads.
Enabled - String String String Enter a URL in string format, for example, https://www.msn.com.

For this policy to work, you must also enable the Configure Home Button policy and select the Show home button & set a specific page option.


ADMX info and settings

ADMX info

  • GP English name: Set Home Button URL
  • GP name: SetHomeButtonURL
  • GP element: SetHomeButtonURLPrompt
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/SetHomeButtonURL
  • Supported devices: Desktop and Mobile
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/SetHomeButtonURL
  • Data type: String

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Internet Settings
  • Value name: ConfigureHomeButtonURL
  • Value type: REG_SZ
  • Configure Home Button: Microsoft Edge shows the home button and by clicking it the Start page loads by default. With this policy, you can configure the home button to load the New Tab page or a URL defined in the Set Home Button URL policy. You can also configure Microsoft Edge to hide the home button.

  • Unlock Home Button: By default, when you enable the Configure Home Button policy or provide a URL in the Set Home Button URL policy, Microsoft Edge locks down the home button to prevent users from changing the settings. When you enable this policy, users can make changes to the home button even if you enabled the Configure Home Button or Set Home Button URL policies.


Set New Tab page URL

Supported versions: Microsoft Edge on Windows 10, version 1809
Default setting: Disabled or not configured (Blank)

Microsoft Edge loads the default New Tab page by default. Enabling this policy lets you set a New Tab page URL in Microsoft Edge, preventing users from changing it. When you enable this policy, and you disable the Allow web content on New Tab page policy, Microsoft Edge ignores any URL specified in this policy and opens about:blank.

Supported values

Group Policy MDM Registry Description
Disabled or not configured
(default)
Blank Blank Load the default New Tab page.
Enabled - String String String Enter a URL in string format, for example, https://www.msn.com.

Enabling this policy prevents users from making changes.


ADMX info and settings

ADMX info

  • GP English name: Set New Tab page URL
  • GP name: SetNewTabPageURL
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/SetNewTabPageURL
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/SetNewTabPageURL
  • Data type: String

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Internet Settings
  • Value name: NewTabPageUR
  • Value type: REG_SZ

Allow web content on New Tab page: By default, Microsoft Edge loads the default New Tab page and lets the users make changes. If you disable this policy, a blank page loads instead of the New Tab page and prevents users from changing it.


Show message when opening sites in Internet Explorer

Supported versions: Microsoft Edge on Windows 10, version 1607 and later
Default setting: Disabled or not configured (No additional message)

Microsoft Edge does not show a notification before opening sites in Internet Explorer 11. However, with this policy, you can configure Microsoft Edge to display a notification before a site opens in IE11 or let users continue in Microsoft Edge. If you want users to continue in Microsoft Edge, enable this policy to show the Keep going in Microsoft Edge link in the notification. For this policy to work correctly, you must also enable the Configure the Enterprise Mode Site List or Send all intranet sites to Internet Explorer 11, or both.

Supported values

Group Policy MDM Registry Description Most restricted
Disabled or not configured
(default)
0 0 No additional message displays. Most restricted value
Enabled 1 1 Show an additional message stating that a site has opened in IE11.
Enabled 2 2 Show an additional message with a Keep going in Microsoft Edge link to allow users to open the site in Microsoft Edge.

ADMX info and settings

ADMX info

  • GP English name: Show message when opening sites in Internet Explorer
  • GP name: ShowMessageWhenOpeningSitesInInternetExplorer
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

Registry settings

  • Path: HKLM\Software\Policies\Microsoft\MicrosoftEdge\Main
  • Value name: ShowMessageWhenOpeningSitesInInternetExplorer
  • Value type: REG_DWORD
  • Configure the Enterprise Mode Site List: Microsoft Edge does not support ActiveX controls, Browser Helper Objects, VBScript, or other legacy technology. If you have sites or apps that use this technology, you can configure Microsoft Edge to check the Enterprise Mode Site List XML file that lists the sites and domains with compatibility issues and switch to IE11 automatically. You can use the same site list for both Microsoft Edge and IE11, or you can use separate lists. By default, Microsoft Edge ignores the Enterprise Mode and the Enterprise Mode Site List XML file. In this case, users might experience problems while using legacy apps. These sites and domains must be viewed using Internet Explorer 11 and Enterprise Mode.

  • Send all intranet sites to Internet Explorer 11: By default, all websites, including intranet sites, open in Microsoft Edge automatically. Only enable this policy if there are known compatibility problems with Microsoft Edge. Enabling this policy loads only intranet sites in Internet Explorer 11 automatically.


Unlock Home Button

Supported versions: Microsoft Edge on Windows 10, version 1809
Default setting: Disabled or not configured (Home button is locked)

By default, when you enable the Configure Home Button policy or provide a URL in the Set Home Button URL policy, Microsoft Edge locks down the home button to prevent users from changing the settings. When you enable this policy, users can make changes to the home button even if you enabled the Configure Home Button or Set Home Button URL policies.

Supported values

Group Policy MDM Registry Description
Disabled or not configured
(default)
0 0 Locked, preventing users from making changes.
Enabled 1 1 Unlocked, letting users make changes.

ADMX info and settings

ADMX info

  • GP English name: Unlock Home Button
  • GP name: UnlockHomeButton
  • GP path: Windows Components/Microsoft Edge
  • GP ADMX file name: MicrosoftEdge.admx

MDM settings

  • MDM name: Browser/UnlockHomeButton
  • Supported devices: Desktop
  • URI full path: ./Vendor/MSFT/Policy/Config/Browser/UnlockHomeButton
  • Data type: Integer

Registry settings

  • Path: HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Internet Settings
  • Value name: UnlockHomeButton
  • Value type: REG_DWORD
  • Configure Home Button: Microsoft Edge shows the home button and by clicking it the Start page loads by default. With this policy, you can configure the home button to load the New Tab page or a URL defined in the Set Home Button URL policy. You can also configure Microsoft Edge to hide the home button.

  • Set Home Button URL: By default, Microsoft Edge shows the home button and loads the Start page, and locks down the home button to prevent users from changing what page loads. Enabling this policy loads a custom URL for the home button. When you enable this policy, and enable the Configure Home Button policy with the Show home button & set a specific page option selected, a custom URL loads when the user clicks the home button.