Recently I published a few articles related to the new Microsoft Edge Chromium browser. I described how to deploy and manage the new Edge browser and how to setup a Windows 10 kiosk device based on the new browser. But I didn`t describe in these articles how to set Edge Chromium as default browser on Windows 10, so let`s have a look how this can be done using Microsoft Intune.
Preparation
Setting Edge as default browser can be accomplished by associating the related file types and protocols to the Edge browser. Since Windows 10 1703 we have the option with Microsoft Intune to set default file type and protocol associations using Policy CSP. The policy and related information we need to configure this can be found on Microsoft Docs. Here we find a part of the OMA-URI (ApplicationDefaults/DefaultAssociationsConfiguration) we need in the Intune profile and is described how to create the input for that custom profile.
The steps we need to take to get this configured are:
- Set Edge Chromium as default browser
- From an elevated prompt, run “dism /online /export-defaultappassociations:appassoc.xml”
- Edit the XML file to your needs
- Take the XML output and put it through your favorite base64 encoder app
- Paste the base64 encoded XML into the Intune Custom Configuration profile
Make sure you have set Edge Chromium as default browser.
To generate the XML file with the app associations, open an elevated command prompt and run this command:
Dism /Online /Export-DefaultAppAssociations:”DefaultAssociationsConfiguration.xml”
Open the XML file with a text editor. Here you will find all kind of file type associations, remove the lines of all other file types. Only the four lines related to Edge, as shown below, are needed. Save the XML file.
The next step is to put the XML file in a base64 encoder. Just Google and you will find encoder like Base64 I used.
Put the content of the XML file in the first box and hit Encode.
We need the output later in the Custom Intune Configuration profile
Create a Custom configuration profile
To deploy settings using a Policy CSP, we need to create a Custom configuration profile in Microsoft Intune.
- Sign-in to the Endpoint Manager portal
- Browse to Devices – Windows
- On the Configuration Profiles tab click Create profile
- Give the configuration profile a Name
- Enter a Description (optional)
- Choose Windows 10 as Platform
- Choose Custom as Profile type
- Click the Settings tab
- Click Add
Enter below information to the policy;
Name: DefaultAssociationsConfiguration
OMA-URI: ./Vendor/MSFT/Policy/Config/ApplicationDefaults/DefaultAssociationsConfiguration
Data Type: String
Value: The output from the Base64 encoder
Click OK twice and click Create.
Assign the policy to a security group.
End-user experience
As soon as the new policy is synced to the Windows 10 device, it`s needs a reboot of the device before the configuration becomes active.
You can confirm if the setting is active in the Settings. In the Apps section, on the Default apps tab you will find Microsoft Edge set as default Web browser.
Wow, very cool. Thanks for sharing! How did you know to base64 encode the xml?
You`re welcome Stefan!
Don`t remember for sure, probably from another online article to set the default PDF Reader 🙂
Thank you peter. This is what I was looking for. I did in fact need not MS Edge/Chrome but Google Chrome itself as the default. The same exact steps are applied except to set the default as Google Chrome. I remember having to do something similar years back on an actual windows domain. I have no idea how you managed to piece together the conversion to base64, kudos for figuring that out! And I was also in the same predicament in a domain environment… needing to change the default PDF reader. PDF’s can be finicky. FYI this doesn’t just apply to the default browser. You can modify any other extension that dism outputs and change them to whatever you need. Top-notch article. Thank you again!
You`re welcome JZ!
Great to read the article is also helpful in your case even as you needed Chrome as default 🙂
Thanks a lot, very helpful :).
Great article. I have a question though, does this still apply if legacy Edge is configured in side by side mode? That is what I have configured and when this policy applies, the default web browser is set to Edge legacy. Any assistance is greatly appreciated. Thx
The side by side setting is for testing only, not supported for production as far as I know. I have seen more issues using this setting and would not recommend using it.
Hi
I have followed these steps and restart the end user computer but still default browser setting is not changed. Policy is applied successfully. Any hints??
At least make sure the XML is correct (and converted) and make sure the policy is successfully applied.
How if we need to set default browser in IOS device to google chrome?
Great article Peter!
I’m presuming that once you make Edge the default browser that it is now locked down by policy and is unable to be changed by the end user?
What I’m trying to do where at our company is that we have settled on Edge as our standard browser for the organization and are ‘encouraging’ as the default browser. So we want to do an announcement to that end and then do a one time push more or less to make it the default on the user’s machine, but still give the flexibility to allow the user to change it if desired.
Cheers,
Dan
I would like to have a script which sets edge as default browser as the settings you mentioned above does not let users to change the default browser to other browsers. After changing to other browser it sets back to Edge after reboot which is not my client’s requirement. Please help me with script. Thanks
Hello
Intune doesn’t seme to apply the policy, any suggestions? We are targeting a security group which contains 1x test server. – intune reports 1x not applicable