Hi,
Just wanted to know if it is possible to install google chrome extensions via bigfix.
We are actually looking to install the extension called IE tab but we are not able to figure out a way to do it.
Here is a link that was suppose to help us.
Hi,
Just wanted to know if it is possible to install google chrome extensions via bigfix.
We are actually looking to install the extension called IE tab but we are not able to figure out a way to do it.
Here is a link that was suppose to help us.
I have never done this myself, but am also interested in doing so.
I think doing this requires the use of GPO.
You can deploy Local GPO with BigFix which should work for this.
Have a look on the below action script which will be able to set the registry under Google Chrome Extention:
Action Script
// Set Registry Key under Google Chrome Extention
//OneLogin SSO Implementation: âEnableâ
regset â[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ioalpmibngobedobkmbhgmadaphocjdn]â âupdate_urlâ=âhttps://clients2.google.com/service/update2/crxâ
_Where: _
OneLogin for Google Chrome 3.3.6
ID: ioalpmibngobedobkmbhgmadaphocjdn
Relevance:
(not exist keys "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ioalpmibngobedobkmbhgmadaphocjdn" of x32 registry)
Once it gets deployed, Youâll get prompt in Chrome Browser to enable the plugin.
Hope this helpsâŚ!!
To expand on this⌠If wanting to implement this via BigFix with regset Action script, but as a policy, if possible, how would we account for ânext regkey in the sequenceâ. For example, if regkey â1â exists, create â2â.
This is automated when implementing via GPO, but wanted to ask if this is even feasible via action script.
You can try something like this to auto increment the number:
parameter "APPID"="nlbejmccbhkncgokjcmghpfloaajcffj"
regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallBlacklist]" "{(maximum of (names of values of it as string as integer) of key "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallBlacklist" of (registry)) + 1}"="{parameter "APPID"}"
Wow! That is so awesome! I was sure that wasnât possible.
Glad it works for you. The only issue that I can see, is if there is no values in the key yet. Iâve updated the action script to do that check and set the first value to the name of â1â if no values exist already.
// If exists values
if {exists values of key "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallBlacklist" of (registry)}
regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallBlacklist]" "{(maximum of (names of values of it as string as integer) of key "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallBlacklist" of (registry)) + 1}"="{parameter "APPID"}"
else
// If no values exists add the first one as '1'
regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallBlacklist]" "1"="{parameter "APPID"}"
endif
Some error checking just in case there is no valueâŚa good practice. Again, thank you.
This is a bit of a thread necro, but more than 1 of us at my company came across this thread when trying to figure out how to push out a Chrome extension with BigFix. The original suggestion from prabhu490730 above works rather inconsistently for some reason. I found a more reliable registry key to modify to accomplish this.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist
If you create a value in there with the same sort of data mentioned above (extension ID;update address) then it will force that install on target systems the next time they start Chrome. This has the added effect of preventing them from disabling or removing that extension. (unless they first delete that registry value) This is the same location that you can use via GPO to force install extensions. The tricky thing is that each value in there has to be named a number and you (probably) cannot have 2 identical ones in there. So, if youâre pushing out multiple extensions or some are being done via GPO and some via BigFix, you need a way to ensure youâre not overwriting the other.
Borrowing from dakotaâs posts above, Iâm using this to push out the Google Endpoint Verification extension (which is used by Google Cloud to view elements of the client OSâincluding only allowing access based on things like cert presence, etc)
Action Script
parameter "APPID"="callobklhcbilhphinckomhgkigmfocg;https://clients2.google.com/service/update2/crx"
// If exists values
if {exists values of key "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist" of (registry)}
regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist]" "{(maximum of (names of values of it as string as integer) of key "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist" of (registry)) + 1}"="{parameter "APPID"}"
else
// If no values exists add the first one as '1'
regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist]" "1"="{parameter "APPID"}"
endif
Relevance
NOT exists value whose (it is "callobklhcbilhphinckomhgkigmfocg;https://clients2.google.com/service/update2/crx" as string) of key "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist" of native registry