Skip to main content

Windows OS Onboarding: Part 3 - Configuration Profiles

  • Updated

KB-artical-page-Windows.png

How to Create Configuration Profiles

Sign in to the Microsoft Intune Admin Centre:

Configuration Profile:

  • Devices
  • Manage Devices drop-down
  • Configuration
  • Create
  • New Policy
WP3 img 1.png

On the Create Profile window, ensure the below are selected:

  • Platform: Windows 10 and later
  • Profile type: Settings catalog
  • Create
WP3 img 2.png

 

Basics

You will now be required to enter the profile details:

  • Name: Enter a descriptive name for the policy (e.g., Mobile Guardian Microsoft Edge Browser Settings).
  • Description: Enter a description for the policy (optional but recommended).
  • Click Next
WP3 img 3.png

 

Configuration settings

Here you would need to add the settings for the profile. 

  • Select Add Settings
WP3 img 4.png

In the Settings picker window, search and select the following settings:

  • Category:
    • Search for Microsoft Edge
  • Settings:
    • Search for and select: Browser sign-in settings (Device)
    • Search for and select: Configure whether a user always has a default profile automatically signed in with their work or school account
    • Search for and select: Control where developer tools can be used (User)
  • Once all three are selected, click the X button in the top right corner
WP3 img 5.png

 

WP3 img 6.png

 

WP3 img 7.png
  • Once the setting are added, ensure they are all set to Enabled
  • Control where developer tools can be used (User)
    • Set to Allow using the the developer tools
  • Browser sign-in settings (Device)
    • Set to  Force users to sign-in to the browser
ℹ️
Note
Developer tools should only be enabled for initial testing and disabled for student devices.

Select Next to move to the Scope Tags tab and select Next again, as you will not be required to make any changes. 

 

Assignments

Under the Included groups section 

  • Select Add groups
  • Select the group you want to apply the settings to (e.g., Students)
  • Select Next
WP3 img 8.png
WP3 img 9.png
WP3 img 10.png
WP3 img 11.png

 

Review and Create:

  • Review your settings and click Create.
WP3 img 12.png
  • Refresh the page to see your newly created configuration profile.
WP3 img 13.png

Creating a Configuration Profile for Managed Edge Extensions

Configuration Profile:

Create a new Profile as in the previous steps.

  • Devices
  • Manage Devices drop-down
  • Configuration
  • Create
  • New Policy

On the Create Profile window, ensure the below are selected:

  • Platform: Windows 10 and later
  • Profile type: Settings catalog
  • Create

Basics

  • Name: Enter a descriptive name for the policy (e.g., Mobile Guardian Managed Edge Chromium Extensions).
  • Description: Enter a description for the policy (optional but recommended).
  • Click Next
WP3 img 14.png

Configuration Settings

  • Select: Add settings

Search and select the following settings

  • Settings:
    • Control where developer tools can be used
    • Control which extensions are installed silently
WP3 img 15.png

 

WP3 img 16.png
  • Once all are selected, click the X button in the top right corner
  • Once the settings are added, ensure they are all set to Enaled
  • Control where developer tools can be used (Device)
    • Set to Allow using the the developer tools
  • Control where developer tools can be used (User)
    • Set to Allow using the the developer tools
ℹ️
Note
Developer tools should only be enabled for initial testing. It should be disabled everywhere for student devices

Configure Extensions

You will need App ID and URL found in your Intune Settings on the Mobile Guardian Dashboard. 

WP3 img 17.png
  • In the Extension/App ID field, enter your personalised App ID and URL
    • Ensure they are added and separated by a semicolon.
WP3 img 18.png

Select Next to move to the Scope Tags tab and select Next again, as you will not be required to make any changes. 

 

Assignments

Under the Included groups section 

  • Select Add groups
  • Select the group you want to apply the settings to (e.g., Students)
  • Select Next
WP3 img 19.png

 

Review and Create:

  • Review your settings and click Create.
WP3 img 20.png
  • Refresh the page to see your newly created configuration profile.
WP3 img 21.png

 

Device Setup

When signing onto the device with a student account. The configuration profile installs the Mobile Guardian extension on the Edge Browser. The extension calls the API to fetch updated or new details from Intune.

To add the user to the device, you or the user would need to add the account by navigating to:

  • Settings
  • Accounts
  • Access Work or School
  • Connect
  • Add the student's email and follow the prompts
ℹ️
Note
Once the process is completed, the extension will install. The device may require you to sign out and back in with an Azure student account or restart the device.

Once installed, the device will be added to your Mobile Guardian Dashboard.

ℹ️
Note
The process is the same as for a new device.

The device information will be added to your Microsoft Intune admin center as well. 

Navigate to:

  • Devices
  • All devices

To ensure the profile has been added to the Edge Browser and is in use. Your Edge Browser icon will display a briefcase on the icon

You may view the extension on the Extensions tab and will be able to pin the extension to the Edge Browser.

 

Please let us know if you found this helpful!

Thanks for reading! 🙂

Related articles