How to deploy Microsoft Edge Chromium stable version using Configuration Manager

On Jan 15th, 2020 Microsoft has officially launched new version of Microsoft edge browser based on chromium for windows and Mac OS. It is compatible with all supported versions of Windows, and with macOS.

It replaces the legacy version of Microsoft Edge on Windows 10 PCs. With speed, performance, best-in-class compatibility for websites and extensions, and built-in privacy and security features, it's the only browser you'll ever need.

As you already know , windows 7 support ended Jan 14th ,2020 however, Microsoft has made the new edge browser available for windows 7.

If you want to download the new Microsoft Edge based on chromium for windows 7, windows 8.1 and windows 10 and Mac OS, please visit https://www.microsoft.com/en-us/edge?

image

This is not offline installer, it is 2mb file and when you lunch it, it will connect to internet and download the required setup files.

if you want to download the offline installer, you can refer to this article and find the right version for you https://www.microsoft.com/en-us/edge/business/download

Now how do we install the Stable version of new microsoft edge browser using Microsoft Endpoint manager (CMCB 1910 ) for endpoints in the organization?

MEMCM 1910 has feature to deploy Microsoft Edge, version 77 and later to your users. This will help you download and create the application automatically without doing anything manual.

If you are not running on configuration manager current branch 1910, then you need to download the offline installer and create application manually.This is same process how you do for other applications.

This blog post assumes that you are running on configuration manager 1910. If you are not on 1910, please read this blog post for how to get  current branch 1910.

In the console,click on Software library, click on Microsoft Edge Management and choose create Microsoft Edge application

image

Provide the Name and content location. This is to save the application source files and the name is what appear in applications node .

image

In the channel, choose stable , this is the version released today by Microsoft  and version, choose latest.

image

In the deployment, choose No for now, as we edit the deployment settings and deploy to collection later.

image

Click next on the summary page.

image

Now, based on the internet connectivity, the download of the edge stable version will start and create the application automatically.

You can monitor the download of the updates from %temp% folder with log called: patchdownloader.log

image

Log file location:

image

Monitoring the download process:

image

Once the download is finished, you can see the app in the application node.

image

It has 2 deployment types because it downloaded both x86 and x64 but the priority is x64.

image

The source location has the following content. Powershell script and MSI.

image

If you edit the x64 deployment type, you will see the program command line syntax.

image

we will now modify the syntax with -executionpolicy bypass. This is not mandatory to use however i have seen some of the installation error in the previous builds so i simply edit it with bypass and continue.

Append the syntax after file

for x64:

powershell -executionpolicy bypass -File ".\Install-Edge.ps1" -MSIName "MicrosoftEdgeEnterpriseX64.msi" -ChannelID "{56eb18f8-b008-4cbd-b6d2-8c97fe7e9062}"

You can do the same for x86 as well.

image

update the syntax and click ok.

image

For detection method: we dont do any changes but i have listed this for your information incase you want to create the application manually and you are not in CMCB 1910.

Hive:HKLM

Key:SOFTWARE\Wow6432Node\Microsoft\EdgeUpdate\Clients\{56eb18f8-b008-4cbd-b6d2-8c97fe7e9062}

Value: pv

data type: version

Operator: Greater than or equal to

value:79.0.309.65

image

Now distribute the application to distribution points.

image

Monitor the distribution status  and once it is distributed, you are now ready to deploy to collection. Log file: distmgr.log on your configmgr site.

Deploy to collection:

image 

image

image

image

Once the application is deployed to collection, depend on the machine policy cycle, device will receive the policy, download the content and install the application.

Deployment results:

image

image

You can monitor the installation status using appenforce.log located at C:\windows\ccm\logs.

image

You can see Microsoft Edge in the start menu.

image

Launch the Microsoft Edge

image

If you look at the about page in the edge, you see that, your organization disabled the updates.

This is happening because of the script that is used to install the Edge application.

The script is designed to disable the automatic updates and let configuration manager manages the updates just like other windows and office 365 updates.

image

Now on your configuration manager, you need to enable the Microsoft Edge product in SUP section.

If you are not able to see the product then simply run software update sync , wait for the sync to complete.

Now go back to SUP properties, you will now see the Microsoft Edge, select it and click ok.

image

Right click on All microsoft edge updates and initiate sync.

After a while you will see the updates in the console.

image

image

Once the updates are available in the console, you can patch Edge browser just like any other windows/office365 updates.

The following information is provided to know, what registry key used to enable or disable the automatic updates for Edge.

The registry key for disabling the edge updates is:

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\EdgeUpdate with value 0

image

To enable automatic updates for edge browser, you can change the update value from 0 to 1.

Launch edge and type edge://settings/help to see the status.

image

Before you start deploying the Edge browser in an enterprise, please read through the Microsoft article for edge policies using GPO/Intune. https://docs.microsoft.com/en-us/microsoft-edge/ 

Hope you found this article useful!

15 Responses to "How to deploy Microsoft Edge Chromium stable version using Configuration Manager"

    1. Hi,
      It has been noticed on some of the forums that, the default parameters for the beta and dev channels did not work well and the fix was to add -bypass.
      So i added the bypass syntax for the stable channel as well. I will update the blog post incase you see any errors with the installation, modify the syntax.

      For the updates section, Are you running on current branch 1910 or technical preview? can you post what version are you running to see the edge updates?

      Thanks,
      Eswar

      Reply
      1. Im running 5.0.8913.1000 (1910 stable)
        I activated Edge in Products (see screenshot, its a sub-product of Windows) and ran a sync -> updates appeared

        Reply
        1. Thanks Andres. I cannot see any entries for edge in my console though am running on 1910 as well.
          can you post about configuration manager screenshot for me pls to check further?

          Thanks,
          Eswar

          Reply
            1. Thanks Andres. I got. All your need is sync once, then enable the Edge in SUP properties and sync once again to see the Edge updates.

              Regards,
              Eswar

          1. why do we need detection method as registry key that you mentioned if we are not on 1910, any specific reason?
            Source file downloaded from MS site is MSI, we can use product code as detection method..isnt it?

            Reply
            1. Yes you can msi as detection method and there is nothing wrong about it. The reason I see to use reg key is that, if the edge is lower then that version then install else ignore it and let the patching takes care of the updates.

              Thanks
              Eswar

        1. Hi Marco,
          There are no built-in reports with for edge in current branch 1910 however Microsoft has introduced some reports in technical preview 2001 onwards.
          So i expect the next current branch version should have these reports for edge.

          Thanks,
          Eswar

          Reply
          1. Thanks for the reply. I'll see if you can make a beseline that tells me the edge version. I have to find a key that gives me this information.

            Reply
            1. hi,
              If your request is to simply find the edge installed devices, you can query this from SQL or WQL query collection with application name 'Microsoft Edge%'.
              Following is the SQL Query that can be used to get list of computers with microsoft edge installed.

              select sys.name0,sys.user_name0,arp.DisplayName0,arp.version0 from v_r_system sys
              inner join v_Add_Remove_Programs arp on arp.ResourceID=sys.ResourceID
              where arp.DisplayName0 like 'Microsoft Edge%' and arp.DisplayName0 not like 'Microsoft Edge Update'
              order by sys.Name0

              Thanks,
              Eswar

Leave a Reply