windows-itpro-docs/browsers/edge/available-policies.md

Description, ms.assetid, ms.prod, ms.mktglfcycl, ms.sitesec, title

Description	ms.assetid	ms.prod	ms.mktglfcycl	ms.sitesec	title
Microsoft Edge works with Group Policy and Microsoft Intune to help you manage your organization's computer settings.	2E849894-255D-4F68-AE88-C2E4E31FA165	edge	explore	library	Available policies for Microsoft Edge

Available policies for Microsoft Edge

Last updated

• January 7, 2015

Applies to:

• Windows 10
• Windows 10 Mobile

Microsoft Edge works with Group Policy and Microsoft Intune to help you manage your organization's computer settings. Group Policy objects (GPO's) can include registry-based Administrative Template policy settings, security settings, software deployment information, scripts, folder redirection, and preferences.

By using Group Policy and Intune, you can set up a policy setting once, and then copy that setting onto many computers. For example, you can set up multiple security settings in a GPO that's linked to a domain, and then apply all of those settings to every computer in the domain.

**Note**
For more info about Group Policy, see the [Group Policy TechCenter](http://go.microsoft.com/fwlink/?LinkId=214514). This site provides links to the latest technical documentation, videos, and downloads for Group Policy. For more info about the tools you can use to change your Group Policy objects, see the Internet Explorer 11 topics, [Group Policy and the Group Policy Management Console (GPMC)](http://go.microsoft.com/fwlink/?LinkId=617921), [Group Policy and the Local Group Policy Editor](http://go.microsoft.com/fwlink/?LinkId=617922), [Group Policy and the Advanced Group Policy Management (AGPM)](http://go.microsoft.com/fwlink/?LinkId=617923), and [Group Policy and Windows Powershell](http://go.microsoft.com/fwlink/?LinkId=617924).

 

Group Policy settings

Microsoft Edge works with these Group Policy settings (Computer Configuration\Administrative Templates\Windows Components\Microsoft Edge\) to help you manage your company's web browser configurations:

Policy name	Description	Options
Allow employees to send Do Not Track headers	Whether employees can send Do Not Track headers to websites that request tracking info.	Enable: Employees can send Do Not Track headers to websites requesting tracking info. Disable or not configured (default): Stops employees from sending Do Not Track headers to websites requesting tracking info.
Turn off web content in new tab page	Decide what Microsoft Edge shows when opening a new tab.	Enable or not configured (default): Employees can see the new tab page with Top Sites, Top Sites with suggested content, or a blank page. Disable: Employees see an empty tab and are unable to change the Open new tabs with setting.
Configure cookies	Decide how your company deals with cookies.	Enable or not configured (default): Lets you decide how your company treats cookies. If you use this option, you must also choose whether to Allow all cookies (default). Allows all cookies from all websites Block all cookies. Blocks all cookies from all websites. Block only 3rd-party cookies. Blocks only cookies from 3rd-party websites. Disable: Allows all cookies from all websites.
Configure corporate Home pages	Choose which corporate Home pages should appear for domain-joined devices.	Enable: Configure corporate Home pages for domain-joined devices. If you use this option, you must also include site URLs. Example <support.contoso.com><support.fabrikam.com> Note You must use this format and the angle brackets if you have multiple pages. Disable or not configured (default): Uses the corporate Home pages and URLs specified in the App settings.
Configure the Enterprise Mode Site List	Whether your company uses Enterprise Mode and the Enterprise Mode Site List to address common compatibility problems with legacy apps.	Enable: Lets you use the Enterprise Mode Site List to address common compatibility problems with legacy apps, if it’s configured. If you use this option, you must also add the location to your site list in the {URI} box. When configured, any site on the list will always open in IE11. Disable or not configured: You won't be able to use the Enterprise Mode Site List.
Configure Favorites	Decide what sites appear on the default Favorites list.	Enable: Configure the default list of Favorite sites for your employees. If you use this option, you must also add the actual names and URLs for the sites. Disable or not configured (default): Uses the Favorites list names and URLs specified in the Favorites hub.
Don’t allow SmartScreen Filter warning overrides	Whether employees can override the SmartScreen Filter warnings about potentially malicious websites.	Enable: Stops employees from ignoring the SmartScreen Filter warnings and blocks them from visiting the site. Disable or not configured (default): Lets employees ignore the SmartScreen Filter warnings about potentially malicious sites and continue to the site. Note You can also turn on the SmartScreen Filter, using the Turn off the SmartScreen Filter setting and stop employees from ignoring the SmartScreen Filter warnings about unverified file downloads, using the Don’t allow SmartScreen Filter warning overrides for unverified files setting.
Don’t allow SmartScreen Filter warning overrides for unverified files	Whether employees can override the SmartScreen Filter warnings about downloading unverified files.	Enable: Stops employees from ignoring the SmartScreen Filter warnings and stops them from downloading unverified files. Disable or not configured (default): Lets employees ignore the SmartScreen Filter warnings about unverified files and lets them continue the download process. Note You can also turn on the SmartScreen Filter, using the Turn off the SmartScreen Filter setting and stop employees from ignoring the SmartScreen Filter warnings about potentially dangerous websites, using the Don’t allow SmartScreen Filter warning overrides setting.
Don't allow WebRTC to share the LocalHost IP address	Whether an employee’s LocalHost IP address shows while using the WebRTC protocol	Enable: Hides the LocalHost IP address while using the WebRTC protocol. Disable or not configured (default): Shows the LocalHost IP address while using the WebRTC protocol.
Send all intranet sites to IE11	Whether your intranet sites should all open using IE11. Important: This setting should only be used if there are known compatibility problems with Microsoft Edge.	Enable: Automatically opens all intranet sites using IE11. Disable or not configured (default): Automatically opens all intranet sites using Microsoft Edge.
Turn off Address bar search suggestions	Whether search suggestions should appear in the Address bar of Microsoft Edge.	Enable or not configured (default): Employees can see search suggestions in the Address bar of Microsoft Edge. Disable: Employees can’t see search suggestions in the Address bar of Microsoft Edge.
Turn off Autofill	Whether employees can use Autofill to automatically fill in form fields while using Microsoft Edge.	Enable or not configured (default): Employees can use Autofill to complete form fields. Disable: Employees can’t use Autofill to complete form fields.
Turn off Developer Tools	Whether the F12 Developer Tools are available on Microsoft Edge.	Enable or not configured (default): Shows the F12 Developer Tools on Microsoft Edge. Disable: Hides the F12 Developer Tools on Microsoft Edge.
Turn off InPrivate browsing	Whether employees can browse using InPrivate website browsing.	Enable or not configured (default): Lets employees use InPrivate browsing while on the corporate network. Disable: Stops employees from using inPrivate browsing on the corporate network.
Turn off Password Manager	Whether employees can save their passwords locally, using Password Manager.	Enable or not configured (default): Employees can use Password Manager to save passwords locally. Disable: Employees can't use Password Manager to save passwords locally.
Turn off Pop-up Blocker	Whether to turn on Pop-up Blocker and allow pop-ups to appear in secondary windows.	Enable or not configured (default): Turns on Pop-up Blocker, stopping pop-up windows. Disable: Turns off Pop-up Blocker, allowing pop-up windows.
Turn off the SmartScreen Filter	Whether to turn on SmartScreen Filter to help protect your employees from potential phishing scams and malicious software.	Enable or not configured (default): Turns on SmartScreen Filter, providing warning messages to your employees about potential phishing scams and malicious software. Disable: Turns off SmartScreen Filter. Note You can also stop employees from ignoring the SmartScreen Filter warnings about potentially dangerous websites, using the Don’t allow SmartScreen Filter warning overrides setting and stop employees from ignoring the SmartScreen Filter warnings about unverified file downloads, using the Don’t allow SmartScreen Filter warning overrides for unverified files setting.

 

Using Microsoft Intune to manage your Mobile Data Management (MDM) settings for Microsoft Edge

If you manage your policies using Intune, you'll want to use these MDM policy settings. You can see the full list of available policies, on the Policy CSP page.

**Note**
The **Supports** column uses these options:

• Desktop. Supports Windows 10 Pro and Windows 10 Enterprise computers that are enrolled with Intune only.

• Mobile. Supports Windows 10 Mobile devices only.

• Both. Supports both desktop and mobile devices.

All devices must be enrolled with Intune if you want to use the Windows Custom URI Policy.

Policy name	Supports	Details
AllowAutofill	Desktop	URI full path. ./Vendor/MSFT/Policy/Config/Browser/AllowAutofill Data type. Integer Allowed values: 0. Employees can’t use Autofill to complete form fields. 1 (default). Employees can use Autofill to complete form fields.
AllowBrowser	Mobile	URI full path. ./Vendor/MSFT/Policy/Config/Browser/AllowBrowser Data type. Integer Allowed values: 0. Employees can’t use Microsoft Edge. 1 (default). Employees can use Microsoft Edge.
AllowCookies	Both	URI full path. ./Vendor/MSFT/Policy/Config/Browser/AllowCookies Data type. Integer Allowed values: 0. Block all cookies from all sites. 1. Block only 3rd party cookies. 2 (default). Don't block. Allow all cookies from all sites.
AllowDeveloperTools	Desktop	URI full path. ./Vendor/MSFT/Policy/Config/Browser/AllowDeveloperTools Data type. Integer Allowed values: 0. Employees can't use the F12 Developer Tools on Microsoft Edge. 1 (default). Employees can use the F12 Developer Tools on Microsoft Edge.
AllowDoNotTrack	Both	URI full path. ./Vendor/MSFT/Policy/Config/Browser/AllowDoNotTrack Data type. Integer Allowed values: 0 (default). Stops employees from sending Do Not Track headers to websites requesting tracking info. 1. Employees can send Do Not Track headers to websites requesting tracking info.
AllowPasswordManager	Both	URI full path. ./Vendor/MSFT/Policy/Config/Browser/AllowPasswordManager Data type. Integer Allowed values: 0. Employees can use Password Manager to save passwords locally. 1 (default). Employees can't use Password Manager to save passwords locally.
AllowPopups	Desktop	URI full path. ./Vendor/MSFT/Policy/Config/Browser/AllowPopups Data type. Integer Allowed values: 0 (default). Turns off Pop-up Blocker, stopping pop-up windows 1. Turns on Pop-up Blocker, allowing pop-up windows.
AllowSearchSuggestionsinAddressBar	Both	URI full path. ./Vendor/MSFT/Policy/Config/Browser/AllowSearchSuggestionsinAddressBar Data type. Integer Allowed values: 0. Employees can see search suggestions in the Address bar of Microsoft Edge. 1 (default). Employees can’t see search suggestions in the Address bar of Microsoft Edge.
AllowSmartScreen	Both	URI full path. ./Vendor/MSFT/Policy/Config/Browser/AllowSmartScreen Data type. Integer Allowed values: 0. Turns on SmartScreen Filter, providing warning messages to your employees about potential phishing scams and malicious software. 1 (default). Turns off SmartScreen Filter.
EnterpriseModeSiteList	Desktop	URI full path. ./Vendor/MSFT/Policy/Config/Browser/EnterpriseModeSiteList Data type. Integer Allowed values: Not configured (default). 1. Use Enterprise Mode site list, if configured. 2. Specify the location to the site list.
Favorites	Both	URI full path. ./Vendor/MSFT/Policy/Config/Browser/Favorites Data type. String Allowed values: URLs to favorite webpages. Example: <contoso.com> <fabrikam.com> Note URLs must be on separate lines.
FirstRunURL	Mobile	URI full path. ./Vendor/MSFT/Policy/Config/Browser/FirstRunURL Data type. String Allowed values: URL to first run webpage. Example: <contoso.com>
HomePages	Desktop	URI full path. ./Vendor/MSFT/Policy/Config/Browser/HomePages Data type. String Allowed values: URLs to home pages. Example: <contoso.com/support><fabrikam.com/support>
PreventSmartScreenPromptOverride	Both	URI full path. ./Vendor/MSFT/Policy/Config/Browser/PreventSmartScreenPromptOverride Data type. Integer Allowed values: 0 (default). Employees can ignore SmartScreen warnings. 1. Employees can't override SmartScreen warnings.
PreventSmartScreenPromptOverrideForFiles	Both	URI full path. ./Vendor/MSFT/Policy/Config/Browser/PreventSmartScreenPromptOverrideForFiles Data type. Integer Allowed values: 0 (default). Employees can ignore SmartScreen warnings for files. 1. Employees can't override SmartScreen warnings for files.
PreventUsingLocalHostIPAddressforWebRTC	Desktop	URI full path. ./Vendor/MSFT/Policy/Config/Browser/PreventUsingLocalHostIPAddressForWebRTC Data type. Integer Allowed values: 0 (default). Shows an employee's LocalHost IP address while using the WebRTC protocol. 1. Hides an employee's LocalHost IP address while using the WebRTC protocol.

Microsoft Edge and Windows 10-specific Group Policy and MDM settings

These are additional Windows 10-specific settings that work with Microsoft Edge.

Group Policy setting	Description	Options
Computer Configuration\Administrative Templates\Windows Components\Search\Allow Cortana	Whether employees can use Cortana.	Enable or not configured: Employees can use Cortana on their devices. Disable: Stops employees from using Cortana on their devices. Note Employees can still perform searches even with Cortana turned off.
Computer Configuration\Administrative Templates\Windows Components\sync your settings\Do not sync	Whether employees can use the Sync your Settings options to sync their settings to and from their device.	Enable: Turns off the Sync your Settings options and none of the Sync your Setting groups are synced on the device. You can use the Allow users to turn syncing on option to turn the feature off by default, but to let the employee change this setting. Disable or not configured (default): Turns on the Sync your Settings area by default, letting employees pick what can sync on their device.
Computer Configuration\Administrative Templates\Windows Components\sync your settings\Do not sync browser settings	Whether a browser group can use the Sync your Settings options to sync their info to and from their device. This includes settings and info like History and Favorites.	Enable: Turns off the Sync your Settings options so that browser groups are unable to sync their settings and info. You can use the Allow users to turn browser syncing on option to turn the feature off by default, but to let the employee change this setting. Disable or not configured (default): Turns on the Sync your Settings area by default, letting browser groups pick what can sync on their device.

Additional Windows 10-specific MDM policy settings

These are additional Windows 10-specific MDM policy settings that work with Microsoft Edge.

MDM Policy name	Supports	Details
AllowCortana	Both	URI full path. ./Vendor/MSFT/Policy/Config/Experience/AllowCortana Data type. Integer Allowed values: 0. Employees can’t use Cortana on their devices. 1 (default). Employees can use Cortana on their devices.
AllowSyncMySettings	Desktop	URI full path. ./Vendor/MSFT/Policy/Config/Experience/AllowSyncMySettings Data type. Integer Allowed values: 0. Employees can’t sync settings between PCs. 1 (default). Employees can sync between PCs.

Related topics

• Group Policy TechCenter
• Mobile Data Management (MDM) settings