TABLE OF CONTENTS
Deploy Chrome Enterprise Using Intune
Configure LibKey Nomad for Deployment
Create LibKey Nomad Intune Remediation
Deploy Intune Changes
Deploy Chrome Enterprise Using Intune
(Note: This will deploy the latest version of Chrome Enterprise at the time of installation but will update on its own or at the interval you set moving forward)
Part 2: Log in to your Microsoft Intune Admin Center @ intune.microsoft.com
- On the left side of the screen, click on "Apps"
- Click on "All Apps"
- Click on "Add" to add a new app
- Select the App Type: "Line-of-business app" under the "Other" category
- Confirm your selection
- Click "Select app package file"
- Click on "Select a file"
- Go to where you downloaded the Chrome installer and double-click on it
- Confirm your selection
- Make sure the Name, Description, and Publisher are filled out; for Publisher you can just put: Google
- Leave all of the remaining default settings alone
- If you want, you can set a logo for the app - This is recommended and can be downloaded from Google Images
- Click to continue to the next step
- Choose "Add Group" under the required groups
- Search for the group(s) to whom this will be deployed
- Confirm your selection
- Click to continue to the next step
- Review the Intune settings (groups, etc) and make any changes if needed for your organization
- Create the app
The app will now go through the creation process and will upload the installer package to your Microsoft Intune Admin Center so that it can be deployed to machines.
Configure LibKey Nomad for Deployment
Part 1: Log in to your Microsoft Intune Admin Center @ intune.microsoft.com
- On the left side of the screen click on "Devices"
- Under "Manage Devices" click on "Configuration"
- Create a new policy
- Click on "New Policy"
- Under "Select Platform" click on "Windows 10 and later"
- Under "Profile Type" click on "Templates"
- Under "Template Name" click on "Administrative Templates"
- Confirm your selection
- Under "Name" type: LibKey Nomad Policy Setting
- Under "Description" type: LibKey Nomad Extension Setting - Configure the list of force-installed apps and extensions
- Click to continue to the next step
- Under "Computer Configuration" click on "Google"
- Click on "Google Chrome". (Note: DO NOT click on "Google Chrome - Default Settings")
- Click on "Extensions"
- Click on "Configure the list of force-installed apps and extensions"
- Click on "Enabled"
- In the blank box copy and paste the following: lkoeejijapdihgbegpljiehpnlkadljb;https://clients2.google.com/service/update2/crx
- Confirm your selection
- Click to continue to the next step
- Click to continue to the next step
- Under "Included Groups" click "Add Groups"
- Search for the group(s) to whom this will be deployed
- Confirm your selection
- Click to continue to the next step
- Review the Intune settings (groups, etc) and make any changes if needed for your organization
- Create the policy
Create LibKey Nomad Intune Remediation
Part 1: Create & Edit the Powershell scripts to apply to your organization
- Open a new Powershell window and copy/paste the following script: (Note: You can use something like Powershell ISE or Visual Studio Code to create Powershell files)
<# .DESCRIPTION Below Powershell script will Check the existence of Nomad registry Key. Author: Kris Carlson Site: thirdiron.com Version: 1.0.0 #> <# NO EDITS NEEDED IN THIS SCRIPT #> $regPath = "HKLM:\Software\Policies\Google\Chrome\3rdparty\extensions\lkoeejijapdihgbegpljiehpnlkadljb\policy" $value = Test-Path $regPath if($value){ Write-host "Reg Key already Exists. No Action Required" Exit 0 } Else{ Write-host "Reg Key does not exist" Exit 1 }
2. Save the script as "Detect_reg_key.ps1"
3. Open a new Powershell window and copy/paste the following script:
<# .DESCRIPTION Below Powershell script will Check the existence of Nomad registry Key. If it does not exist, It will create it and Also creates one registry entry under this key which is String Value. Author: Kris Carlson Site: thirdiron.com Version: 1.0.0 #> $regPath = "HKLM:\Software\Policies\Google\Chrome\3rdparty\extensions\lkoeejijapdihgbegpljiehpnlkadljb\policy" $value = Test-Path $regPath <# ONLY EDIT THE FOLLOWING TWO VARIABLES #> $libraryId = "INSERT-LIBRARY-ID-HERE" $buttonPlacement = "bottomLeft" <# bottomLeft and bottomRight are the only buttonPlacement options available #> <# DO NOT EDIT BELOW THIS LINE #> $value if(!$value){ if($libraryId -match "^\d+$"){ try{ Write-Host "Creating Reg Key" New-Item -Path HKLM:\Software\Policies\Google\Chrome\3rdparty\extensions\lkoeejijapdihgbegpljiehpnlkadljb -Name policy -Force | Out-Null New-ItemProperty -Path $regPath -Name 'libraryId' -Value $libraryId -PropertyType String | Out-Null #Next line lets you optionally set the Nomad Button Placement New-ItemProperty -Path $regPath -Name 'buttonPlacement' -Value $buttonPlacement -PropertyType String | Out-Null Exit 0 } Catch { Write-Host "Error Creating Reg Key" Write-error $_ Exit 1 } } else{Write-Host "Invalid Libary ID Entered"} } Else{ Write-host "Reg Key already Exists. No Action Required" Exit 0 }
4. Change the value for $libraryId from "INSERT-LIBRARY-ID-HERE to your Library ID (For Example: 1234) - (Note: This should be a numerical value only)
How to locate your Third Iron Library ID
Via BrowZine: Log in to BrowZine. Your Third Iron ID is the number in your library's BrowZine URL:
https://browzine.com/libraries/###
Via LibKey.io: Log in to LibKey.io. Your Third Iron ID is the number in your library's LibKey URL:
https://libkey.io/libraries/###
5. You may optionally change the value of $buttonPlacement from the default of "bottomLeft" to "bottomRight" if you would like to change the position of the LibKey Nomad Button whenever it appears on screen - (Note: This value is case sensitive)
6. Save the script as "Remediate_reg_key.ps1"
Part 2: Log in to your Microsoft Intune Admin Center @ intune.microsoft.com
- On the left side of the screen click on "Devices"
- Under "Manage Devices" click on "Scripts and Remediations"
- Click to create a remediation
- Under "Name" type: LibKey Nomad Registry Settings
- Under "Description" type: LibKey Nomad Registry Settings - Configure the Library ID and Button Placement
- Click to continue to the next step
- For "Detection Script File" click on Select a file"
- Locate the "Detect_reg_key.ps1" file that you created and double-click on it
- For "Remediation Script File" click on "Select a file"
- Locate the "Remediate_reg_key.ps1" file that you created and double-click on it
- Click to continue to the next step
- Click to continue to the next step
- Under "Included Groups" click "Select groups to include"
- Search for the group(s) to whom this will be deployed
- Click to confirm the selection
- Click to continue to the next step
- Review the Intune settings (groups, etc) and make any changes if needed for your organization
- Create the remediation
Deploy Intune Changes
At this point, you will be able to force a sync of all devices in the groups you selected for deployment or simply wait for your next sync time which is usually anywhere from once per hour to once per day depending on how you've set up your Intune Device Check-In Settings.