microsoft edge registry settings microsoft edge registry settings

If you enable: If you don't configure this policy, on an unmanaged device the behavior is same as policy 'enabled'. The search bar provides a search box that shows web suggestions and opens all web searches in Microsoft Edge. Disabling this setting is equivalent to leaving it not configured. Applies to: Configuration Manager (current branch). Specify Google's Image Search URL as: '{google:baseURL}searchbyimage/upload'. If a site matches a URL pattern in this policy, the following policies will not be considered: TabCaptureAllowedByOrigins, WindowCaptureAllowedByOrigins, ScreenCaptureAllowedByOrigins, ScreenCaptureAllowed. If you disable this policy, users will not be asked for permission to enable this feature. If you don't configure this policy, multiple automatic downloads can be performed in all sites, and the user can change this setting. If you don't set this policy, all downloads where the file type is in AutoOpenFileTypes will automatically open. For more information about this policy see https://go.microsoft.com/fwlink/?linkid=2141715. See https://go.microsoft.com/fwlink/?linkid=2095041 for a list of variables that can be used. Edge mode pages, Clear history for IE and IE mode every time you exit, Allow Save page as in Internet Explorer mode, Allow sites configured for Internet Explorer mode to open in Microsoft Edge, Show the Reload in Internet Explorer mode button in the toolbar, Display zoom in IE Mode tabs with DPI Scale included like it is in Internet Explorer, Enable site isolation for specific origins, Enable Windows to search local Microsoft Edge browsing data, Always use Microsoft AutoUpdate as the updater for Microsoft Edge, Allow single sign-on for Microsoft personal sites using this profile, Sets managed configuration values for websites to specific origins, Let users snip a Math problem and get the solution with a step-by-step explanation in Microsoft Edge, Maximum number of concurrent connections to the proxy server, Allow Google Cast to connect to Cast devices on all IP addresses, Enable usage and crash-related data reporting (obsolete), Spell checking provided by Microsoft Editor, Synonyms are provided when using Microsoft Editor spell checker, Allow users to access the Microsoft Office menu (deprecated), Determines whether the Microsoft Root Store and built-in certificate verifier will be used to verify server certificates (deprecated), Enable Native Window Occlusion (deprecated), Set a timeout for delay of tab navigation for the Enterprise Mode Site List, Microsoft Edge built-in PDF reader powered by Adobe Acrobat enabled, Configure whether a user always has a default profile automatically signed in with their work or school account, Origin-keyed agent clustering enabled by default, Allow users to access the Outlook menu (obsolete), Control where security restrictions on insecure origins apply, Secure mode and Certificate-based Digital Signature validation in native PDF reader, Allow websites to query for available payment methods, Allow personalization of ads, Microsoft Edge, search, news and other Microsoft services by sending browsing history, favorites and collections, usage and other browsing data to Microsoft, Enable Proactive Authentication (obsolete), Prompt the user to select a certificate when multiple certificates match, Manage QuickView Office files capability in Microsoft Edge, Enable Read Aloud feature in Microsoft Edge, Prevent install of the BHO to redirect incompatible sites from Internet Explorer to Microsoft Edge, Redirect incompatible sites from Internet Explorer to Microsoft Edge, Configure Related Matches in Find on Page, Notify a user that a browser restart is recommended or required for pending updates, Set the time period for update notifications, Specify if online OCSP/CRL checks are required for local trust anchors, Enable resolution of navigation errors using a web service, Restrict which accounts can be used to sign in to Microsoft Edge, Enable using roaming copies for Microsoft Edge profile data, Extend Adobe Flash content setting to all content (obsolete), Allow users to proceed from the HTTPS warning page, Allow users to proceed from the HTTPS warning page for specific origins, Allow Microsoft Edge to block navigations to external protocols in a sandboxed iframe, Enable scrolling to text specified in URL fragments, Websites or domains that don't need permission to use direct Security Key attestation, Send all intranet sites to Internet Explorer, Send site information to improve Microsoft services (obsolete), Allow access to sensors on specific sites, Block access to sensors on specific sites, Control Javascript setTimeout() function minimum timeout (deprecated), Configure ShadowStack crash rollback behavior (obsolete), Specifies whether SharedArrayBuffers can be used in a non cross-origin-isolated context, Show links shared from Microsoft 365 apps in History, Shows button on native PDF viewer in Microsoft Edge that allows users to sign up for Adobe Acrobat subscription, Show Microsoft Office shortcut in favorites bar (deprecated), Allow feature recommendations and browser assistance notifications from Microsoft Edge, Enable Signed HTTP Exchange (SXG) support, Allow users to configure Site safety services, Block smart actions for a list of services, Enable stricter treatment for mixed content (obsolete), Disable synchronization of data using Microsoft sync services, Configure the list of types that are excluded from synchronization, Enable a TLS 1.3 security feature for local trust anchors (obsolete), Allow freezing of background tabs (obsolete), Do not set window.opener for links targeting _blank (obsolete), Enable ending processes in the Browser task manager, Set limit on megabytes of memory a single Microsoft Edge instance can use, Block tracking of users' web-browsing activity, Enable 3DES cipher suites in TLS (obsolete), Allow using the deprecated U2F Security Key API (obsolete), JavaScript setTimeout will not be clamped until a higher nesting threshold is set (deprecated), Specifies how Microsoft Edge Update handles available updates from Microsoft Edge, Enable the User-Agent Client Hints feature (obsolete), Control the User-Agent Client Hints GREASE Update feature, Enable or disable the User-Agent Reduction, Limits the number of user data snapshots retained for use in case of emergency rollback, Configures availability of a vertical layout for tabs on the side of the browser, Sites that can access video capture devices without requesting permission, Configure list of force-installed Web Apps, Enable web capture feature in Microsoft Edge, Re-enable Web Components v0 API until M84 (obsolete), Allow WebDriver to Override Incompatible Policies (obsolete), Allow legacy TLS/DTLS downgrade in WebRTC (deprecated), Manage exposure of local IP addressess by WebRTC, Restrict exposure of local IP address by WebRTC, Enable support for Windows OS routing table rules when making peer to peer connections via WebRTC, Restrict the range of local UDP ports used by WebRTC, Force WebSQL in third-party contexts to be re-enabled (obsolete), Force WebSQL in non-secure contexts to be enabled (obsolete), Dynamic Policy Refresh: No - Requires browser restart, GP unique name: ApplicationGuardContainerProxy, GP name: Application Guard Container Proxy, GP path (Mandatory): Administrative Templates/Microsoft Edge/Application Guard settings, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge, Value Name: ApplicationGuardContainerProxy, GP unique name: ApplicationGuardFavoritesSyncEnabled, GP name: Application Guard Favorites Sync Enabled, Value Name: ApplicationGuardFavoritesSyncEnabled, GP unique name: ApplicationGuardPassiveModeEnabled, GP name: Ignore Application Guard site list configuration and browse Edge normally, Value Name: ApplicationGuardPassiveModeEnabled, GP unique name: ApplicationGuardTrafficIdentificationEnabled, GP name: Application Guard Traffic Identification, Value Name: ApplicationGuardTrafficIdentificationEnabled, GP unique name: ApplicationGuardUploadBlockingEnabled, GP name: Prevents files from being uploaded while in Application Guard, Value Name: ApplicationGuardUploadBlockingEnabled, GP path (Mandatory): Administrative Templates/Microsoft Edge/Cast, GP name: Show the cast icon in the toolbar, Preference Key Name: ShowCastIconInToolbar, GP unique name: AutoSelectCertificateForUrls, GP name: Automatically select client certificates for these sites, GP path (Mandatory): Administrative Templates/Microsoft Edge/Content settings, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\AutoSelectCertificateForUrls, Preference Key Name: AutoSelectCertificateForUrls, GP unique name: AutomaticDownloadsAllowedForUrls, GP name: Allow multiple automatic downloads in quick succession on specific sites, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\AutomaticDownloadsAllowedForUrls, Preference Key Name: AutomaticDownloadsAllowedForUrls, GP unique name: AutomaticDownloadsBlockedForUrls, GP name: Block multiple automatic downloads in quick succession on specific sites, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\AutomaticDownloadsBlockedForUrls, Preference Key Name: AutomaticDownloadsBlockedForUrls, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\CookiesAllowedForUrls, Preference Key Name: CookiesAllowedForUrls, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\CookiesBlockedForUrls, Preference Key Name: CookiesBlockedForUrls, GP unique name: CookiesSessionOnlyForUrls, GP name: Limit cookies from specific websites to the current session, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\CookiesSessionOnlyForUrls, Preference Key Name: CookiesSessionOnlyForUrls, GP unique name: DefaultAutomaticDownloadsSetting, GP name: Default automatic downloads setting, Value Name: DefaultAutomaticDownloadsSetting, Preference Key Name: DefaultAutomaticDownloadsSetting, Preference Key Name: DefaultCookiesSetting, GP unique name: DefaultFileSystemReadGuardSetting, GP name: Control use of the File System API for reading, Value Name: DefaultFileSystemReadGuardSetting, Preference Key Name: DefaultFileSystemReadGuardSetting, GP unique name: DefaultFileSystemWriteGuardSetting, GP name: Control use of the File System API for writing, Value Name: DefaultFileSystemWriteGuardSetting, Preference Key Name: DefaultFileSystemWriteGuardSetting, GP unique name: DefaultGeolocationSetting, Preference Key Name: DefaultGeolocationSetting, Preference Key Name: DefaultImagesSetting, GP unique name: DefaultInsecureContentSetting, GP name: Control use of insecure content exceptions, Value Name: DefaultInsecureContentSetting, Preference Key Name: DefaultInsecureContentSetting, GP unique name: DefaultJavaScriptJitSetting, Preference Key Name: DefaultJavaScriptJitSetting, Preference Key Name: DefaultJavaScriptSetting, GP unique name: DefaultNotificationsSetting, Preference Key Name: DefaultNotificationsSetting, GP name: Default Adobe Flash setting (obsolete), Preference Key Name: DefaultPluginsSetting, Preference Key Name: DefaultPopupsSetting, GP unique name: DefaultWebBluetoothGuardSetting, GP name: Control use of the Web Bluetooth API, Value Name: DefaultWebBluetoothGuardSetting, Preference Key Name: DefaultWebBluetoothGuardSetting, GP unique name: DefaultWebHidGuardSetting, Preference Key Name: DefaultWebHidGuardSetting, GP unique name: DefaultWebUsbGuardSetting, Preference Key Name: DefaultWebUsbGuardSetting, GP name: Allow read access via the File System API on these sites, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\FileSystemReadAskForUrls, Preference Key Name: FileSystemReadAskForUrls, GP unique name: FileSystemReadBlockedForUrls, GP name: Block read access via the File System API on these sites, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\FileSystemReadBlockedForUrls, Preference Key Name: FileSystemReadBlockedForUrls, GP unique name: FileSystemWriteAskForUrls, GP name: Allow write access to files and directories on these sites, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\FileSystemWriteAskForUrls, Preference Key Name: FileSystemWriteAskForUrls, GP unique name: FileSystemWriteBlockedForUrls, GP name: Block write access to files and directories on these sites, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\FileSystemWriteBlockedForUrls, Preference Key Name: FileSystemWriteBlockedForUrls, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\ImagesAllowedForUrls, Preference Key Name: ImagesAllowedForUrls, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\ImagesBlockedForUrls, Preference Key Name: ImagesBlockedForUrls, GP unique name: InsecureContentAllowedForUrls, GP name: Allow insecure content on specified sites, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\InsecureContentAllowedForUrls, Preference Key Name: InsecureContentAllowedForUrls, GP unique name: InsecureContentBlockedForUrls, GP name: Block insecure content on specified sites, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\InsecureContentBlockedForUrls, Preference Key Name: InsecureContentBlockedForUrls, GP name: Allow intranet zone file URL links from Microsoft Edge to open in Windows File Explorer, GP name: Allow JavaScript on specific sites, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\JavaScriptAllowedForUrls, Preference Key Name: JavaScriptAllowedForUrls, GP name: Block JavaScript on specific sites, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\JavaScriptBlockedForUrls, Preference Key Name: JavaScriptBlockedForUrls, GP unique name: JavaScriptJitAllowedForSites, GP name: Allow JavaScript to use JIT on these sites, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\JavaScriptJitAllowedForSites, Preference Key Name: JavaScriptJitAllowedForSites, GP unique name: JavaScriptJitBlockedForSites, GP name: Block JavaScript from using JIT on these sites, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\JavaScriptJitBlockedForSites, Preference Key Name: JavaScriptJitBlockedForSites, GP unique name: LegacySameSiteCookieBehaviorEnabled, GP name: Enable default legacy SameSite cookie behavior setting (obsolete), Value Name: LegacySameSiteCookieBehaviorEnabled, Preference Key Name: LegacySameSiteCookieBehaviorEnabled, GP unique name: LegacySameSiteCookieBehaviorEnabledForDomainList, GP name: Revert to legacy SameSite behavior for cookies on specified sites, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\LegacySameSiteCookieBehaviorEnabledForDomainList, Preference Key Name: LegacySameSiteCookieBehaviorEnabledForDomainList, GP unique name: NotificationsAllowedForUrls, GP name: Allow notifications on specific sites, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\NotificationsAllowedForUrls, Preference Key Name: NotificationsAllowedForUrls, GP unique name: NotificationsBlockedForUrls, GP name: Block notifications on specific sites, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\NotificationsBlockedForUrls, Preference Key Name: NotificationsBlockedForUrls, GP name: Allow the Adobe Flash plug-in on specific sites (obsolete), Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\PluginsAllowedForUrls, Preference Key Name: PluginsAllowedForUrls, GP name: Block the Adobe Flash plug-in on specific sites (obsolete), Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\PluginsBlockedForUrls, Preference Key Name: PluginsBlockedForUrls, GP name: Allow pop-up windows on specific sites, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\PopupsAllowedForUrls, Preference Key Name: PopupsAllowedForUrls, GP name: Block pop-up windows on specific sites, Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\PopupsBlockedForUrls, Preference Key Name: PopupsBlockedForUrls, Set the protocol property to the scheme (for example, "mailto"). For example, the --disable-gpu-sandbox flag generates this warning: You're using an unsupported command-line flag: --disable-gpu-sandbox. If you disable this policy, linked accounts will be turned off and no extra information will be shown. Each item in the devices field must have a vendor_id and may have a product_id field. If this is the desired behavior, use the ManagedSearchEngines policy. Enables efficiency mode which helps extend battery life by saving computer resources. WebSQL is on by default as of Microsoft Edge version 101, but can be disabled via a Microsoft Edge flag. browser settings for the User-Agent string major version. If you don't turn on Sync, there is a risk of permanent browsing data loss. This policy does not affect the proxy configuration of Microsoft Edge outside of Application Guard (on the host). disabled. I don't find such a registry or policy to control Sign in automatically. Alternatively, you can press ALT+F keys together to show Edge Menu and then press S key to open Settings page. The local IP address is concealed with an mDNS hostname. If you don't configure this policy, DefaultAutomaticDownloadsSetting applies for all sites, if it's set. Note: For Windows instances not joined to a Microsoft Active Directory domain and macOS instances not managed via MDM or joined to a domain via MCX, forced installation is limited to apps and extensions listed in the Microsoft Edge Add-ons website. If you enable this policy, the Downloads button is pinned to the toolbar. If you disable this policy or don't configure it, only the regular local profiles are used. Lets screen reader users get descriptions of unlabeled images on the web. The current set of Microsoft Edge Policies are here: https://docs.microsoft.com/en-us/deployedge/microsoft-edge-policies, [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge]. Note that pattern matches are case sensitive. If you enable this policy, SafeSearch in Google Search is always active. Leaving the policy unset means DefaultClipboardSetting applies for all sites if it's set. If you've also set the EnableMediaRouter policy to false, then this policy is ignored, and the toolbar icon isn't shown. Margins specifies if the page margin should be kept sticky or not in print preview settings. Hi YuZhou and thank you for the reply. If you don't set this policy, the global default value will be used. This should increase printing speed for some PostScript printers. What were the poems other than those by Donne in the Melford Hall manuscript? However a user can override this setting. Enabled (2) = Enable code integrity guard enforcement in the browser process. Specifies whether the AutoLaunch Protocols component should be enabled. I am getting the same Edge start page as AlexandrosTrommelen-7746, WebChange "Open Microsoft Edge With" option to "A specific page or pages". It is currently supported but will become obsolete in a future release. By default, this timeout is 7,200 seconds (2 hours). Allow users to open files using the ClickOnce protocol. If you don't set this policy, that means DefaultWebHidGuardSetting applies, if it's set. If you disable or don't configure this policy, users can't select the "Save page as" option in "More tools". If you disable this policy, users can't access the Outlook menu. If you enable or don't configure this policy, users can receive related matches in Find on Page on all sites. ProxyDisabled (direct) = Never use a proxy, ProxyAutoDetect (auto_detect) = Auto detect proxy settings, ProxyPacScript (pac_script) = Use a .pac proxy script, ProxyFixedServers (fixed_servers) = Use fixed proxy servers, ProxyUseSystem (system) = Use system proxy settings. If you disable or don't configure this policy, Microsoft Edge will not always wait for Internet Explorer mode tabs to fully unload before ending the browser session. Controls whether WebRTC will respect the Windows OS routing table rules when making peer to peer connections, thus enabling split tunnel VPNs. InternetExplorerIntegrationLevel is set to 'IEMode' Controls the duration (in seconds) that keepalive requests are allowed to prevent the browser from completing its shutdown. Microsoft Edge: where to manually set registry settings for policy testing? When a user re-opens a saved page, it will be loaded in the default browser. Instead, the file will be saved to the file system. Any language that you specify that isn't recognized is ignored. Disable this policy to stop users from adding, removing, or modifying favorites. If the policy is set and a user changes the default browser from Microsoft Edge the next time they open Microsoft Edge, they will be prompted to set it as the default. Note that https://localhost/ is specifically blocked as an exception of allowed intranet zone host, while loopback addresses (127.0.0. If you disable or don't configure this policy, the default link for the Help menu or the F1 key is used. If you disable this policy, features won't be able to download assets needed for them to run correctly. Set this policy to 'AlwaysActive' and efficiency mode will always be active. If you selected any other mode for configuring proxy policies, don't enable or configure this policy. Asking for help, clarification, or responding to other answers. If you choose the 'pac_script' value as 'ProxyMode', the 'ProxyPacUrl' field is used. These tables lists all of the update-related group policies available in this release of Microsoft Edge. If you set the timeout in this policy to a value greater than the default of 2 seconds, an information bar is shown to the user after 2 seconds. OBSOLETE: This policy is obsolete and doesn't work after Microsoft Edge 96. Separate multiple server names with commas. Set to 'Strict' to enforce Strict Restricted Mode on YouTube. encounter issues with version strings that include three digits in the WebGP path (Mandatory): Administrative Templates/Microsoft Edge/Content settings; GP path (Recommended): N/A; GP ADMX file name: MSEdge.admx; Windows Registry If you disable this policy or don't configure it, browsing history is saved. Disable this policy to not send the data to Microsoft. If you enable this policy, all browsing data is deleted each time Microsoft Edge closes. The policy creates a list of favorites. Open Microsoft Edge. If you disable this policy, users can't see internal results in the Microsoft Edge address bar suggestion list. and one of either the This setting allows file URL links to intranet zone files from intranet zone HTTPS websites to open Windows File Explorer for that file or directory. DefaultDownloadSecurity (0) = No special restrictions, BlockDangerousDownloads (1) = Block malicious downloads and dangerous file types, BlockPotentiallyDangerousDownloads (2) = Block potentially dangerous or unwanted downloads and dangerous file types, BlockAllDownloads (3) = Block all downloads, BlockMaliciousDownloads (4) = Block malicious downloads. If the address bar default search engine is not Bing, users are offered an additional choice (use "Address bar") when searching on new tabs. Users can't override this policy. If you set this policy to 'ShareDisallowed', users won't be able to access the Share experience. This policy lets you manage whether users can use the Math Solver tool in Microsoft Edge or not. This experience includes richer rendering, improved performance, strong security for PDF handling, and greater accessibility. AllowImages (1) = Allow all sites to show all images, BlockImages (2) = Don't allow any site to show images. If you disable or don't configure this policy, Microsoft Edge will not default to setting the Print as image option in the Print Preview when printing a PDF. Controls if Microsoft Edge makes the Print as image option the default when printing PDFs. You can allow images on all sites ('AllowImages') or block them on all sites ('BlockImages'). Starting in Microsoft Edge 100, setting this policy as a recommended policy will also allow users to manually add new search engines from their Microsoft Edge settings. This policy lets you specify allowed origins for legacy applications that can't deploy TLS or set up a staging server for internal web development so that developers can test out features requiring secure contexts without having to deploy TLS on the staging server. Disables saving browser history and prevents users from changing this setting. If this policy is left not set, search suggestions are enabled but the user can change that. This policy controls the visibility of the 'Open link in new Internet Explorer mode tab' option on the context menu for file:// links. Integrated authentication is only enabled when Microsoft Edge receives an authentication challenge from a proxy or from a server in this list.