In cloud app security we’ve noticed that not all devices that use Chrome report their compliance state, even though they are enrolled into Intune and are compliant.
For Chrome to report its compliance state on Windows, the following extension needs to be installed.
https://chrome.google.com/webstore/detail/windows-10-accounts/ppnbnpeolgkicgegkbkbjmhlideopiji?hl=en
However as the devices are enrolled into Intune it is possible to install the extension remotely (and push other chrome configuration) via the use of OMA-URI.
We are also pushing the following two extensions:
- Windows Defender: https://chrome.google.com/webstore/detail/windows-defender-browser/bkbeeeffjjeopflfhgeknacdieedcoml
- My Apps: https://chrome.google.com/webstore/detail/my-apps-secure-sign-in-ex/ggjhpefgjjfobnfoldnjipclpcfbgbhl
The steps on pushing remote configuration is well documented by Google here: Manage Chrome browser with Microsoft’s Intune Import Administrative templates - Chrome Enterprise and Education Help
Common configuration (including extensions) is available here: Common Chrome Browser policies for Microsoft Intune - Google Sheets
If you run into issues the following article describes the troubleshooting steps: Troubleshooting ADMX Ingestion – Modern Workplace Management