In cloud app security we’ve noticed that not all devices that use Chrome report their compliance state, even though they are enrolled into Intune and are compliant.
For Chrome to report its compliance state on Windows, the following extension needs to be installed.
However as the devices are enrolled into Intune it is possible to install the extension remotely (and push other chrome configuration) via the use of OMA-URI.
We are also pushing the following two extensions:
- Windows Defender: https://chrome.google.com/webstore/detail/windows-defender-browser/bkbeeeffjjeopflfhgeknacdieedcoml
- My Apps: https://chrome.google.com/webstore/detail/my-apps-secure-sign-in-ex/ggjhpefgjjfobnfoldnjipclpcfbgbhl
The steps on pushing remote configuration is well documented by Google here: https://support.google.com/chrome/a/answer/9102677?hl=en
Common configuration (including extensions) is available here: https://docs.google.com/spreadsheets/d/1d62txalah9kyEoJPK5hDS2Lo6cwHX7oPVQrm8ROfNHg/edit#gid=0
If you run into issues the following article describes the troubleshooting steps: http://carlbarrett.uk/admx-ingestion-and-troubleshooting