If you think you have or know you have a Security Incident please fill in the form and our experienced Onevinn CSIRT team will reach out shortly.
The team has long experience in supporting customers in Incident Response and Compromised Recovery.
Keep calm and we will be with you shortly!
MS Edge v85 roaming profile + UE-V
One of the new features in MS Edge v85 is support for roaming profile settings to a local file, profile.pb. This is great news for many organizations that cannot synchronize the user settings to Azure AD account due to for example laws, compliance or lack of Azure AD Premium. More information about the new feature in Edge version 85 can be found here: https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-on-premises-sync
The new setting enables the creation of the “Profile.pb file” Note that Edge and Edge Beta saves the file in different locations per default which makes sense. The default location can be changed as well using a Group Policy as well if we want to point it to another folder. For MS Edge Beta the default folder is shown below.
To enable roaming using the local file we need to enable two Group Policies. “Configure automatic sign in with an Active Directory domain account when there is no Azure AD domain account” as shown below. NOTE: as the name indicates it will not work if the user exists in AzureAD in a Hybrid setup.
And then then we enable the creation of the profile.pb file by using the “Enable using roaming copies for Microsoft Edge profile data” as shown below.
If we look in MS Edge settings on the client we can see that the setting is applied.
I have posted the UE-V xml template for MS Edge beta as Edge Stable v.85 is not released when I write this post on Github here: https://github.com/Ccmexec/Other/tree/master/UE-V%20sample%20files Because the Edge Beta and Edge Stable saves the files in different locations I have created one for Beta and will post the one for Stable when it is released. The content of the file is really simple as shown below.