LibKey Nomad Intune Deployment (Chrome)

Modified on Mon, 7 Jul at 11:32 AM

TABLE OF CONTENTS


Deploy Chrome Enterprise Using Intune


(Note: This will deploy the latest version of Chrome Enterprise at the time of installation but will update on its own or at the interval you set moving forward)


Part 1: Download the Google Chrome Enterprise Browser


Part 2: Log in to your Microsoft Intune Admin Center @ intune.microsoft.com


  1. On the left side of the screen, click on "Apps"
  2. Click on "All Apps"
  3. Click on "Add" to add a new app
  4. Select the App Type: "Line-of-business app" under the "Other" category
  5. Confirm your selection
  6. Click "Select app package file"
  7. Click on "Select a file"
  8. Go to where you downloaded the Chrome installer and double-click on it
  9. Confirm your selection
  10. Make sure the Name, Description, and Publisher are filled out; for Publisher you can just put: Google
  11. Leave all of the remaining default settings alone
  12. If you want, you can set a logo for the app - This is recommended and can be downloaded from Google Images
  13. Click to continue to the next step
  14. Choose "Add Group" under the required groups
  15. Search for the group(s) to whom this will be deployed
  16. Confirm your selection
  17. Click to continue to the next step
  18. Review the Intune settings (groups, etc) and make any changes if needed for your organization
  19. Create the app


The app will now go through the creation process and will upload the installer package to your Microsoft Intune Admin Center so that it can be deployed to machines.


Configure LibKey Nomad for Deployment

Part 1: Log in to your Microsoft Intune Admin Center @ intune.microsoft.com

  1. On the left side of the screen click on "Devices"
  2. Under "Manage Devices" click on "Configuration"
  3. Create a new policy
  4. Click on "New Policy"
  5. Under "Select Platform" click on "Windows 10 and later"
  6. Under "Profile Type" click on "Settings Catalog"
  7. Confirm your selection
  8. Under "Name" type: LibKey Nomad Policy Setting
  9. Under "Description" type: LibKey Nomad Extension Setting - Configure the list of force-installed apps and extensions
  10. Click to continue to the next step
  11. Click on "Add settings"
  12. In the "Settings picker" scroll down and click on the drop down arrow next to "Google"
  13. Click on "Google Chrome". (Note: DO NOT click on "Google Chrome - Default Settings")
  14. Scroll down in the Settings Sub-Categories that are now visible and check the box next to "Configure list of force-installed Web Apps" (Note: DO NOT click on "Configure the list of force-installed Web Apps (User)")
  15. Move your attention to the newly populated section on the left of the window
  16. Click on the toggle to enable the new setting that you've added
  17. In the blank box copy and paste the following: lkoeejijapdihgbegpljiehpnlkadljb;https://clients2.google.com/service/update2/crx
  18. Click to continue to the next step

  19. Click to continue to the next step
  20. Under "Included Groups" click "Add Groups"
  21. Search for the group(s) to whom this will be deployed
  22. Confirm your selection
  23. Click to continue to the next step
  24. Review the Intune settings (groups, etc) and make any changes if needed for your organization
  25. Create the policy



Create LibKey Nomad Intune Remediation

Part 1: Create & Edit the Powershell scripts to apply to your organization

  1. Open a new Powershell window and copy/paste the following script: (Note: You can use something like Powershell ISE or Visual Studio Code to create Powershell files)
<#
.DESCRIPTION
    Below Powershell script will Check the existence of
    Nomad registry Key.
    Author: Kris Carlson
    Site: thirdiron.com
    Version: 1.0.0
#>

<# NO EDITS NEEDED IN THIS SCRIPT #>

$regPath = "HKLM:\Software\Policies\Google\Chrome\3rdparty\extensions\lkoeejijapdihgbegpljiehpnlkadljb\policy"
$value = Test-Path $regPath
if($value){
        Write-host "Reg Key already Exists. No Action Required"
        Exit 0
}
Else{
        Write-host "Reg Key does not exist"
        Exit 1    
}

2. Save the script as "Detect_reg_key.ps1"

3. Open a new Powershell window and copy/paste the following script:

<#
.DESCRIPTION
    Below Powershell script will Check the existence of
    Nomad registry Key. If it does not exist, It will create it and
    Also creates one registry entry under this key which is String Value.
    Author: Kris Carlson
    Site: thirdiron.com
    Version: 1.0.0
#>
$regPath = "HKLM:\Software\Policies\Google\Chrome\3rdparty\extensions\lkoeejijapdihgbegpljiehpnlkadljb\policy"
$value = Test-Path $regPath

<# ONLY EDIT THE FOLLOWING TWO VARIABLES #>
$libraryId = "INSERT-LIBRARY-ID-HERE"
$buttonPlacement = "bottomLeft"
<# bottomLeft and bottomRight are the only buttonPlacement options available #>

<# DO NOT EDIT BELOW THIS LINE #>

$value
if(!$value){
     if($libraryId -match "^\d+$"){
     try{
        Write-Host "Creating Reg Key"
        New-Item -Path HKLM:\Software\Policies\Google\Chrome\3rdparty\extensions\lkoeejijapdihgbegpljiehpnlkadljb -Name policy -Force | Out-Null
        New-ItemProperty -Path $regPath -Name 'libraryId' -Value $libraryId -PropertyType String | Out-Null
        #Next line lets you optionally set the Nomad Button Placement
        New-ItemProperty -Path $regPath -Name 'buttonPlacement' -Value $buttonPlacement -PropertyType String | Out-Null
        Exit 0
     }
     Catch {
            Write-Host "Error Creating Reg Key"
            Write-error $_
            Exit 1
      }
      }
      else{Write-Host "Invalid Libary ID Entered"}
}
Else{
        Write-host "Reg Key already Exists. No Action Required"
        Exit 0
    
}

4. Change the value for $libraryId from "INSERT-LIBRARY-ID-HERE  to your Library ID (For Example: 1234) - (Note: This should be a numerical value only)

How to locate your Third Iron Library ID - more details

5. You may optionally change the value of $buttonPlacement from the default of "bottomLeft" to "bottomRight" if you would like to change the position of the LibKey Nomad Button whenever it appears on screen - (Note: This value is case sensitive) 

6. Save the script as "Remediate_reg_key.ps1"


Part 2: Log in to your Microsoft Intune Admin Center @ intune.microsoft.com

  1. On the left side of the screen click on "Devices"
  2. Under "Manage Devices" click on "Scripts and Remediations"
  3. Click to create a remediation
  4. Under "Name" type: LibKey Nomad Registry Settings
  5. Under "Description" type: LibKey Nomad Registry Settings - Configure the Library ID and Button Placement
  6. Click to continue to the next step
  7. For "Detection Script File" click on Select a file" 
  8. Locate the "Detect_reg_key.ps1" file that you created and double-click on it
  9. For "Remediation Script File" click on "Select a file"
  10. Locate the "Remediate_reg_key.ps1" file that you created and double-click on it
  11. Click to continue to the next step
  12. Click to continue to the next step
  13. Under "Included Groups" click "Select groups to include"
  14. Search for the group(s) to whom this will be deployed
  15. Click to confirm the selection
  16. Click to continue to the next step
  17. Review the Intune settings (groups, etc) and make any changes if needed for your organization 
  18. Create the remediation


Deploy Intune Changes

At this point, you will be able to force a sync of all devices in the groups you selected for deployment or simply wait for your next sync time which is usually anywhere from once per hour to once per day depending on how you've set up your Intune Device Check-In Settings.