In this blog post I will start be how easy it is to deploy Edge on macOS that are managed with Intune

In my case I have used Xcode on a mac to change the example file from the Edge policy download. Xcode can be downloaded directly from Mac App Store.
Be aware that when it is stated in the Edge docs that you should use data type Integer, then you need to use Number in Xcode

Here is the example file from Edge policy in Xcode

edge plist.png

Note: when you are using a tool like Xcode to change or create the plist file you don’t need to be concerned about have the plist file in the correct format

After you changed the settings to match the security baseline then you need to save it again. There is no official security baseline for Edge on macOS, I have used the same settings that are set in the security baseline on Windows. You can also download the Security Baseline for Edge on macOS from my Github

edge security baseline xcode.png

When you are deploying a Plist from Intune – yhe file should only have key value pairs, and shouldn’t be wrapped in <dict><plist>, or <xml> tags.
If you are trying to deploy the plist with the tags – Intune will not apply the plist on the mac and it will show as Not applicable in Intune status.

Plist

 


Create the macOS Edge App in Intune:

Start Microsoft Endpoint Manager admin center

  1. Click on Apps
  2. Click macOS

Edge App MAC - 01

  1. Click on Add

Edge App MAC - 02

  1. Select macOS (preview)

Edge App MAC - 03

Click Next

Edge App MAC - 04

  1. Select Channel : Stable

Edge App MAC - 05

If you need to have scope tags add it here or just click next

Edge App MAC - 06

Add your assignment – in my case I assigned it to all devices

Edge App MAC - 07

Now you can do a sync in the company portal on your macOS and Edge will be installed

 


Create the macOS security baseline in Intune:

Start Microsoft Endpoint Manager admin center

  1. Click on Devices
  2. Click macOS

Edge Mac policy - 01

  1. Click Configuration profiles
  2. Click Create profile

Edge Mac policy - 02

  1. Enter a name : Edge Security Baseline Mac
  2. Select Platform : macOS
  3. Select Profile type : Preference file
  4. Click Settings
  5. Enter Custom configuration profile name : Edge Security Baseline Mac 79
  6. Click and upload your com.microsoft.Edge

Plist intune

Assign the profile to a user or device group where you want to test the security baseline

 


End user experience:

The end user can see what policies that the IT admin has been configuring and deploying to their devices by entering edge://policy in the Edge browser

Edge policy Apply mac 01.png

 


Read more:

Security baseline (FINAL) for Chromium-based Microsoft Edge, version 79
Microsoft Edge is the browser for business
Microsoft Edge – Policies
Add a property list file to macOS devices using Microsoft Intune