The Enterprise (MSI) version of Google Chrome includes a comprehensive Group Policy template, allowing many settings to be centrally controlled. One of these settings is “Managed Bookmarks,” which allows the administrator to push out a fixed set of bookmarks to all users.
As shown here, there are three methods to create managed bookmarks:
- JSON strings in the GPO editor
- JSON strings in the registry editor
- Expanded JSON in the registry
Reviewing those options, I initially looked to method #3, as dealing directly with the registry seemed the easiest of the methods. I tested the registry entries that needed to be made, confirmed everything was OK, and proceeded to configure Group Policy to import the registry keys. And it didn’t work. To be specific, the registry keys would not import.
After spending way too much time troubleshooting, I found the problem: Chrome’s Managed Bookmarks are stored at “HKCU\Software\Policies\Google\Chrome\ManagedBookmarks” – this is in the current user’s registry hive so it should be writable. Except it isn’t. If you check permissions on “HCKU\Software\Policies”, you’ll find the current user only has READ permissions to this particular branch of the registry. You need administrator privileges to write to the “Policies” key.
The obvious question is why? The “Policies” key contains group policy settings, as set by administrative templates. If a standard user could change settings in this key, it would give them the ability to override group policy.
The difficulty this creates for the way Chrome handles Managed Bookmarks is that neither of the registry options are viable for non-admin users. I suppose they could be useful if you wanted to preload bookmarks in your default profile, but otherwise there’s no viable way to use the registry to control the bookmarks. You’re left with the first option, directly entering JSON into the Group Policy editor.
I wrote a utility that will take a folder of url shortcuts (like how IE handles favorites) and create the appropriate JSON code. It’s too rough to share here but if anyone has interest in it, please post below and perhaps I’ll clean it up.
Stumbled onto your blog today, and man! Its nice to know that i’m not the only one suffering from a bunch of these same issues.. I have been using a JSON conversion site – to recreate all of the items manually and I would love to get my hands on a little utility to make that easier for me.
I am also a little curious if you made any progress on your trip down rabbit hole with the old Internet Explorer PINNED item on the Windows 10 Start Menu… I have three freshly imaged workstations deployed – all with the same .xml menu – they work beautifully except one of them – for reasons that are beyond me is missing the internet explorer shortcut..
Anyways nice blog and I’m glad I stumbled onto it – Trials of a network admin is fitting. “Tears of a network admin” would also be appropriate.
Jeff
LikeLike
Thanks for the comment and compliment. I agree about the “tears” part, sadly.
Regarding Chrome and the utility – I just reviewed the code and the reality is it’s rather specific to my circumstances, as I’m not just generating the JSON file but also a HTML file we need in a specific format for another purpose. That said, if you would like the source code (C# in Visual Studio), I’m happy to provide it. If you’re just looking for the JSON file you should not need to change too much as most of the challenge is getting the formatting correct, and I’ve already done that. Let me know.
As for IE and the Win 10 start menu, I would suggest checking that the IE shortcut itself exists in %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\ and that you’re using that shortcut in the XML file. Other than that I’d start looking at what differences may exist in the user’s and all users’ start menu folders; if the XML works on some machines and not others I think your problem lies with the shortcuts themselves.
James
LikeLike
James, thanks for following up. I must have missed the reply notification. Apologies for being late to the party..
As for my situation, I have come to grips with just updating the simple JSON string then feeding that to the GPO when I need to make a change. Thanks for your offer, but I don’t think it’s necessary. I was just re-visiting / updating them today actually which prompted me to stop by. I also eventually figured out my I.E. shortcut issue, and a whole bunch of other issues that were driving my OCD crazy. Only thing left for me is figuring out if I can assign some .ico favicons to my shortcuts, but its not really that big of a deal I suppose..
For any of the other guys looking to speed this up, check this site out – it makes it really easy to nest the folders: http://jsonformatter.org/
1) Paste your text
2) Select the nice little “Format / Beautify” button
3) On the opposite side, click the little “Code” button to reveal a dropdown menu
4) Select “Tree”
5) Click on the icons to the left of your menu, one lets you drag and drop the menu items, the other lets you sort, insert, duplicate, or remove items.
For I.E. – turns out I needed the files in the following locations:
%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
I also found that the location of the LayoutModification.xml file mattered in my case..placing it here:
C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\LayoutModification.xml
ensured that when new profiles were created, they all had lovely working start menus. We slipped this into our Win-10 .WIM file which meant that all of the new user profiles were created without issues.
LikeLike
Glad you were able to work this out. It’s certainly not as easy as things were with IE.
You may want to look at my post about the Win 10 start menu, as I struggled with this quite a lot and found out a few things in the process.
https://jprudente.wordpress.com/2015/12/09/customizing-the-windows-10-start-menu-for-enterprises/
LikeLike
I found an example of creating a couple bookmarks in Chrome at the top level (beneath “managed booksmarks”) and then creating a child group beneath that (in the example “chrome links” , with a couple of bookmarks in that folder (found here https://www.chromium.org/administrators/complex-policies-on-windows).
Great – I can get one child folder that contains a couple bookmarks in it, but I was hoping I could extend this further, creating child multiple folders under the top level (such as one for each department with bookmarks unique to that department in each folder).
I haven’t been able to resolve the proper JSON syntax to make this happen. At one point, I was able to create a folder within a folder, but I’d like all the folders to be at the same level with unique bookmarks in each folder.
Based on your experiences, I’m wondering if you have any knowledge/expertise you could share?
LikeLike
Robert, see if this helps:
[ { “name”: “Office 365 Portal”, “url”: “https://login.microsoftonline.com/” }, { “name”: “Sub Folder 1”, “children”: [ { “name”: “Bing”, “url”: “https://www.bing.com/” } ] }, { “name”: “Sub Folder 2”, “children”: [ { “name”: “Google”, “url”: “https://google.com/” } ] } ]
Run that through a JSON formatter to see what it looks like with whitespace. https://jsonformatter.curiousconcept.com/
I haven’t tested that with Chrome but I believe it’s the correct format for it to work.
LikeLike
Hi there-
We’re making the move from IE to Chrome and quickly realized what a pain the butt deploying bookmarks is. I stumbled on this post after a bunch of searching in hopes of finding a solution to help with this. Any chance you’d be willing to share the tool you’ve created to generate the JSON needed? Any chance it handles subfolder / “children”? We store our IE favorites across a number of sub-folders, some 2-3 levels deep, and that’s been the most challenging part in maintaining this code.
Thanks!
LikeLike
Tim, I just went through the code to refresh my memory. It will handle one (and only one) level of sub-folders. Handling nested folders would require some degree of recursion which I didn’t need and thus wasn’t inclined to put the effort into coding. There’s also a lot of extraneous code that generates an HTML page of links as well (which we use for something else), although you could just ignore the HTML files that are output.
Do you still want the code? If so, let me know and I’ll zip it and get it uploaded.
LikeLike
Hi there, could I get that little tool also? please.
LikeLike
Christopher, it’s not really a finished tool per se. I can send the C# code if you like but you would need to do some editing and be able to compile it with Visual Studio. Let me know if you still want it.
LikeLike
To whoever finds this. I took some time to make a utility that turns the Chrome Managed Bookmarks GPO JSON code into a tree view for editing. Then it can re-serialize it back into the, annoying in my opinion, JSON format that Chrome Managed Bookmarks uses.
You can find the msi installer for this tool here: https://github.com/somethingTacos/ChromeManagedBookmarksEditor
Hope this helps someone. 🙂
LikeLike
Sounds like a great tool John, thanks for posting!
LikeLike
At first I distributed all bookmarks through group policy preferences, but the list including all apps in the Start Menu got way too long.
This tool is awesome. Created a list of bookmarks for every department and added it to their Chrome policy. Looks great. Thank you very much!
LikeLike
Remarkable! Its genuinely amazing piece of writing, I have got much clear idea about from this
article.
LikeLike