Configuring Google Chrome Using Group Policy

Whether you are deploying computers in a public environment or a corporate environment, Google Chrome has a range of built in policies that you as a system administrator can configure, there are two methods of configuring policies for Chrome.

  1. Applying registry policies via a .reg file or other means.
  2. Using the Google Chrome ADMX policy templates and deploying the policies through Group Policy
The policies for Google Chrome are all registry based regardless of the method you choose, if deploying in a domain environment then group policy is likely more practical.

Google have different versions of Google Chrome you may not be aware of, I find that using the enterprise version of Chrome works well in deployments, you can find it at the following link.

Google Chrome Enterprise

Google Chrome ADMX Policies

Group policy ADMX templates for Google Chrome can be found below if you are planning to apply policies via group policy, the documentation on the use of these ADMX templates can be found on the Chromium website. 

Google Chrome ADMX Templates:

Google Chrome ADMX Documentation:

Google Chrome Registry Policies

Google Chrome policies can be applied in the registry under HKEY_LOCAL_MACHINE or HKEY_CURRENT_USER in the following paths, full policy paths provided below:

Google Chrome: Software\Policies\Google\Chrome\

Chromium: Software\Policies\Chromium\

These policies are simple to create and apply by creating a simple .reg file, the following lists the 20 most common Google Chrome policies, how to apply them, including a final code sample.

20 Most Common Google Chrome Policies


The Force Ephemeral profiles policy ensures that any user data is cleared from Google Chrome between user sessions, this is an extremely useful policy for public used machines. ForceEphemeralProfiles can be applied with RegEdit with the following configuration.



Alternative configuration:

Value 0 - Ephemeral Profiles Disabled


This policy ensures that as users browse websites in Google Chrome that no browsing history is saved in Chrome.



Alternative configuration:

Value 0 - Saving browser history enabled


This policy prevents Google Chrome from syncing any data, can be used to disable syncing data to Google accounts that would otherwise sync your settings and preferences.



Alternative configuration:

Value 0 - Sync enabled


This policy can be used to disable the Google Chrome password manager so as users login to websites Chrome won't ask users if they would like to save their password in Chrome.



Alternative configuration:

Value 1 - Password manager enabled


This policy allows you to stop users from signing into Chrome with a Google account.



Alternative configuration:

Value 1 - Sign in allowed


This policy prevents access to the Chrome Webstore, preventing users from installing apps and extensions.



Alternative configuration:

Value 0 - Show web store icon


This policy works in addition to the previous policy, removing the Apps button from the bookmarks bar, and further preventing access to the Web store.



Alternative configuration:

Value 1 - Show apps shortcut in bookmarks bar


This policy keeps cookies only for the duration of the users session, when a user closes the browser all cookies are cleared.



Alternative configuration:

Value 0 - Allow all sites to set local data

Value 1 - Do not allow any site to set local data


This policy will disable the use of autofill in online forms and disable saving autofill data such as names, addresses .etc



Alternative configuration:

Value 1 - Enables autofill


This policy disables the use of autofill saving credit/debit card details for use in online purchases.



Alternative configuration:

Value 1 - Enables autofill credit card


This policy prevents users from adding additional user accounts or profiles to the Google Chrome browser.



Alternative configuration:

Value 1 - Enables adding users


Disables the guest mode built into Google Chrome.



Alternative configuration:

Value 1 - Enables guest mode


Disables Google Cloud print functionality in Google Chrome and stops users from signing in and adding Cloud Print printers.



Alternative configuration:

Value 1 - Enable Google Cloud Print


Stops Google Chrome from checking if Chrome is the default browser on startup and prevents users from changing the default browser settings.



Alternative configuration:

Value 1 - Allow Google Chrome to check if it is the default browser


Prevents users from adding or editing bookmarks in Google Chrome.



Alternative configuration:

Value 1 - Allow users to add or edit bookmarks


Stops Google Chrome from acting as a proxy between Google Cloud Print and Legacy printers connected to the computer.



Alternative configuration:

Value 1 - Allow Google Chrome to act as a Cloud Print proxy


This policy is configured as a key, if you create the key and leave it empty, all extension file types will be disabled so users can't sideload extensions.



This policy enables you to block particular webpages in Google Chrome, this also extend to blocking chrome settings pages and it primarily what it is used for. Blocking "chrome://settings/" for example will block users from accessing the settings page in Google Chrome.



For a full list of supported policies in Google Chrome, refer to the documentation at

Common Google Chrome RegEdit policies

For your convenience the following is the complete config for all of these common Google Chrome policies which you can customise for your needs, it's a perfect template you can use on public use machines.

Icons made by Freepik from

Was this helpful?

Yes No