How to disable IE11 using Intune
If you have been following the messages in the message center in Microsoft 365 Admin portal, then you must have seen the recent message MC316144 for the retirement of IE set for June 15, 2022.
So what does this really mean? If you are still using IE11 in your organization, then all access attempts made by the end users to the browser will get redirected to Microsoft Edge because IE11 desktop application will no longer be supported. Note: Windows 10 LTSC and Server not affected.
As the first step, I will suggest to check the Browser usage report dashboard in Microsoft 365 Admin Portal. This can be accessed by navigating to Reports>Usage.
In my case, I didn't want to wait until June 2022 for IE11 browser to stop working and so decided to disable IE11 altogether and have access requests redirected to Microsoft Edge. Here how you can do it using Intune.
1. Sign-in to the Microsoft Endpoint Manager Admin Center
2. Browse to Devices – Windows – Configuration Profiles
3. Click Create Profile
4. Select Platform as Windows 10 and later
5. Select Profile as Templates>Custom
6. Provide a Name and hit next.
7. Click on Add and provide the following values -
Name - DisableInternetExplorerApp
OMA-URI - ./Device/Vendor/MSFT/Policy/Config/InternetExplorer/DisableInternetExplorerApp
Data Type - String
Value - <enabled/><data id="NotifyDisableIEOptions" value="1"/>
Other possible values that can be used -
0 - Never if you don’t want to notify users that IE11 is disabled.
1 - Always if you want to notify users every time they're redirected from IE11.
2 - Once per user if you want to notify users only the first time they are redirected.
8. Assign to a user or device based group.
When you enable the Disable Internet Explorer 11 as a standalone browser policy, users have the following experience:
-The IE11 icon on the Start Menu will be removed, but the one on the taskbar will remain.
-When users try to launch shortcuts or file associations that use IE11, they will be redirected to open
the same file/URL in Microsoft Edge.
-When users try to launch IE11 by directly invoking the iexplore.exe binary, Microsoft Edge will launch instead. (Unless you set the value for NotifyDisableIEOptions to 1 or 2)
End User Experience & Compliance
On launching the IE11 standalone app, user will see the following message.
Values can be checked in registry, as shown below.
That's it for now. Until next time..
Comments
Post a Comment