Set IE as default for Windows 10 Intune (SCCM/Hybrid) clients
One of the first questions we are generally asked with Windows 10 is “How do I make Internet Explorer my default browser instead of Edge?”
Now we could have a whole discussion around Edge vs IE, but that’s not the point of this post. 🙂
Today’s post we will outline changing the default application associations, specifically the Browser, however the same process is used for any application association you may wish to change.
Our environment is as follows:
System Center Configuration Manager Current Branch 1706 with Intune integrated.
A Surface Book running Windows 10 Enterprise that has been joined to Azure AD and enrolled in Microsoft Intune.
Let’s get started!
Create the association file:
On any reference Windows 10 device, go to Settings > Apps > Defaults. Configure Internet Explorer as the default web browser (as well as any other default apps as you see fit).
Now we need to export the default apps xml file using the following DISM command.
Dism /online /Export-DefaultAppAssociations:C:\AppAssoc.xml
Convert XML to Base64:
The contents of this file must be encoded to Base64 for the OMA URI setting value in SCCM. Don’t have an encoder? No worries, Bing has you covered.
Open the exported XML and copy the content to your clipboard.
Open Bing and search for Base64 Encoder.
Paste the clipboard content into the provided field and click Encode.
Copy the contents of the encoded results (place in OneNote or notepad doc for now).
Creating SCCM Configuration Item setting:
Create a new Configuration Item or edit an existing if you already have a Win 10 Baseline. If you create a new one, be sure to Select “Windows 8.1 and Windows 10″under Settings for devices managed without the configuration manager client.
In our example we are modify an existing CI. On the Settings tab click New.
Give it a meaningful name.
Set Setting type: OMA URI
Set Data type: String
Paste the following string into the OMA-URI field:
Click the Compliance Rules tab, then click New.
Enter a name, then Paste Base64 content into the values field.
Ensure Remediate noncompliant rules when supported is checked and click OK.
Click OK again.
Click OK again.
Create a new baseline and add the Configuration Item to it. In our example we already have a baseline so we just verify its set to the Latest Configuration data.
Deploy the Baseline to the desired collection that contains your Windows 10 Mobile device client(s). As with anything, this should be tested against a test computer before deploying to production to ensure you get the desired results.
Give it a several minutes to upload the policy to the Intune service.
Verifying the results:
To test quickly from the device that is Intune enrolled in your Hybrid configuration and a member of the collection you deployed the baseline to, you can force a sync by going to Settings > Accounts > Access Work or school.
Click the Connected entry then click Info.
Click Sync and wait for it to complete.
You should see new options appear under the Areas Managed By..
For the setting to take effect, you must logoff the computer, then log back in.
Check your Default apps again. You should now see Internet Explorer set as the default browser.
So although it takes a few steps to get there, as you can see it’s fairly easy to accomplish. Your legacy Web sites will now thank you!
Stay tuned for more tips on configuring and managing Hybrid Intune joined Windows 10 devices. My next post will cover how to remove the annoying default browser check in Edge, now that you set IE as the default.