Step 1
Paste Your API Token
Generate a token in the Admin Console under API Tokens, then paste it here. All scripts update automatically.
● Waiting for token
Step 2 — Choose Browser
Step 3 — Choose Deployment Method
Registry File
Double-click to apply
PowerShell
Run as Administrator
Intune
Silent MDM deployment
Group Policy
Active Directory
📄 Windows Registry File
Configures Microsoft Edge managed storage
Windows Registry Editor Version 5.00 ; Microsoft Edge [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\3rdparty\extensions\libdegmefidclooimlkcfmoibfjbmmkf\policy] "api_token"="PASTE_YOUR_TOKEN_ABOVE" "api_url"="https://api.domainguard.co" ; Google Chrome [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\3rdparty\extensions\glkalfinoghechlhemghdbamejegecem\policy] "api_token"="PASTE_YOUR_TOKEN_ABOVE" "api_url"="https://api.domainguard.co"
⚡ PowerShell Script
Run as Administrator on each machine
# DomainGuard Deployment Script # Run as Administrator $EdgeExtId = "libdegmefidclooimlkcfmoibfjbmmkf" $ChromeExtId = "glkalfinoghechlhemghdbamejegecem" $ApiToken = "PASTE_YOUR_TOKEN_ABOVE" $ApiUrl = "https://api.domainguard.co" # Edge $EdgePath = "HKLM:\SOFTWARE\Policies\Microsoft\Edge\3rdparty\extensions\$EdgeExtId\policy" New-Item -Path $EdgePath -Force | Out-Null Set-ItemProperty -Path $EdgePath -Name "api_token" -Value $ApiToken Set-ItemProperty -Path $EdgePath -Name "api_url" -Value $ApiUrl # Chrome $ChromePath = "HKLM:\SOFTWARE\Policies\Google\Chrome\3rdparty\extensions\$ChromeExtId\policy" New-Item -Path $ChromePath -Force | Out-Null Set-ItemProperty -Path $ChromePath -Name "api_token" -Value $ApiToken Set-ItemProperty -Path $ChromePath -Name "api_url" -Value $ApiUrl Write-Host "DomainGuard configured for Edge and Chrome!" -ForegroundColor Green Write-Host "Restart browsers to apply." -ForegroundColor Yellow
☁️ Microsoft Intune
1
Force install the extension
Intune → Devices → Configuration → Settings catalog → Microsoft Edge → Extensions → Configure the list of force-installed extensions
libdegmefidclooimlkcfmoibfjbmmkf;https://edge.microsoft.com/extensionwebstorebase/v1/crx
2
Configure managed storage
Navigate to Configure extension management settings and paste this JSON:
{
"libdegmefidclooimlkcfmoibfjbmmkf": {
"installation_mode": "force_installed",
"update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",
"managed_configuration": {
"api_token": "PASTE_YOUR_TOKEN_ABOVE",
"api_url": "https://api.domainguard.co"
}
}
}
For Chrome — use the same settings catalog under Google Chrome:
{
"glkalfinoghechlhemghdbamejegecem": {
"installation_mode": "force_installed",
"update_url": "https://clients2.google.com/service/update2/crx",
"managed_configuration": {
"api_token": "PASTE_YOUR_TOKEN_ABOVE",
"api_url": "https://api.domainguard.co"
}
}
}
3
Assign and deploy
Assign the policy to your device group and save. Extension installs silently on next Intune sync (1–8 hours).
🌀 For Google Chrome via Intune
In Intune, navigate to Google Chrome → Extensions → Configure the list of force-installed extensions and add:
glkalfinoghechlhemghdbamejegecem;https://clients2.google.com/service/update2/crx
Then in Configure extension management settings add:
{
"glkalfinoghechlhemghdbamejegecem": {
"installation_mode": "force_installed",
"update_url": "https://clients2.google.com/service/update2/crx",
"managed_configuration": {
"api_token": "PASTE_YOUR_TOKEN_ABOVE",
"api_url": "https://api.domainguard.co"
}
}
}
🏢 Group Policy (GPO) Deployment
For on-premise Active Directory environments. Deploys the extension silently to all machines in a target OU.
⚠ Prerequisite: Browser ADMX policy templates must be installed on your domain controller.
Edge ADMX ↗
·
Chrome ADMX ↗
1
Open Group Policy Management
On your Domain Controller, open Group Policy Management (gpmc.msc). Right-click your target OU and select Create a GPO in this domain, and link it here. Name it DomainGuard — Browser Extension.
2
Force install — Edge
Right-click the GPO → Edit. Navigate to:
Computer Configuration → Policies → Administrative Templates
└─ Microsoft Edge → Extensions
└─ Configure the list of force-installed extensions
└─ Microsoft Edge → Extensions
└─ Configure the list of force-installed extensions
Add this value:
libdegmefidclooimlkcfmoibfjbmmkf;https://edge.microsoft.com/extensionwebstorebase/v1/crx
2b
Force install — Chrome
Navigate to:
Computer Configuration → Policies → Administrative Templates
└─ Google Chrome → Extensions
└─ Configure the list of force-installed extensions
└─ Google Chrome → Extensions
└─ Configure the list of force-installed extensions
Add this value:
glkalfinoghechlhemghdbamejegecem;https://clients2.google.com/service/update2/crx
3
Configure managed storage (API token)
In the same Extensions folder, find Configure extension management settings. Double-click → Enabled → paste this JSON:
{
"libdegmefidclooimlkcfmoibfjbmmkf": {
"installation_mode": "force_installed",
"update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",
"managed_configuration": {
"api_token": "PASTE_YOUR_TOKEN_ABOVE",
"api_url": "https://api.domainguard.co"
}
},
"glkalfinoghechlhemghdbamejegecem": {
"installation_mode": "force_installed",
"update_url": "https://clients2.google.com/service/update2/crx",
"managed_configuration": {
"api_token": "PASTE_YOUR_TOKEN_ABOVE",
"api_url": "https://api.domainguard.co"
}
}
}
4
Apply and verify
Close the editor and run on target machines:
gpupdate /force
Then fully restart the browser. The extension appears in the toolbar automatically.
⚡ Alternative — Create GPO via PowerShell
Run this on your Domain Controller (requires RSAT Group Policy tools):
# DomainGuard - Create GPO via PowerShell # Run on Domain Controller as Administrator $GpoName = "DomainGuard - Browser Extension" $TargetOU = "OU=Computers,DC=yourdomain,DC=com" # UPDATE THIS $EdgeExtId = "libdegmefidclooimlkcfmoibfjbmmkf" $ChromeExtId = "glkalfinoghechlhemghdbamejegecem" $ApiToken = "PASTE_YOUR_TOKEN_ABOVE" $ApiUrl = "https://api.domainguard.co" Import-Module GroupPolicy $Gpo = New-GPO -Name $GpoName -Comment "Forces DomainGuard extension on Edge and Chrome" Write-Host "Created GPO: $GpoName" -ForegroundColor Green # Force install - Edge Set-GPRegistryValue -Name $GpoName ` -Key "HKLM\SOFTWARE\Policies\Microsoft\Edge\ExtensionInstallForcelist" ` -ValueName "1" -Type String ` -Value "$EdgeExtId;https://edge.microsoft.com/extensionwebstorebase/v1/crx" # Force install - Chrome Set-GPRegistryValue -Name $GpoName ` -Key "HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist" ` -ValueName "1" -Type String ` -Value "$ChromeExtId;https://clients2.google.com/service/update2/crx" # Managed storage - Edge Set-GPRegistryValue -Name $GpoName ` -Key "HKLM\SOFTWARE\Policies\Microsoft\Edge\3rdparty\extensions\$EdgeExtId\policy" ` -ValueName "api_token" -Type String -Value $ApiToken Set-GPRegistryValue -Name $GpoName ` -Key "HKLM\SOFTWARE\Policies\Microsoft\Edge\3rdparty\extensions\$EdgeExtId\policy" ` -ValueName "api_url" -Type String -Value $ApiUrl # Managed storage - Chrome Set-GPRegistryValue -Name $GpoName ` -Key "HKLM\SOFTWARE\Policies\Google\Chrome\3rdparty\extensions\$ChromeExtId\policy" ` -ValueName "api_token" -Type String -Value $ApiToken Set-GPRegistryValue -Name $GpoName ` -Key "HKLM\SOFTWARE\Policies\Google\Chrome\3rdparty\extensions\$ChromeExtId\policy" ` -ValueName "api_url" -Type String -Value $ApiUrl # Link GPO to OU New-GPLink -Name $GpoName -Target $TargetOU -Enforced Yes Write-Host "GPO linked to: $TargetOU" -ForegroundColor Green Write-Host "Done! Run gpupdate /force on target machines." -ForegroundColor Yellow
⚠ Update
$TargetOU to your Active Directory OU path before running.Extension IDs
💬 Need help with deployment? Email support@domainguard.co and we'll walk you through it.