Microsoft released a new Edge Browser based on the Google Engine Chromium a few weeks ago. This will be installed over an existing installation, but can also be installed on server systems that did not have an Edge Browser before. It is interesting that this Edge can be installed without problems on older systems like Server 2012 R2 or Windows 8.1. Nice is that the new Edge-Browser can be virtualized easily with App-V. We have been using an App-V variant of the application since the release and have had no problems with it so far.
Note: The document Virtualizing Edge with App-V is especially thanks to Thorsten @endi24. Thanks for the support! Furthermore I thank @bsplittg for testing the package.
The package works on current and on all older Microsoft operating systems when created with a classic (not ADK) sequencer (App-V 5.1). The Edge App-V package can work parallel to an existing Edge. An App-V Edge browser has its own settings, if you like. For example, your own homepage or another search engine. All this is only valid for Windows systems. Because the new Edge-Browser is also available for MacOS!
You can find this browser as an online installation under:
https://www.microsoft.com/en-us/edge
Or in Germany under:
https://www.microsoft.com/de-de/edge
Furthermore an insider version can be found under:
https://www.microsoftedgeinsider.com/de-de/download/
For us, however, the offline version of the new Edge is most interesting. You can find it here:
https://www.microsoft.com/en-us/edge/business/download
At the time of this blog, version 81 (Current) is the current "stable" version that we want to use for the App-V package. As a prerequisite for packaging with App-V we recommend offline version of the application. There is currently no MSIX version available for download. Microsoft itself does not seem to rely on the new technology, although Office 365 will be distributed soon. We get a classic MSI package "MicrosoftEdgeEnterpriseX64.msi" for installation. Edge installs itself completely to:
"c:\Program Files x86\Microsoft\Edge"
"c:\Program Files x86\Microsoft\Edge Update"
By default, Microsoft stores user data for Edge under %localappdata%\Microsoft\Edge\User Data This is bad because this is not a roaming path. FSLogix users are off the hook here. For App-V we can include the path in the package. The folder can be changed via a start parameter and redirected to
%AppData% (if needed).
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --user-data-dir=%AppData%\EdgeBusiness.
This will be considered in the sequencing phase. Nevertheless, it is problematic to have these files in the App-V package. If the PackageID changes, App-V will look for files elsewhere and the user will lose his configuration. It is best to exclude AppData and configure the Edge via Group Policy! We leave it here in the package anyway.
A 64 bit version of Edge will still be installed after c:\Programm Files (x86)! A DCOM subsystem is found which cannot be virtualized. Mostly they are not needed in the applications.
{1FCBE96C-1697-43AF-9140-2897C7C69767} (LocalService)
When we search for the component, we see that it is the Edge Elevation Service.
In Chrome, the Elevation_Service is a standalone executable that is installed by the Chrome browser on the user's computer. You can find it at "C:\Program Files (x86)\Microsoft\Edge\Application\81.0.416.53\elevation_service.exe". This service is used in Chrome to install components and updates that require higher rights. We do not want both in an App-V package. On the contrary - we disable or delete these services.
On a server or desktop where Citrix VDA is installed, starting one of the Edge will result in a white window. This does not happen with the App-V package. If you want to know more about this you can find a blog here:
There may also be a problem with the Edge Sandbox. Here it can happen that audio (microphone) is not properly supported. This can be disabled using the Edge Group Policies. So far I have heard several statements about this. The problem does not seem to exist generally or is version dependent.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge AudioSandboxEnabled = 0
Or the call (link) with :
-disable-features=AudioServiceSandbox
We will move the user data from Edge to the roaming part later. Here Microsoft seems to have adopted Crome's bad concept of saving everything to AppDataLocal. FSLogix has no problem here and this part may be ignored.
There is a nice article about profile management here. Among others Citrix Profilemanager and VMWare DEM are discussed. Note that the App-V recipe below redirects everything to %Appdata%. Therefore the paths change. So we rather have to exclude paths. Especially for FSLogix the cache path
Exclusion if saved after AppDataLocal:
Appdata\Local\Microsoft\Edge\User Data\Default\Cache
Exclusion for FSLogix and Microsoft Roaming Profiles when saving to AppData:
Appdata\Roaming\Microsoft\Edge\Default\Cache
Optional:
Appdata\<ROAMING>Microsoft\Edge\User Data\Default\JumpListIconsMostVisited
Appdata\<ROAMING>\ Microsoft\Edge\User Data\Default\JumpListIconsRecentClosed
AppData\<ROAMING>\Microsoft\Edge\User Data\Default\Media Cache
Services are deactivated:
Recommended settings can be found under Edge://settings/Profiles.
Add more languages if required.Add more languages if required.
Edge://settings/languages
New languages (here German & English):
Background settingsBackground settings
Edge://settings/System
Edge starts background services after the browser is closed and communicates continuously (as does Chrome). This is undesirable behavior for me. Especially for an App-V package. With terminal servers the configuration has an additional negative effect. Background activities are better deactivated here.
If you want the package to work on older systems you have to use an App-V 5.1 sequencer. For current environments I recommend the sequencer from the ADK 1807.
Especially the folder [{ProgramFilesX86}]\Microsoft\Edge\Application\81.0.416.53\Installer can be deleted. Here is a complete setup once again. Other elements are [{SystemX86}], [{Windows}]\Serviceprofiles (services) and [{AppVPackageDrive}]\Boot (why should something be changed on the BCD?).
<?xml version=“1.0“ encoding=“utf-8“?> <SequencerTemplate xmlns:xsd=“http://www.w3.org/2001/XMLSchema“ xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance“> <AllowMU>false</AllowMU> <AppendPackageVersionToFilename>true</AppendPackageVersionToFilename> <AllowLocalInteractionToCom>false</AllowLocalInteractionToCom> <AllowLocalInteractionToObject>false</AllowLocalInteractionToObject> <FullVFSWriteMode>false</FullVFSWriteMode> <ExcludePreExistingSxSAndVC>false</ExcludePreExistingSxSAndVC> <FileExclusions> <string>[{CryptoKeys}]</string> <string>[{Common AppData}]\Microsoft\Crypto</string> <string>[{Common AppData}]\Microsoft\Search\Data</string> <string>[{Cookies}]</string> <string>[{History}]</string> <string>[{Cache}]</string> <string>[{Local AppData}]</string> <string>[{LocalAppDataLow}]</string> <string>[{Personal}]</string> <string>[{Profile}]\Local Settings</string> <string>[{Profile}]\NTUSER.DAT.LOG1</string> <string>[{Profile}]\NTUSER.DAT.LOG2</string> <string>[{Recent}]</string> <string>[{Windows}]\Debug</string> <string>[{Windows}]\Logs\CBS</string> <string>[{Windows}]\Temp</string> <string>[{Windows}]\WinSxS\ManifestCache</string> <string>[{Windows}]\WindowsUpdate.log</string> <string>[{AppVPackageDrive}]\$Recycle.Bin</string> <string>[{AppVPackageDrive}]\System Volume Information</string> <string>[{AppData}]\Microsoft\AppV</string> <string>[{Local AppData}]\Temp</string> <string>[{ProgramFilesX64}]\Microsoft Application Virtualization\Sequencer</string> <string>[{Profile}]</string> <string>[{AppVPackageDrive}]\Boot</string> <string>[{Windows}]\ServiceProfiles</string> <string>[{SystemX86}]</string> <string>[{Quick Launch}]</string> <string>[{User Pinned}]</string> <string>[{System}]</string> <string>[{Common AppData}]</string> <string>[{ProgramFilesX86}]\Microsoft\Edge\Application\81.0.416.53\Installer</string> <string>[{Common Programs}]</string> </FileExclusions> <RegExclusions> <string>REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography</string> <string>REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography</string> <string>REGISTRY\USER\[{AppVCurrentUserSID}]\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU</string> <string>REGISTRY\USER\[{AppVCurrentUserSID}]\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU</string> <string>REGISTRY\USER\[{AppVCurrentUserSID}]\Software\Microsoft\Windows\CurrentVersion\Explorer\Streams</string> <string>REGISTRY\USER\[{AppVCurrentUserSID}]\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Streams</string> <string>REGISTRY\MACHINE\SOFTWARE\Microsoft\AppV</string> <string>REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\AppV</string> <string>REGISTRY\USER\[{AppVCurrentUserSID}]\Software\Microsoft\AppV</string> <string>REGISTRY\USER\[{AppVCurrentUserSID}]\Software\Wow6432Node\Microsoft\AppV</string> </RegExclusions> <TargetOSes /> </SequencerTemplate>
Delete: all MSI files under C:\Windows\Installer. Attention: do not delete everything. Important exe files, DLLs and icons may be located here.
Press the checkbox "Installation is complete" and continue with
The Starting the Edge application is optional (settings become part of the package):
If you want to edit the package you can delete the msi packages under c:\Windows\Installer (only those). Otherwise the package is ready to use. Especially the exclusion element "[{ProgramFilesX86}]\Microsoft\Edge\Application\81.0.416.53\Installer" reduces the package size by about 250
MB. Attention firewall settings:
These can be set with a script if required (An example from my German blog: https://www.software-virtualisierung.de/app-v/windows-firewall-ports-automatisch-fuer-ein-app-v-paket-oeffnen.html)
Further references: https://www.askwoody.com/2020/privacy-update-brave-is-the-most-private-browser-edge-blabs-like-crazy/
Comments