Prevent Unauthorized Profile Creation in Microsoft Edge Using Intune Policies
In today’s work environment, it's really important to keep browser use under control to protect company data and stay compliant. There's a way to use Microsoft Intune to make sure employees can only sign in to Microsoft Edge with their corporate account—and block them from adding personal or extra profiles. This helps prevent data leaks by keeping personal identities out of the corporate setup, and it strengthens overall security.
Step 1: Sign in to Microsoft Intune Admin Center
https://intune.microsoft.combbgngnn
Steps 2 : Click Device then go to configuration
Steps 3 : Device configuration pane policy check box create policy
steps 4 :
create profile → Platform Windows 10 and later Profile type Setting catalog then Click create
Steps 4 : Name your profile
Steps 5 In Configuration settings, click + Add settings
Step 6 :
Search for: Edge then click Microsoft Edge
expand and find → Microsoft Edge and find enable profile creation from the identity flyout menu or the settings page 
Step 7 :
then click Microsoft Edge and find enable profile creation from the identity flyout menu or the settings page
after that the setting auto added left side 
Steps 8 : To Disable Profile Creation:Enable profile creation from the Identity flyout menu or the Settings page = Disabled then click next
Step 1: Sign in to Microsoft Intune Admin Center
https://intune.microsoft.combbgngnn
Steps 2 : Click Device then go to configuration
Steps 3 : Device configuration pane policy check box create policy
steps 4 :
create profile → Platform Windows 10 and later
Steps 4 : Name your profile
Steps 5 In Configuration settings, click + Add settings
Step 6 :
Search for: Edge then click Microsoft Edge
expand and find → Microsoft Edge and find enable profile creation from the identity flyout menu or the settings page
Search for: Edge then click Microsoft Edge
expand and find → Microsoft Edge and find enable profile creation from the identity flyout menu or the settings page
Step 7 :
then click Microsoft Edge and find enable profile creation from the identity flyout menu or the settings page
after that the setting auto added left side
then click Microsoft Edge and find enable profile creation from the identity flyout menu or the settings page
after that the setting auto added left side
Steps 8 : To Disable Profile Creation:
Step 9: scope tags without change then next
Step 10 :After creating your policy, the next step is to assign it to the necessary group. This is what specifies who receives the policy assign department, all user group or all devices in your organization requirement .
Step 11: Review & Create
Review the configuration summary
Click Create
Review the configuration summary
Click Create
After creating the policy, we can see device configuration. Then, the user can see that the Edge disabled profile policy 
Microsoft Edge users will only be allowed to access their work accounts after you've configured the Intune policy to block personal profiles. Personal accounts will not be accessible. Only organizational profiles are therefore allowed. To get an idea of reference, look at the screenshots below.
Policy Validation:To confirm the policy has been applied successfully, you can verify the following registry setting on the target machine:
Registry Path:Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Edge
Setting:BrowserProfileEnabled = 0 
After creating the policy, we can see device configuration. Then, the user can see that the Edge disabled profile policy
Policy Validation:
To confirm the policy has been applied successfully, you can verify the following registry setting on the target machine:
Registry Path:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Edge
Setting:
BrowserProfileEnabled = 0
Tags:
INTUNE
Insightful article 💡
ReplyDelete