In the Chrome UI, there's an avatar displayed next to the settings dots which when pressed allows the user to perform actions related to users of Chrome. They can add a user. If they go into 'other people' settings they can remove a previously added user. And the user can chose to sign in if they want to sync things like bookmarks across devices.
There's also a guest option, which allows a guest user to have their own temporary profile; this allows someone to use Chrome without messing up the other persons history, bookmarks or cookies. This guest account can be turned off by using the BrowserGuestModeEnabled Chrome policy.
How can I prevent the user from adding additional accounts (or removing any that are in place)? I thought maybe BrowserSignin would work, but it doesn't seem to be what I want.
I found it. BrowserAddPersonEnabled
Paste this:
REG ADD HKLM\SOFTWARE\Policies\Google\Chrome /v BrowserAddPersonEnabled /t REG_DWORD /d 0
in the command prompt (run it as an administrator).
Related
The small company in which I work have 4 desktops, and we have a shared folder. And we have one important access file which keeps updating. And I to set a password to open it or to delete it. Can I do that? if so please help me.
Thanks
This is really a file permissions issue, not an Access issue.
First, right-click on the file and choose Properties. You should be presented with a dialog box with several tabs. One of the tabs will be named Security.
If you do not see a Security tab, you may have to disable simple file sharing. You can read my previous post on how to turn off simple file sharing in order to set permissions on individual files and folders.
Next, click the Advanced button at the bottom of the security tab.
Now uncheck the “Inherit from parent the permission entries that apply to child objects” box.
A new dialog will pop up asking if you want to copy or remove the parent permissions. Go ahead and choose Copy, as this will allow us to work with the current permissions and modify them to our liking. In newer versions of Windows 7, the option has changed to Add.
Now in the Permission Entries list box, you should remove any user or group that you do not want to have access to the file. If you want users to be able to read the file, modify the file, but simply not delete the file, click the user and click on Edit.
On the dialog box that pops up, you can now control each individual permission for that file or folder. This includes Traverse Folder, Create Files, Delete, Read Permissions, Change Permissions, etc.
Note that you can uncheck certain items from the Allow column and it will prevent the user from reading or modifying the file. However, even if you uncheck the Delete permission, the user will still be able to delete the file.
The only way to prevent file deletion is to not give read permissions and explicitly deny Delete permission. That means you can simply uncheck read permissions in the Allow column and check the Deny box for Delete. Unfortunately, once you give read permissions to a file, the user will be able to delete it.
I used to be able to disable windows integrated authentication by updating the settings in IE. Recently this no longer works. Has something changed in recent versions of chrome? Is there a new way to turn this off?
Chrome version 46.0.2490.71
I used to use this setting in IE
Internet Options -> Advanced -> uncheck 'Enable Windows Integrated Authentication'
I got this response from an internal admin and it seems to work.
I think the best we came up with was to create a shortcut to
chrome.exe on your desktop and modify the target of the shortcut to be
something like:
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --auth-server-whitelist="_"
Edit: Corrected the path for misplaced backslashes. Note also the (x86), just in case.
Expanding on Daniel Trimble's answer, which worked for me:
I would like to help more people find this useful answer by adding a little more context. What is Integrated Windows Authentication, and why would you want to disable it?
Basically, Integrated Windows Authentication allows a browser such as Chrome to access credentials that are stored on your computer (for example, the password you use to log into your office computer) and use those same credentials to log you into a website (for example, a password-protected portion of your company's website). This occurs behind the scenes, without a visible password prompt.
The problem is that you may not want to be automatically logged into a particular website.
Example: I like to use Chrome as a test browser to see the "public" view of my company's website. Generally I log into our site in Firefox or IE, make changes there, and then view the site in Chrome to make sure my changes were "published" as intended.
Suddenly, one day, I could no longer stay signed out of my company's website in Chrome. Whenever I navigated to a password-protected page, instead of giving me a login prompt, Chrome would automatically sign me in to Microsoft SharePoint (my company's content-management system) and show me the "logged in" version of that page.
If something similar is happening to you, there are other, more obvious things you should try first. Start by clearing your saved passwords (Chrome menu button > Settings > Show advanced settings > Passwords and forms > Manage passwords).
Clearing my saved passwords didn't work for me, so I tried other things: cleared the cache, removed all cookies, reset Chrome's settings, uninstalled and reinstalled Chrome. I even visited a password-protected page in an Incognito window, but Chrome still signed me in automatically.
Finally I found this Stack Overflow page, which solved the problem. (Thank you, Daniel Trimble!) Integrated Windows Authentication was the culprit. IWA used to be turned off by default in Chrome; you had to enable it via a checkbox in your Internet Options (shared with IE). At some point in the recent past, Google apparently decided to enable IWA by default. The unfortunate part is that they did not provide an option under Chrome's Settings panel to disable it. At least there's this workaround!
How to disable Integrated Windows Authentication (IWA) for Chrome via Windows' Control Panel:
(This applies to both Internet Explorer and Chrome since Chrome uses system settings that are managed using Internet Explorer.)
Press Windows' Start button, type "Internet Options" to search, and click the one result, from the control panel
Go to the "Security" tab
Select "Local Intranet" and click on "Custom Level" button
Scroll to the "User Authentication" section at the bottom of the list and select "Prompt for user name and password"
Click Ok, Apply, and Ok to save changes
Close all instances of the IE browser to make the changes effective. Launch the browser again and access the application. A basic authentication challenge will be served.
Source: https://sso.cisco.com/autho/msgs/disable_IWA.htm
I found out we had a windows policy that set the following registry key:
HKEY_CURRENT_USER\Software\Policies\Google\Chrome\AuthServerWhitelist
Deleting this key made Chrome prompt for a username and password for me.
More information about the registry keys.
Great and all the above answers work perfect.!
To add more -- I found that google chrome (version 68.0.3440.106) has the GUI option for Windows integrated authentication, just like in IE, this worked for me :)
goto chrome://settings/
Show advanced settings...
In the "Network" section, click on "Change proxy settings..."
Chrome opens the internet properties window
in the security tab
Select Local Intranet and Click on "Custom Level" button
Scroll to bottom of the window to User Authentication section, select "Prompt for user name and password"
Click Ok, Apply and Ok to save changes.
close existing session and start a new chrome session.
Lets say I have two workspaces and the fist one is active.
If I change workspace ctrl+alt+→ twice, I change to workspace 2 then 1 again.
What I want is to disable that feature. When I am on workspace two, I want it to be blocked to it when moving to the right.
I know it is possible to do it on ubuntu but I did not manage to find the option on xubuntu.
If still needed: open xfce4-settings, go to 'Window Manager Tweaks', switch to 'Workspaces' tab and disable 'Wrap workspaces depending on actual desktop layout' and 'Wrap workspaces when the first or the last workspace is reached' options.
with this method you can work with only one workspace but it will do. Add xfce workspace applet to the panel right click it and add only 1 workspace there or go into xfce4 setting , workspace and add only 1 workspace and you are done
I haven't found anything looking like a good answer to my problem, so I'll articulate my own question:
On a Terminal-/Remote Desktop Server (2012 R2), we have a problem running Chrome where there are multiple sessions for the same user. (e.g. a shared "Front Desk" AD user where 2 or 3 people at work may be logged into 4 or 5 RDP sessions with the same user account)
The first launch of Chrome works fine for whichever session opens it. None of the other sessions can use Chrome, however, at least not until the initially launched program instance is closed.
I found an explanation followed by a very unsexy suggestion in the Chromium forums (https://code.google.com/p/chromium/issues/detail?id=160676), so I'm trying to ask here instead in hope that there is a better and more intuitive solution to the problem.
Thank you!
I've solved by, for each concurrent session needed:
In chrome click on Manage people, then Add person, checking Create a desktop shortcut for this user.
Chrome will create a desktop shortcut with the Target property such as:
"C:\......\chrome.exe" --profile-directory="Profile 1"
Edit the Target property of the created desktop shortcut and add a unique folder value for the --user-data parameter:
"C:\......\chrome.exe" --profile-directory="Profile 1" --user-data-dir="C:\temp\user1"
I don't see your log or any other trace clue.
One of my guess chrome's user data directory was locked by the chrome opened.
You might try open the chrome from cmd with this command:
chrome.exe --user-data-dir="C:\temp\user1"
It is starting chrome with a new user data directory.
Workaround details for this issue are here:
https://code.google.com/p/chromium/issues/detail?id=160676
You may want to uncheck the option that lets Chrome run in the background even if "closed"
Click on the Chrome menu (or press Alt+E) Select Settings Click on the link titled ‘Show advanced settings‘ Under the section headed ‘System‘ untick the box next to “Continue running background apps when Google Chrome is closed”
I have several accounts for a website and currently I want to write an extension that I can open all the accounts simultaneously in chrome, each tab for one account.
So that means I want each tab with a separate cookie system, is it doable? If so please suggest the API I should use, thanks!
Go to Chrome Preferences. There is a Users section where you can add users. Each new user will have its own cookie jar, so you can log in to a site as many different users at once. It makes new chrome windows, but it seems you cannot drag a tab onto a window of another user.
According to Chrome documentation, you can modify HTTP headers (including cookies) in the onBeforeSendHeaders event handler. So, you need to store new cookies for every account by means of the onHeadersReceived event handler, and then substitute them for every tab in outgoing requests.
There even exists an extension which seems doing almost the thing you want - Chrome Cookie Switcher.
Also I have found an answer that may be helpful for your task: Associate a custom user agent to a specific Google Chrome page/tab.
I really don't think Chrome allows extensions to do this. If I recall correctly, extensions can inspect and block requests, but they can't modify them, such as changing cookies on the fly for each tab.
I suggest you use the --user-data-dir command-line option of Chrome. It allows you to keep several separate profiles, each in its own directory, and then you only need to start chrome with the proper option:
# run this command to use the first profile
google-chrome --user-data-dir=/home/binchen/my_chrome_profiles/my_profile_1
# run this command to use the second profile
google-chrome --user-data-dir=/home/binchen/my_chrome_profiles/my_profile_2
...
Each profile will be in its own Chrome window, with its own cookie store, instead of its own tab, but it's easier than writing an extension.
Lastly, if the website you're mentioning is Google, you can keep several Google accounts open at the same time.