End users must be logged in to Google Chrome, have sync turned on for GPO, and their Gmail account to report emails using the GPAB.
Deploying the Google Phish Alert Button (GPAB) for Chrome through Group Policy
This guide provides instructions on how to deploy the GPAB through Group Policy to Windows machines on your domain. This deployment method is useful if you are force-installing other Chrome extensions through a GPO. If you manage your users' Chrome settings through Google Suite Device Management, you can review our GSuite GPAB deployment method documentation.
When you're ready to install the GPAB for Chrome using Group Policy, follow the steps below.
Section 1: Install Google and Chrome ADMX files
- Go to https://support.google.com/chrome/a/answer/187202.
- Select "Windows and Linux".
- Download the "Zip file of Google Chrome templates and documentation".
Direct Link: https://dl.google.com/dl/edgedl/chrome/policy/policy_templates.zip
- Extract the windows folder within the policy_templates.zip file.
- Browse to windows > admx folder.
- Copy the chrome.admx file, google.admx file, and en-US folder (see image below).
- Add the files to C:\Windows\PolicyDefinitions on a local Domain Controller.
Section 2: Install KnowBe4 GPAB ADMX file
- Download the KnowBe4 GPAB ADMX policy template zip file from this link: KnowBe4 GPAB ADMX.
- Unzip the file, then copy the KB4-GPAB.admx file and en-US folder to C:\Windows\PolicyDefinitions.
Section 3: Create the GPAB Deployment GPO
- Create a new GPO, then navigate to Computer Configuration > Policies > Administrative Templates > Google > Google Chrome > Extensions.
- Select “Configure the list of force-installed apps and extensions”.
Enable the policy, click "Show", then add this value:
The above value = [GPAB Extension ID];[Standard Chrome Web Store "update" URL]. See this link for more info.
Add the below value, then click "OK".
Section 4: Specify Base URL and Phish Alert Key in GPO
- In GPO Editor, navigate to Computer Configuration > Policies > Administrative Templates > KnowBe4 > GPAB.
- Select “Config”.
- Select "Enabled".
- Enter your Phish Alert Key, which can be found in your KnowBe4 Account Settings.
- Select US or EU Server, depending on where you KnowBe4 account is located.
- EU = eu.knowbe4.com
- US = training.knowbe4.com
- Click "Apply".
Visit our User Experience section to see how the GPAB will display and function for your users after installation.