Jump to content

Password Reset Portal - Windows Credential Provider and Microsoft Edge


Recommended Posts

Internet Explorer 11 is end of life on June 15, 2022. Our site has already migrated user base to Edge and redirect via GPO IE requests to Edge whilst enabling IE11 mode for backwards capability. Most product works in this configuration. However, when using the ClickStudios "Windows Credential Provider"; and with group policy configured to redirect IE to Edge we receive the prompt 'This action is restricted. For more information, please contact your system administrator'. 

 

I understand with testing so far, Edge will not launch from the login screen, whereas Chrome does and various tickets have been raised with development environments, as to why Edge will not launch. 

This is a request to support Microsoft Edge when using the Windows Credential Provider.

Thanks 🙂
Richard


 

Link to comment
Share on other sites

Hello Richard,

 

Yes, you are correct with your feedback above - it does not look like Microsofr Edge supports launching from the Windows Login screen. We've been testing this, and we can launch just about anything here i.e. Chrome, Notepad, etc, but Edge will simply not launch.

We've still have no had any responses to our developer support tickets either.

As soon as Microsoft support this, then we can support it in our Credential Provider as well.

Regards

Click Studios

Link to comment
Share on other sites

  • 3 months later...

Have there been any updates on a solution for this? We were testing adding the Reset Portal functionality, but will likely need to disable access to IE 11 in our environment, and I see now that with IE 11 disabled via Group Policy the credential provider link does not work.

Link to comment
Share on other sites

Hello,

 

We will check again whether Microsoft support this yet in Edge - they did not back in March.

If they still do not support it, are you able to use Chrome instead - we could release a new build of the Credential Provider if you're able to do this.

Regards

Click Studios

Link to comment
Share on other sites

  • 3 weeks later...

Hi, I was wondering if there had been any movement on this now that IE is officially end of support. I don't know about others, but my org could use Chrome, so if there is a way to use Chrome that might be an option. However, Edge would be more ideal since it is the official Microsoft option and is part of Windows.

 

IE is showing up in our vulnerability scans now so we would like to disable it but have also just started testing the Reset Portal in our environment and this throws a huge wrench into the works.

 

Link to comment
Share on other sites

Hello Damcoole,

 

We did some more testing last week, and unfortunately Edge is still not supported for this sort of thing. But in the next release, we will be releasing a Chrome version - this release should be due in about 2 weeks time.

Regards

Click Studios

Link to comment
Share on other sites

Thanks for the response. Will be looking forward to this update. I assume the functionality will be the same? Full kiosk mode and the user has no option of using the window for anything else?
In the meantime we will continue testing with the current version.

Link to comment
Share on other sites

  • 1 month later...

Jello Damcoole,

 

Unfortunately, Edge does still not support launching from the Login screen on Windows. Once Microsoft support this, then we will update our Windows Credential Provider to use it.

 

With our testing with Chrome, unfortunately the Kiosk mode in Chrome is not sufficient in preventing the user from opening new tabs in chrome, and browsing to whatever web site they wish. For security reasons, this is not ideal when no user is authenticated on the PC.

So when either Edge or Chrome support a proper Kiosk mode, launched from the Windows login screen, then we will support them in our Windows Credential provider.

Regards

Click Studios

Link to comment
Share on other sites

Ah, that's very sad news. Does this mean for the time being you will not be pursuing any further options, and instead be waiting for Google or Microsoft to add features at some point in the future? In our environment, having the Windows Credential provider is the only option that makes the Reset Portal viable for us. If you are waiting for them to add more lockdown features to their kiosk modes, have you been in contact with them to make this happen?

 

Thanks,
Damien Cooley

Link to comment
Share on other sites

Hi Damien,

 

Yes, we logged a technical support call with Microsoft about 12 months ago regarding Edge, and they will not respond. Have you considered using your Mobile Phones for access to the Portal - a lot of our customers do this?

 

And yes, until the browser vendors provide a better solution for this, we will need to wait. We've even seen a new market for Kiosk keyboards, which have certain keys removed, preventing users from launching new tabs. This is obviously a market that has popped up, due to the features lacking in Kiosk mode in modern browsers.

Regards

Click Studios

Link to comment
Share on other sites

Unfortunately all of our systems are in an environment where mobile is not an option, the systems reside on a closed network and cannot have access to the internet, it is totally isolated, so we need something that can be independent of standard methods that rely on internet access.

 

I realize most of your customers have access to always on internet access for their systems, but if you could keep companies like us with totally isolated disconnected networks in mind when working on features, I would greatly appreciate it.


Thanks!

Link to comment
Share on other sites

Hi Damien,

 

You don't need internet access, you just need Wifi access to your local network - but fully understand you may not be able to offer that to your users as well.

 

We always consider customers with disconnected networks like yourself, as we have many defence customers. But as you can appreciate in this instance, it is the browser vendors at fault here.

Regards

Click Studios

Link to comment
Share on other sites

Ah, gotcha. But yes, we are unable to use Wifi as well. Definitely hoping it gets sorted somehow, as the Reset Portal is a beautiful thing when paired with Windows Credential Provider. It saddens me that we just discovered this capability just as IE reached end of support. Anyway, thanks and I will keep my fingers crossed on a future fix for this.

Link to comment
Share on other sites

  • 1 year later...

It's vital for the Windows Credential Provider to be compatible with the new go-to browser—Microsoft Edge—especially as more enterprises transition away from IE11. Good on you for doing the testing and discovering this gap. Given that this thread is a year old, it would be beneficial to get an update on the status of this feature request.


On a related note, if anyone is experiencing compatibility issues and is considering upgrading their Windows version to resolve them, there are affordable Windows 10 product keys available on Reddit, particularly in the subreddit windows 10 product key reddit. Upgrading might offer a smoother experience with newer browsers and credential providers.

Link to comment
Share on other sites

×
×
  • Create New...