You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close
You are viewing the article in preview mode. It is not live at the moment.
Home > 330: Least Privilege Manager > Knowledge Base > 05: Tips and SecureRun (TM): > 07: How do I allow a Chrome extension blocked by SecureRun to be installed?
07: How do I allow a Chrome extension blocked by SecureRun to be installed?
print icon

When SecureRun is enabled, it may block some Chrome Extensions from installing. Two examples of this are Adobe Acrobat and Power Automate Desktop.

The commands that are run to install these extensions are as follows:

C:\WINDOWS\system32\cmd.exe /d /c "C:\Program Files (x86)\Power Automate Desktop\PAD.EdgeMessageHost.exe" chrome-extension://njjljiblognghfjfpcdpdbpbfcmhgafg/ --parent-window=0 < \\.\pipe\LOCAL\edge.nativeMessaging.in.8c9048e3136bfe0b > \\.\pipe\LOCAL\edge.nativeMessaging.out.8c9048e3136bfe0b

 

C:\WINDOWS\system32\cmd.exe /d /c "C:\Program Files (x86)\Adobe\Acrobat 2017\Acrobat\Browser\WCChromeExtn\WCChromeNativeMessagingHost.exe" chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.602ecca2de172262 > \\.\pipe\chrome.nativeMessaging.out.602ecca2de172262

 

To allow the extensions to be installed, create a “New Executable Policy” for each extension that is being blocked. This can be done on either the Computer or User side, depending on who is a member of the OU.

 

Create a Combo Rule

 

Select “Path”, “Command-line arguments” and “Apply to child processes”.

 

Under Path Condition, add file %SYSTEMROOT%\System32\cmd.exe.

 

Under Command-line Arguments, select “Strict equality”; check “Ignore arguments case”; under Arguments, we are going to take the first part of the installation command, after cmd.exe, and replace the last part with asterisks.

/d /c "C:\Program Files (x86)\Power Automate Desktop\PAD.EdgeMessageHost.exe" chrome-extension://*/*

/d /c "C:\Program Files (x86)\Adobe\Acrobat 2017\Acrobat\Browser\WCChromeExtn\WCChromeNativeMessagingHost.exe" chrome-extension://*/*

 

Set action as “Allow and Log”

 

Rename, set ILT if required and Finish

Feedback
0 out of 0 found this helpful

scroll to top icon