Solved

Can you block users from logging into their GMail Accounts in Chrome?

Posted on 2013-01-21
22
467 Views
Last Modified: 2014-11-12
We're looking at installing Google Chrome to our RDS Servers as some website developers only support Chrome.  During my investigation I've found the instructions to allow me to install it for all users on a device.  But I'm left wondering about the link to gmail accounts.

As we're in a business environment we don't want staff innocently logging in to Chrome with their personal gmail accounts, as this will then draw all of their personal browsing history & settings into their working environment.  Conversely we don't want their work browsing history going home with them!

Is there a way to block people from logging into Chrome?  We could tell them now not to use their personal gmail, but some still innocently do it (or not so innocently).
0
Comment
Question by:bosshognz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 6
  • 5
22 Comments
 
LVL 16

Expert Comment

by:choward16980
ID: 38803406
OPen chrome

go here:  (paste in your address bar of chrome)
chrome://settings/content

click manage exceptions.

block cookies from *.google.com


I think this works...  Let me know.
0
 

Author Comment

by:bosshognz
ID: 38803416
I just tried that on my own Chrome - no it doesn't work.
0
 
LVL 2

Expert Comment

by:alphaphaedrus
ID: 38803450
You can create a group policy to clear browsing history upon logoff.
I found that option to enable clearing on exit just not the option on what I want it to clear on exit (this is all in group policy).
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:bosshognz
ID: 38803462
At what point does it send history to the cloud account?  Is it when you close the browser ..... or when you send the request to go to a new page?
0
 
LVL 2

Expert Comment

by:alphaphaedrus
ID: 38803477
The history is stored locally, the only cloud materials are downloaded apps, groups, and google+
0
 

Author Comment

by:bosshognz
ID: 38803615
History is also stored in the cloud.  My google right now shows me my History from last night's browsing on my Mac at home.
0
 

Author Comment

by:bosshognz
ID: 38803618
Sorry, my google Chrome right now shows me that.
0
 
LVL 2

Expert Comment

by:alphaphaedrus
ID: 38803629
I also found this tip:
just go to  C:\Users\User Name\AppData\Local\Google\Chrome\User Data\Default\

find the file named History and make it read only
0
 

Author Comment

by:bosshognz
ID: 38803637
Going to be very hard to roll that out for all users on an RDS server.  And the issue still exists that if they sign into Chrome on the work computer, they see their Personal profile.
0
 
LVL 16

Expert Comment

by:choward16980
ID: 38812090
http://www.latesttricks.org/2011/02/disable-auto-sign-in-gmail-on-google.html

Going through all the Google groups and dev Q&A, I notice one commonality with the answer to this question.  No one knows and Google's devs are not answering.  I'm assuming this is how google chrome remains free, by invading your privacy and tracking everything about you.


I did find two interesting settings in the preferences file for the user which could be rolled out globablly:

C:\User\%username%\AppData\Local\Google\Chrome\User Data\Default\preferences.

-----------------------
   "autofill": {
      "enabled": false,
      "negative_upload_rate": 1.0,
      "positive_upload_rate": 1.0
-----------------------------

and

---------------------------------

   },
   "reverse_autologin": {
      "enabled": false

-----------------------------------

Hope those point you in the right direction
0
 

Author Comment

by:bosshognz
ID: 38812741
I had a look, but people still have the sign in options, and it still tells them they're missing out.  I don't know what it does, but I was able to log in.  Closed Chrome, reopened and I was still logged in. :(
0
 
LVL 2

Accepted Solution

by:
alphaphaedrus earned 250 total points
ID: 38814713
Do you have a webfilter hardware and policy in place?
0
 

Author Comment

by:bosshognz
ID: 38824768
Web filter hardware no, but we have software based yes.  And there is a policy whereby staff acknowledge they are not to use non-work related sites during work time.... but if you log into chrome outside of work hours, you're then logged in until you disconnect your account.

For the web filtering software, yes we can block staff from accessing certain websites, but how do you block them logging into google but still allow them access to google?
0
 
LVL 16

Expert Comment

by:choward16980
ID: 38827460
I figured it out!

Just poison accounts.google.com on your internal DNS servers with 127.0.0.1 or in my case, a "I TOLD YOU NOT TO LOG INTO YOUR GOOGLE ACCOUNT!!!  ACTIVITY HAS BEEN LOGGED!" web page.
0
 
LVL 16

Expert Comment

by:choward16980
ID: 38827969
My bad if you read this earlier, I posted one of my internal domains....  I've corrected in the post above.
0
 
LVL 2

Expert Comment

by:alphaphaedrus
ID: 38827981
nice! good old loopback special
0
 

Author Comment

by:bosshognz
ID: 38829120
hmmmm not such a bad idea.....I've blocked accounts.google.com and that works well if they're not already logged in.  Some will be though, and that will cause a headache as they can't sign out when its blocked!
0
 

Author Comment

by:bosshognz
ID: 38829124
I've also blocked plus.google.com - which comes up if they click on their profile in IE.
0
 
LVL 16

Assisted Solution

by:choward16980
choward16980 earned 250 total points
ID: 38829135
Isn't there a way to blow away their chrome profile via login script?
0
 

Author Comment

by:bosshognz
ID: 38882748
No idea.  Is there?
0
 

Author Closing Comment

by:bosshognz
ID: 38899812
Unfortunately I've not been able to solve this, so have decided to close the question and offer
'effort' points to the 2 contributors.  
I think the answer here is: no, there is no way to stop users from logging into Google on Chrome.  We will approach our 3rd party software vendors RE our concerns, and review again in 6 months time.
0

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The choice of selecting a perfect productive suite for one’s organization is a critical decision that an IT Manager or a CIO has to make. And when it comes to choosing a cloud-based productivity suite, the choice gets all the more difficult. This is…
#Citrix #Internet Explorer #Enterprise Mode #IE 11 #IE 8
This Micro Tutorial will demonstrate common damaging and frequent mistakes I see in most analytic audits. Most of them are campaign tagging mistakes, so this video will break it down into simple steps.
In this Experts Exchange video Micro Tutorial, I'm going to show how small business owners who use Google Apps can save money by setting up what is called a catch-all email address in their Gmail accounts. By using the catch-all feature, small busin…

687 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question