Restrict the Primary Account in Google Chrome Browser

The first user to sign in to a device in Chrome browser is the primary user. The Google Account that a user chooses when they opt in to sync their data. The primary account syncs browsing data across devices, such as bookmarks, browsing history, passwords, and more.

IT administrators can restrict primary accounts on Chrome for Mac by specifying which Google accounts can be set as the primary accounts, with the help of the following custom payload.

1. Copy the contents directly from below and add it in Custom Settings in the Device Profile or click here to download the file and import it in the Device Profile.
   

   <?xml version="1.0" encoding="UTF-8"?>
   <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
   <plist version="1.0">
   <dict>
       <key>PayloadContent</key>
       <array>
           <dict>
               <key>PayloadDisplayName</key>
               <string>Google Chrome</string>
               <key>PayloadIdentifier</key>
               <string>com.google.Chrome.719B98A8-6219-4438-ADAF-C26C8B694FA6</string>
               <key>PayloadType</key>
               <string>com.google.Chrome</string>
               <key>PayloadUUID</key>
               <string>719B98A8-6219-4438-ADAF-C26C8B694FA6</string>
               <key>PayloadVersion</key>
               <integer>1</integer>
               <key>RestrictSigninToPattern</key>
               <string>.*@yourcompany\.com$</string>
               <key>BrowserSignin</key>
               <integer>2</integer>
           </dict>
       </array>
       <key>PayloadDisplayName</key>
       <string>custom-configuration</string>
       <key>PayloadIdentifier</key>
       <string>PAYLOAD IDENTIFIER</string>
       <key>PayloadType</key>
       <string>Configuration</string>
       <key>PayloadUUID</key>
       <string>45A58F11-B3D4-4E9E-AD90-36C3C25A838B</string>
       <key>PayloadVersion</key>
       <integer>1</integer>
   </dict>
   </plist>

2. In the payload, please change the below place holder “yourcompany” with your company's domain.
   

   <key>RestrictSigninToPattern</key>
   <string>.*@yourcompany\.com$</string>

3. Follow our guide on how to add the Custom Payload in the Device Profile & deploy it to devices.

Note:

1. The Payload and its contents are sourced from various albeit authenticated Apple Developer communities and forums.

2. Please validate them on a test machine before deploying them on all your managed devices.

3. Scalefusion has tested these Payloads, however, Scalefusion will not be responsible for any loss of data or system malfunction that may arise due to the incorrect usage of these payloads.