IT Path For Extension Deployment Via Chrome on Windows

Last updated:

This article covers the installation process of the Pendo Launcher on a Windows Active Directory Network.


This article assumes you’ve installed the administrative templates for Google Chrome in Active Directory. If you’re unsure how to do this, see Google’s article: Set Chrome Browser policies on managed PCs.

Installation process for domain admins

1. Identify the Google Chrome extension ID of the version of the Pendo Launcher you’re using.

2. Use Active Directory Group Policy Object (GPO) to deploy the Pendo extension.

3. Create a registry key for your extension API key.

4. Set Visitor ID using a PowerShell Logon Script.

5. Verify that policies are correctly configured in Chrome.

Identify the Google Chrome extension ID

In this article, we refer to the Google Chrome extension ID as the extension ID.  

The extension ID for the Pendo Launcher is the same for all customers: epnhoepnmfjdbjjfanpjklemanhkjgil. The extension ID can also be found in the Chrome Web store listing of the Pendo Launcher:

The extension ID will remain the same through major and minor version updates, but there might be other versions of the Pendo Launcher deployed to the Chrome Extension Store intended for use by other organizations.

Use Group Policy to deploy the Pendo extension in Active Directory environments

Deploy the Pendo extension through Active Directory Group Policy Management.

1. Open the run.exe application:

Right-click the Windows icon in the bottom-left corner of the screen, and select Run from the menu.




2. Open the Group Policy Management console.

Enter “GPMC.msc” into the Open field and select OK.




3. Create a new Group Policy Object (GPO). 

Right-click Group Policy Object from the left-side navigation and select New from the menu.




4. Give the new GPO a meaningful name so that you can find it again later, such as "PendoAdoptInstall".

5. Right-click the new empty policy and select Edit.




6. Open the list of force-installed apps and extensions.

Navigate to Policies > Administrative Templates Policy Definitions (ADMX files) retrieved from the central store > Google > Google Chrome > Extensions

Then, open the setting: Configure the list of force-installed apps and extensions.




7. Enable the policy.

Select Show… under Extension/App IDs and update URLs to be silently installed. Then, enter the extension ID, concatenated with a semicolon, and the URL to update the extension. The URL is typically, unless you’re explicitly given a different URL.

8. Select OK and then Apply.

You now have a policy that will force install the Pendo extension to all machines in your domain.



Create a registry key for your extension API key

Create a registry key to automatically apply your API key to the registry of all machines in your network.

First, find your Pendo extension API key in your Pendo Subscription under Settings > Subscription Settings > Extension Apps.




Then, in the GPO created as part of the instructions under Use Group Policy to deploy the Pendo extension on Active Directory environments, above:

1.  Navigate to Computer Configuration > Preferences > Windows Settings > Registry.

2. Select New > Registry Item from the menu.




3.  In the New Registry Policies window:

    • Set the Hive to HKEY_LOCAL_MACHINE.
    • Set the Key Path to: SOFTWARE\Policies\Google\Chrome\3rdparty\extensions\epnhoepnmfjdbjjfanpjklemanhkjgil\policy.
    • Set the Value name to APIKey.
    • Set the Value data to your Pendo extension (subscription) API key.



Set the Visitor ID using PowerShell

Set the user’s Visitor ID and metadata using a PowerShell Logon Script.

1. Create a new PowerShell script named “PendoUserInstall.ps1” with the following contents.


$visitorId = $env:username + ""
$visitorJson= "{ `"id`": `"$($visitorId)`" }"
if(!(Test-Path "C:\temp")) {
New-Item "C:\" -Name "temp" -ItemType "directory" -ErrorAction SilentlyContinue
New-Item "C:\temp\PendoMetadata.txt"
Set-Content -Path "C:\temp\PendoMetadata.txt" -Value $visitorJson


2. Save the PowerShell script to the NETLOGON folder in your domain’s shared Network folder with the following Permissions for Authentication Users: Read and Read & Execute.




3. Create another PowerShell script named “PendoAdminInstall.ps1” with the following contents, and also save it to the NETLOGON folder in your domain’s shared Network folder, with the same Read and Read & Execute permissions.

This script adds a registry value based on the file that the user account created. We don’t have access to that data when executing as Administrator.


# Wait for metadata file
while (!(Test-Path"C:\temp\PendoMetadata.txt")) { Start-Sleep10 }

# Add metadata to registry
$visitorJson = Get-Content -Path "C:\temp\PendoMetadata.txt"
$registryPath = "HKLM:\Software\Policies\Google\Chrome\3rdparty\extensions\epnhoepnmfjdbjjfanpjklemanhkjgil\policy"
New-ItemProperty -Path $registryPath -Name "visitor" -Value $visitorJson -Type ExpandString

# Cleanup
Remove-Item -Path "C:\temp\PendoMetadata.txt"
Remove-Item -Path "C:\temp"


4. Navigate back to the GPO that you created. 

5. Go to User Configuration > Policies > Windows Settings > Scripts (Logon/Logoff) and select Logon.




6. Add a new script named “powershell.exe” with the parameters of -nonInteractive -executionPolicy Bypass -file \\YOURSHARE\NETLOGON\PendoUserInstall.ps1”.

7. Select OK and then Apply.

8. Close the Logon Properties window.




9. Add and run the admin script. 

Since this script is run by the system administrator, it's run on startup. To do this, go to Computer Configuration > Policies > Windows Settings > Scripts (Startup/Shutdown) and select Startup.

10. Repeat steps 4 to 9 for "PendoAdminInstall.ps1".



Add the new GPO to your Network

Apply the newly created policy to your network.

1. Navigate back to the Group Policy Management console.

2. Right-click on your domain.

3. Select Link an Existing GPO…




4. In the dialog box that opens, find and select the GPO that you’ve been modifying under Group Policy objects, and then select OK.

Your GPO will populate over your domain within the next 10 minutes. Alternatively, you can force a policy update on your network.



Verify that the Policies are correctly configured

Log in to a machine with your policy applied and run the following command in PowerShell:
gpresult /r.

 This command returns something similar to the following:




In the example, above, the policy is named PendoAdoptInstall, and the install was a success. 

You can also check that the extension was forcibly applied in the Chrome Browser through the Extensions icon or URL chrome://extensions for a user's computer.

Verify that the Pendo extension is collecting data

The color of the Pendo Launcher icon in the Browser header indicates whether the extension is actively collecting data.

If the Pendo Launcher icon is pink, it’s active and collecting data. If the Pendo Launcher icon is grey, it’s inactive and isn’t collecting data.




To verify that the metadata is being correctly injected into the agent, right-click the Pendo Launcher extension icon and select Show Debug Info.




If the Pendo Launcher is collecting information properly, it includes a message that states: "The Pendo Launcher is collecting data on this page." This means that your Pendo Launcher is configured to collect information on the current Web page.




If the Pendo Launcher isn’t collecting information on the page, the message states: “The Pendo Launcher is NOT collecting information on this page.”




To validate that the IDs and metadata are correctly configured:

1. Confirm that the visitorString is globally unique and correctly identifies the current user of the computer.

2. Select Show Configuration Info to expand the settings configured within the extension.

3. Select Re-fetch extension settings to ensure the extension has the latest settings.

4. Review the IT-Managed Config section to ensure that the data aligns with the expected deployment configuration.



Frequently Asked Questions

Why do universally unique IDs matter?

These IDs identify each Visitor and Account. If any of Visitor and Account IDs are duplicated, multiple users’ data can be aggregated under a single ID.

Why does metadata matter?

Metadata allows you to create powerful Segments that yield rich insights and personalize Guides. You can segment Visitors based on any metadata that is passed to Pendo. 

How often is the extension updated?

Chrome and Edge automatically check for extension updates. For example, Chrome checks every 12 hours. Chrome and Edge can also be configured to automatically update extensions when a newer version is available.

Pendo updates and maintains the Pendo Browser extension, including regular agent updates and feature enhancements. Updates to the extension are submitted to the corresponding Browser owners (such as the Chrome Web Store) where they go through a security audit before being published. 

For more information, see Visitor and Account Metadata.