This article covers the installation process of the Pendo Launcher on a Windows Active Directory (AD) Network for the Microsoft Edge Browser.
Prerequisites
This article assumes you have already installed the administrative templates for Microsoft Edge in Active Directory. You can find Microsoft Edge’s administrative templates on their website: Download and configure Microspft Edge for Business.
For documentation on how to install the administrative templates, see How to create and manage the Central Store for Group Policy Administrative Templates in Windows. For an interactive walkthrough on deploying Edge, see Microsoft’s article: Deploy and configure Microsoft Edge.
Installation process for domain admins
1. Identify the Microsoft Edge extension ID of the version of the Pendo Launcher you're using
2. Use Active Directory (AD) Group Policy Object (GPO) to deploy the Pendo extension.
3. Create a registry key for your extension API key.
4. Set Visitor ID using a PowerShell Login Script.
5. Verify that policies are correctly configured in Edge
Identify the Microsoft Edge extension ID
In this article, we refer to the Microsoft Edge extension ID as the extension ID.
The extension ID for the Pendo Launcher is the same for all customers: lgpofjmgggolmabddgdmbgipcnblpnbm. The extension ID can also be found in the Microsoft Edge Add-Ons listing of the Pendo Launcher: https://microsoftedge.microsoft.com/addons/detail/pendo-launcher/lgpofjmgggolmabddgdmbgipcnblpnbm
The extension ID will remain the same through major and minor version updates, but there might be other versions of the Pendo Launcher deployed to the Microsoft Edge Add-Ons listing intended for use by other organizations. You can check this value by navigating to edge://extensions in Edge.
Use Group Policy to deploy the Pendo extension in Active Directory environments
Deploy the Pendo extension through AD Group Policy Management.
1. Open the run.exe application.
Right-click the Windows icon in the bottom-left corner of the screen, and select Run from the menu.
2. Open the Group Policy Management console
Enter “GPMC.msc” into the Open field and select OK.
3. Create a new Group Policy Object (GPO).
Right-click Group Policy Object from the left-side navigation and select New from the menu.
4. Give the new GPO a meaningful name so that you can find it again later, such as "PendoAdoptInstall".
5. Right-click the new empty policy and select Edit.
6. Open the list of force-installed apps and extensions.
Navigate to Policies > Administrative Templates Policy Definitions (ADMX files) retrieved from the central store > Microsoft Edge > Extensions.
Then, open the setting: Control which extensions are installed silently.
7. Enable the policy.
Select Show… under Extension/App IDs and update URLs to be silently installed. Then, enter the extension ID, concatenated with a semicolon, and the URL to update the extension. The URL is typically lgpofjmgggolmabddgdmbgipcnblpnbm;https://edge.microsoft.com/extensionwebstorebase/v1/crx, unless you’re explicitly given a different URL.
8. Select OK and then Apply.
You now have a policy that will force install the Pendo extension to all machines in your domain.
Create a registry key for your extension API key
Create a registry key to automatically apply your API key to the registry of all machines in your network.
First, find your Pendo extension API key in your Pendo Subscription under Settings > Subscription Settings > Extension Apps.
Then, in the GPO created as part of the instructions under Use Group Policy to deploy the Pendo extension on Active Director environments, above:
1. Navigate to Computer Configuration > Preferences > Windows Settings > Registry.
2. Select New > Registry Item from the menu.
3. In the New Registry Policies window:
-
- Set the Hive to HKEY_LOCAL_MACHINE.
- Set the Key Path to: SOFTWARE\Policies\Microsoft\Edge\3rdparty\extensions\lgpofjmgggolmabddgdmbgipcnblpnbm\policy.
- Set the Value name to APIKey.
- Set the Value data to your Pendo extension (subscription) API key.
Set the Visitor ID using a PowerShell Logon Script
Set the user’s Visitor ID and metadata using a PowerShell Logon Script.
1. Create a new PowerShell script named “PendoUserInstall.ps1” with the following contents.
$visitorId = $env:username + "@yourdomain.com"
$visitorJson= "{ `"id`": `"$($visitorId)`" }"
if(!(Test-Path "C:\temp")) {
New-Item "C:\" -Name "temp" -ItemType "directory" -ErrorAction SilentlyContinue
}
New-Item "C:\temp\PendoMetadata.txt"
Set-Content -Path "C:\temp\PendoMetadata.txt" -Value $visitorJson
2. Save the PowerShell script to the NETLOGON folder in your domain’s shared Network folder with the following Permissions for Authentication Users: Read and Read & Execute.
3. Create another PowerShell script named “PendoAdminInstall.ps1” with the following contents, and also save it to the NETLOGON folder in your domain’s shared Network folder, with the same Read and Read & Execute permissions.
This script adds a registry value based on the file that the user account created. We don’t have access to that data when executing as Administrator.
# Wait for metadata file
while (!(Test-Path"C:\temp\PendoMetadata.txt")) { Start-Sleep10 }
# Add metadata to registry
$visitorJson = Get-Content -Path "C:\temp\PendoMetadata.txt"
$registryPath = "HKLM:\Software\Policies\Microsoft\Edge\3rdparty\extensions\lgpofjmgggolmabddgdmbgipcnblpnbm\policy"
New-ItemProperty -Path $registryPath -Name "visitor" -Value $visitorJson -Type ExpandString
# Cleanup
Remove-Item -Path "C:\temp\PendoMetadata.txt"
Remove-Item -Path "C:\temp"
4. Navigate back to the GPO that you created.
5. Go to User Configuration > Policies > Windows Settings > Scripts (Logon/Logoff) and select Logon.
6. Add a new script named “powershell.exe” with the parameters of -nonInteractive -executionPolicy Bypass -file \\YOURSHARE\NETLOGON\PendoUserInstall.ps1”.
7. Select OK and then Apply.
8. Close the Logon Properties window.
9. Add and run the admin script.
Since this script is run by the system administrator, it's run on startup. To do this, go to Computer Configuration > Policies > Windows Settings > Scripts (Startup/Shutdown) and select Startup.
10. Repeat steps 4 to 9 for "PendoAdminInstall.ps1".
Add the new GPO to your Network
Apply the newly created policy to your network.
1. Navigate back to the Group Policy Management console.
2. Right-click on your domain.
3. Select Link an Existing GPO…
4. In the dialog box that opens, find and select the GPO that you’ve been modifying under Group Policy objects, and then select OK.
Your GPO will populate over your domain within the next 10 minutes. Alternatively, you can force a policy update on your network.
Verify that the policies are correctly configured
Log in to a machine with your policy applied and run the following command in PowerShell:gpresult /r.
This command returns something similar to the following. In the example, below, the policy is named PendoAdoptInstall, and the install was a success.
Verify that the Pendo extension is collecting data
The color of the Pendo Launcher icon in the Browser header indicates whether the extension is actively collecting data.
If the Pendo Launcher icon is pink, it’s active and collecting data. If the Pendo Launcher icon is grey, it’s inactive and isn’t collecting data.
To verify that the metadata is being correctly injected into the agent, right-click the Pendo Launcher extension icon and select Show Debug Info.
If the Pendo Launcher is collecting information properly, it includes a message that states: "The Pendo Launcher is collecting data on this page." This means that your Pendo Launcher is configured to collect information on the current Web page.
If the Pendo Launcher isn’t collecting information on the page, the message states: “The Pendo Launcher is NOT collecting information on this page.”
To validate that the IDs and metadata are correctly configured:
1. Confirm that the visitorString is globally unique and correctly identifies the current user of the computer.
2. Select Show Configuration Info to expand the settings configured within the extension.
3. Select Re-fetch extension settings to ensure the extension has the latest settings.
4. Review the IT-Managed Config section to ensure that the data aligns with the expected deployment configuration.
Frequently Asked Questions
Why do universally unique IDs matter?
These IDs identify each Visitor and Account. If any of Visitor and Account IDs are duplicated, multiple users’ data can be aggregated under a single ID.
Why does metadata matter?
Metadata allows you to create powerful Segments that yield rich insights and personalize Guides. You can segment Visitors based on any metadata that is passed to Pendo.
How often is the extension updated?
Chrome and Edge automatically check for extension updates. For example, Chrome checks every 12 hours. Chrome and Edge can also be configured to automatically update extensions when a newer version is available.
Pendo updates and maintains the Pendo Browser extension, including regular agent updates and feature enhancements. Updates to the extension are submitted to the corresponding Browser owners (such as the Chrome Web Store) where they go through a security audit before being published.
For more information, see Visitor and Account Metadata.