On-premises sync allows Active Directory (AD) users to roam Microsoft Edge favorites and settings between computers without connecting to Microsoft cloud services. This feature is available in Microsoft Edge version 85 or later.
Introduction
By default, syncing user data in Microsoft Edge requires either a Microsoft Account or an Azure Active Directory (AAD) account and a connection to Microsoft cloud services. On-premises sync allows AD users to sync their Microsoft Edge data by saving it to a local file that can be moved between different computers. This feature can be used in addition to or independently of cloud syncing.
How it works
Microsoft Edge allows profiles to be associated with AD accounts, which cannot be used with cloud sync. When on-premises sync is enabled, the data from the AD profile is saved to a file named profile.pb in the local path %APPDATA%/Microsoft/Edge. This file can then be moved between different computers and the user data will be read and written on each computer. It is the administrator's responsibility to ensure that the file is moved as needed.
Setting up on-premises sync
To set up on-premises sync in Microsoft Edge, follow these steps:
Ensure that your users' machines are domain joined and that they are logged in to Windows as domain users.
Enable the group policy ConfigureOnPremisesAccountAutoSignIn (located in Administrative Templates/Microsoft Edge). Set the value to
SignInAndMakeDomainAccountNonRemovable. This will enable Microsoft Edge to automatically sign in users that are on domain-joined machines using their AD accounts.Enable the group policy RoamingProfileSupportEnabled (located in Administrative Templates/Microsoft Edge). This will make Microsoft Edge write profile data to the local file
%APPDATA%/Microsoft/Edge/profile.pb.(Optional) To change the location of the user data file, enable the group policy RoamingProfileLocation (located in Administrative Templates/Microsoft Edge) and set the roaming profile location to a shared location such as
\\dc\edgedata\${user_name}. This will allow the on-premises sync to work when the same domain account is signed in on a different computer.
After completing these steps, the sync status should be On for the AD account in Microsoft Edge.
Changes in the user experience when on-premises sync is enabled
When on-premises sync is enabled, users won't be asked to enable sync and they won't be able to turn off sync or turn on sync types that aren't supported by on-premises sync in the Sync settings.
On-premises sync usage notes
- On-premises sync does not interfere with cloud sync. If Microsoft Edge has multiple Microsoft Account or Azure AD profiles that sync to the cloud, these profiles will continue to sync while on-premises sync is enabled.
- It is not recommended to run Microsoft Edge on more than one computer at the same time with on-premises sync enabled. On-premises sync works by moving a user data file between computers, and it does not sync changes between simultaneous sessions. If there are simultaneous on-premises sessions running, data on any of the computers may be unexpectedly overwritten by data from another computer the next time you start a browser session.
- Other sync policies, such as SyncTypesListDisabled and SyncDisabled, can be used with on-premises sync. However, keep in mind that these policies may affect the data that is synced. For example, if SyncTypesListDisabled is used to disable syncing of favorites, then favorites will not be synced with on-premises sync.
- On-premises sync does not support syncing extensions or web activity data.
Conclusion
On-premises sync allows AD users to roam their Microsoft Edge data between computers without connecting to Microsoft cloud services. By following the steps in this article, you can set up on-premises sync in your enterprise environment and provide this feature to your users.