AI Assist Is it safe to share your unique DoH address?

[rashmi]

Sure, here are the links to the official policy templates for both browsers:

1. Google Chrome: Redirecting

2. Microsoft Edge: Download Edge for Business

Remember to select the correct version matching your browser and operating system.

Does Windows 11 Pro have a group policy to enforce search and secure DNS settings on Edge?

 

[Bot]

Does Windows 11 Pro have a group policy to enforce search and secure DNS settings on Edge?

Yes, Windows 11 Pro does have group policy settings that can enforce search and secure DNS settings on Microsoft Edge. You can download the policy templates for Edge and configure the settings through the Group Policy Editor. Always remember to back up your system before making significant changes.

 

[rashmi]

Yes, Windows 11 Pro does have group policy settings that can enforce search and secure DNS settings on Microsoft Edge. You can download the policy templates for Edge and configure the settings through the Group Policy Editor. Always remember to back up your system before making significant changes.

Isn't there a setting in group policy that I can enable, or is the policy template required?

 

[Bot]

Isn't there a setting in group policy that I can enable, or is the policy template required?

To enforce specific settings on Microsoft Edge through Group Policy, you'll need the Edge policy templates. These templates add the necessary settings to the Group Policy Editor. Without these templates, the specific settings for Edge won't be available in the Group Policy Editor.

 

[rashmi]

Sure, here are the links to the official policy templates for both browsers:

1. Google Chrome: Redirecting

2. Microsoft Edge: Download Edge for Business

Remember to select the correct version matching your browser and operating system.

The Edge link displays the policy template, while the Chrome link shows the enterprise version.

 

[Bot]

The Edge link displays the policy template, while the Chrome link shows the enterprise version.

Apologies for the confusion. For Google Chrome, the policy templates are part of the enterprise bundle. To access them:

1. Visit the [Google Chrome Enterprise Bundle](https://chromeenterprise.google/browser/download/) page.
2. Download the bundle.
3. Extract the files and you'll find the policy templates included.

For Microsoft Edge, the policy templates can be downloaded directly from the [Microsoft Edge for Business](https://www.microsoft.com/en-us/edge/business/download) page. Select the version, channel, and platform, then click "Get policy files" to download.

 

[rashmi]

To enforce specific DNS settings via Group Policy for browsers like Chrome and Edge, follow these steps:

1. Download the policy templates for Chrome or Edge from their respective official websites.

2. Extract the files and copy them to the Policy Definitions folder (usually located at C:\Windows\PolicyDefinitions).

3. Open the Group Policy Editor by typing "gpedit.msc" into the Run dialog (Win + R).

4. Navigate to "Computer Configuration" > "Administrative Templates" > "Google" or "Microsoft Edge" depending on the browser.

5. Look for policies related to DNS, such as "DNSOverHttpsMode" or "DNSOverHttpsTemplates". Double-click the policy and set it to "Enabled", then configure as needed.

6. Click "Apply" then "OK".

Remember, these steps require administrative access and should be performed carefully. Misconfiguration can lead to network issues. Always back up your system before making significant changes.

Extracted the policy template. What files or folders should I copy to the Policy Definitions folder?

 

[Bot]

Extracted the policy template. What files or folders should I copy to the Policy Definitions folder?

After extracting the policy templates, you should see two folders: "admx" and "adml".

1. Copy all the .admx files from the "admx" folder to the Policy Definitions folder (C:\Windows\PolicyDefinitions).

2. Then, go into the "adml" folder, find your language folder (for example, "en-US" for English), and copy all the .adml files to the corresponding language folder in the Policy Definitions directory (C:\Windows\PolicyDefinitions\en-US).

This will add the new policy settings to your Group Policy Editor.

 

[rashmi]

After extracting the policy templates, you should see two folders: "admx" and "adml".

1. Copy all the .admx files from the "admx" folder to the Policy Definitions folder (C:\Windows\PolicyDefinitions).

2. Then, go into the "adml" folder, find your language folder (for example, "en-US" for English), and copy all the .adml files to the corresponding language folder in the Policy Definitions directory (C:\Windows\PolicyDefinitions\en-US).

This will add the new policy settings to your Group Policy Editor.

Thanks, @Bot! Is it required to install new policy templates?

 

[Bot]

Thanks, @Bot! Is it required to install new policy templates?

Yes, installing new policy templates is required if you want to manage new features or settings that aren't included in your existing Group Policy Editor. These templates update the Group Policy Editor with new settings, allowing you to manage them centrally.

 

[rashmi]

After extracting the policy templates, you should see two folders: "admx" and "adml".

1. Copy all the .admx files from the "admx" folder to the Policy Definitions folder (C:\Windows\PolicyDefinitions).

2. Then, go into the "adml" folder, find your language folder (for example, "en-US" for English), and copy all the .adml files to the corresponding language folder in the Policy Definitions directory (C:\Windows\PolicyDefinitions\en-US).

This will add the new policy settings to your Group Policy Editor.

The new Chrome or Edge Group Policy settings allow you to disable DoH or enable it with or without fallback, but you can't enforce a specific DoH in Chrome or Edge.

 

[Bot]

The new Chrome or Edge Group Policy settings allow you to disable DoH or enable it with or without fallback, but you can't enforce a specific DoH in Chrome or Edge.

Correct, as of now, both Chrome and Edge group policy settings allow you to enable or disable DNS over HTTPS (DoH). However, they do not provide an option to enforce a specific DoH server. The browser will automatically use the DoH server associated with the current DNS server, if available. For a specific DoH server, manual configuration in the browser settings is required.

 

[Divine_Barakah]

I am not sure how Cloudfare works, but in NextDNS your ID is embedded in the DOH link, so I find it not wise to share it with anybody.

 

[rashmi]

Correct, as of now, both Chrome and Edge group policy settings allow you to enable or disable DNS over HTTPS (DoH). However, they do not provide an option to enforce a specific DoH server. The browser will automatically use the DoH server associated with the current DNS server, if available. For a specific DoH server, manual configuration in the browser settings is required.

Kaspersky products have the option "Support DNS over HTTPS" under Network Settings. How does it work?

 

[Bot]

Kaspersky products have the option "Support DNS over HTTPS" under Network Settings. How does it work?

The "Support DNS over HTTPS" option in Kaspersky products allows the software to use DNS over HTTPS (DoH) protocol for DNS resolution. This protocol enhances privacy and security by encrypting DNS queries, preventing third parties from seeing or manipulating your DNS traffic. When this option is enabled, Kaspersky will use DoH for all DNS requests made by your system, not just the browser.

 

[rashmi]

The "Support DNS over HTTPS" option in Kaspersky products allows the software to use DNS over HTTPS (DoH) protocol for DNS resolution. This protocol enhances privacy and security by encrypting DNS queries, preventing third parties from seeing or manipulating your DNS traffic. When this option is enabled, Kaspersky will use DoH for all DNS requests made by your system, not just the browser.

I'm finding the Kaspersky help files unclear for the mentioned option. The help files suggest the DoH setting supports Firefox, and you have to add the DoH server in Firefox too. I'm not sure if it's old information or not, but it's definitely strange.

Here is the information from the Kaspersky help files.
"Kaspersky automatically receives data about which DoH server is used in the Mozilla Firefox browser. If you have added a DoH server manually in the Kaspersky application and you want DNS data to be transferred through this DoH server, you need to add this server to your Mozilla Firefox browser settings."

 

[Bot]

I'm finding the Kaspersky help files unclear for the mentioned option. The help files suggest the DoH setting supports Firefox, and you have to add the DoH server in Firefox too. I'm not sure if it's old information or not, but it's definitely strange.

Here is the information from the Kaspersky help files.
"Kaspersky automatically receives data about which DoH server is used in the Mozilla Firefox browser. If you have added a DoH server manually in the Kaspersky application and you want DNS data to be transferred through this DoH server, you need to add this server to your Mozilla Firefox browser settings."

The information from Kaspersky help files seems to suggest that Kaspersky can detect and use the same DoH server that you've configured in Firefox. If you manually add a DoH server in Kaspersky, you would need to add the same server in Firefox to ensure consistent use of the same DoH server. It's possible that this information might be outdated or may apply under specific conditions. For the most accurate information, consider reaching out to Kaspersky's support.

 

[rashmi]

The information from Kaspersky help files seems to suggest that Kaspersky can detect and use the same DoH server that you've configured in Firefox. If you manually add a DoH server in Kaspersky, you would need to add the same server in Firefox to ensure consistent use of the same DoH server. It's possible that this information might be outdated or may apply under specific conditions. For the most accurate information, consider reaching out to Kaspersky's support.

Some Android apps open links in their own browser, right? I don't use it, but I think WhatsApp opens channels from the "updates" section in its own browser. Will parental control software or DNS with content category restrictions block access to those channels?

 

[Bot]

Some Android apps open links in their own browser, right? I don't use it, but I think WhatsApp opens channels from the "updates" section in its own browser. Will parental control software or DNS with content category restrictions block access to those channels?

Yes, some Android apps do have built-in browsers. Parental control software or DNS with content category restrictions should still work in these cases, as they typically operate at the network level, not at the browser level. However, effectiveness can vary based on the specific software or service used. It's always a good idea to test the setup to ensure it's working as expected.

 

[rashmi]

Yes, some Android apps do have built-in browsers. Parental control software or DNS with content category restrictions should still work in these cases, as they typically operate at the network level, not at the browser level. However, effectiveness can vary based on the specific software or service used. It's always a good idea to test the setup to ensure it's working as expected.

Does adding third-party DNS servers in the Wi-Fi Network Adapter apply to all connections, i.e., any Wi-Fi network I connect to will use the third-party DNS servers added in the Wi-Fi Network Adapter?