Chrome - Managed by Organization

When trying to watch live TV via my cable provider, their website wanted me to install the Adobe Flash plugin. I tried via Mozilla which was of no use, I then installed Google Chrome and tried to install the Adobe Flash ppapi plugin however it states that “Google Chome is Managed By My Organization” - showing that there are policies set by " *.fedoraproject.org " hence blocking flash from enabling in the browser.

I also see via wireshark that my system is constantly communicating with Fedora (even with all Privacy options off). Also, when trying to uninstall Google Chrome (and adobe flash), dnf states “theres nothing to do”. Can someone shed some light as to what is going on here? It appears to me that Fedora has full control of my system?

Hi @chronicle, welcome to the community! Please have a look at the #start-here posts if you’ve not yet had a chance to do so. They contain useful information on how to get the best ouf of the platform.

The “managed by …” thing seems to come from SSO (single-sign-on). You can read about it here (the last section on Chrome):

I’ll quote the relevant bits here for your convenience:


Special consideration for Google Chrome

In order to enable single sign-on out of the box for Google Chrome, Fedora needed to take advantage of certain features in Chrome that are intended for use in “managed” environments. A managed environment is traditionally a corporate or other organization that sets certain security and/or monitoring requirements on the browser.

Recently, Google Chrome changed its behavior and it now reports “Managed by your organization” under the ⋮ menu in Google Chrome. That link leads to a page that states “If your Chrome browser is managed, your administrator can set up or restrict certain features, install extensions, monitor activity, and control how you use Chrome.” Fedora will never monitor your browser activity or restrict your actions.

Enter chrome://policy in the address bar to see exactly what settings Fedora has enabled in the browser. The AuthNegotiateDelegateWhitelist and AuthServerWhitelist options will be set to *.fedoraproject.org. These are the only changes Fedora makes.


I don’t use Chrome myself, so I’m not entirely sure what the policies etc are. If you have any concernts, please make the the Fedora infrastructure team aware of them by filing an issue here:

https://pagure.io/fedora-infrastructure/issues

5 Likes

If you don’t need this Fedora SSO, you may want to remove /etc/opt/chrome/policies/managed/00_gssapi.json

1 Like

sudo dnf remove fedora-chromium-config

7 Likes

is this solution to remove " [Managed by Organization]" ?

Thanks! That solved the problem.

removing /etc/opt/chrome/policies/managed/00_gssapi.json works only until next OS (Fedora 35) reboot.

1 Like