Why is the Windows browser helper useful?
The browser extension needs to know the identity of the user to tell Trelica which business apps they are accessing.
Trelica has various ways to identify this. At the simplest level, the user can login to Trelica, although other approaches are available (e.g. if they're logged in to the web browser with a work account, or by sending the user a link to click to identify them).
Each of these approaches has downsides, particularly if multiple browsers are being used.
What is the Windows browser helper?
The Windows browser helper is a light-weight (under 200k) executable which uses the Native Messaging browser protocol to communicate with Chrome, Edge and Firefox.
The browser extension tells the browser to load the agent and all communication is through the browser.
Source code is available to customers upon request.
Installing the Browser helper
Go to Admin > Settings > Browser extension
Click to download the Windows browser helper MSI, and you will be shown the msiexec
command used to install it:
- By default
msiexec
will install for the current user. - To deploy to all users on the device append
ALLUSERS=1
to the command. - To deploy to all users AND to install registry settings to force install the extension for Chrome and Edge then append
MSIINSTALLPERUSER=""
to the command, e.g.msiexec /i TrelicaBrowserHelper.msi ORGID=af278...4242 DOMAIN=app.trelica.com MSIINSTALLPERUSER=""
Deployment at scale
We recommend distributing the helper to all users using an end-point management solution like Microsoft Endpoint Manager (formerly known as Intune).
You should also distribute the extensions.
Troubleshooting
The helper identifies the logged in user by the equivalent of the whoami /upn
command. If the user isn't a domain user, then it fallsback to the equivalent of whoami /user
.
If the user isn't logged in using Microsoft Entra ID or Microsoft 365, then the user name may not match a person in Trelica. In this case you may need to map user accounts to Trelica identities. Please contact support@trelica.com for help with this.
The MSI won't deploy correctly
Please run msiexec
using the following parameters to log verbose output to a file:
msiexec /l*v %TEMP%\install.log /i TrelicaBrowserHelper.msi DOMAIN=... ORGID=...
Where is the Browser helper installed?
The helper is installed to a TrelicaBrowserHelper folder in the current user's %LocalAppData%/Programs
folder.
If you used the ALLUSERS=1
switch then it will be installed to C:\Program Files\TrelicaBrowserHelper
Where is the Organization ID and domain stored?
The installer writes the Organization ID and domain to the registry under:
HKEY_CURRENT_USER\SOFTWARE\Trelica\TrelicaBrowserHelper
The helper checks this location when it runs, and if no value is found then the helper also checks the same path under HKEY_LOCAL_MACHINE.
How does a browser know to run the Browser helper?
On Windows, browsers look for a key called com.trelica.browser_helper
in the registry. The parent key depends on the browser:
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\NativeMessagingHosts
HKEY_CURRENT_USER\SOFTWARE\Mozilla\NativeMessagingHosts
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\NativeMessagingHosts
The key value contains a path to a JSON manifest file which contains a path attribute which tells the extension where to find the executable.
Comments
0 comments
Please sign in to leave a comment.