Installing Okta browser plugin 5.x with Internet Explorer
Microsoft Internet Explorer (IE) 9 and 10 have additional security features which may require extra consideration when you are using the Okta IE 5.x plugin. This document provides information including: installation options, silent mode and whitelisting, and how to verify that the installed plugin is successfully enabled.
Where is the target machine?
How you install the plugin depends on where you'd like to install the IE 5.x plugin and how seamlessly you would like the install to be for your users. For details about other elements to consider, see Installation Options.
Installing on the target machine
Unlike the plugins of other browsers which install into the browser itself, the IE plugin requires administrative permissions at the OS level for installation. So, if you are working on the target machine and manually installing the IE 5.x plugin, you must have administrator rights.
Because you install the 5.x plugin manually, some user interaction is necessary, and the installer automatically closes all IE windows during the process. After installation, the browser launches and you are prompted to press an Enable button.
Pushing to Remote Machines
If you are working within a managed IT environment where you are pushing installation files to remote machines, you can make this more transparent and fluid by using options such as silent install and establishing a group policy that allows for whitelising the plugin components that reside on your target machines. See below for detailed information on using silent mode and the steps to establish a whitelist.
Silentmode configuration allows the installation to proceed without any explicit user input. Users cannot change the installation settings and no dialog boxes appear that require user interaction.
However, if you are installing in silent mode on IE 9 or later, and not whitelisting your installations (see Whitelisting below for details on this option), interaction is required. The installer automatically closes all IE windows. After installation, a browser launches and the user will be prompted to press an Enable button.
To run the installer in silent mode, use the following command line parameters:
Note: If you're installing in silent mode on Windows 7, users will be prompted to restart their browser.
The process of whitelisting (a register of entities that allow unauthorized programs to run) can be used to bypass the security measures imposed by IE 9 and 10. This method is useful for Admins and IT-based orgs pushing installs to end-users, as it suppresses the appearance of the Enable button during installation, thereby disallowing end-users the ability to "disable" the Okta IE plugin.
For a Windows OS, Internet Explorer uses a CLSID (class identifier) to set the whitelisting policy. To set this policy on your system, do the following:
Now users will not be prompted to enable or disable the plugin process when going through a silent installation.
There are several installation options for the IE 5.x plugin. Which options to chose depend on how much control is desired for the installation process and how fluid you would like the install to appear to the end-user. Use the chart below to consider the best method of installation for your org.
After you have successfully installed your plugin, you can verify that it is successfully enabled. For details, see Verifying IE Plugin Enablement.
Internet Explorer 9 Security Settings
If you've set your Internet Explorer 9 Security level zone settings to High, you'll need to make a few security zone modifications in order for the Okta plugin to work.