Google made a set of updates to its Chrome Enterprise offering today, which offers a more business-friendly version of the company’s desktop operating system for companies that want increased manageability of their Chrome devices.

These updates are aimed at making Chrome more competitive for businesses that would traditionally turn to Microsoft Windows as their operating system of choice. Google’s operating system is an interesting proposition for IT administrators because of its stripped-down capabilities and automatic updates at a time when security threats are plentiful.

Chrome Enterprise users will now be able to blacklist browser extensions based on the permissions they request, so it’s possible to keep employees from downloading anything that, for example, requires webcam access. Those devices can also be given security certificates that will allow them to access single sign-on resources, and prevent them from doing so otherwise.

Google improved Chrome Enterprise’s support for Microsoft’s Active Directory system. With the updates, administrators will be able to use Group Policy objects to configure managed Chrome extensions, and users will be able to directly authenticate to Kerberos and NTLMv2 endpoints on their local network.

Another new feature will require devices that were previously managed to automatically re-enroll in management, even after a wipe or restore. That way, users can reconnect to the management system without the use of administrator credentials.

On top of all that, Google also announced partnerships with Cisco Meraki, IBM MaaS360, Citrix XenMobile, and Zoho Mobile Device Manager Plus that allow IT administrators to manage their Chrome Enterprise devices from a central console. Those deals build on the company’s existing work with VMware AirWatch, which was announced last year at Chrome Enterprise’s launch.