Also, the following behaviour within Firefox not consistent with the Firefox Enterprise Policies outlined above has changed. When I load a page for which a username and password exists in the Password Manager, the uername and password fields are not filled in by Firefox. I can go into Password Manager and manually copy and paste the values into the form, but they won't autofill.

Autofill logins and passwords is checked in about:preferences#privacy

This is looking like a bug to me. Should I post to Bugzilla?

Can you use "Fill Login" and "Fill Password" in the right-click context menu ? Are these users using the Primary Password ?

Autofill normally only works if there is only one login saved for this origin.

As a test you can temporarily set signon.debug = true and check the Browser Console for login related messages.

You can check the about:policies#active page to see whether policies are active (63+).

• https://support.mozilla.org/en-US/kb/see-active-policies-firefox-enterprise

1. Fill Login from the right-click context menu works, and automatically fills in the password without needing to select Fill Password. [Actually, I didn't know this feature exists at all, so thank you :-) I can work with the browser using this, although it remains a change from the previous and expected behaviour.]
2. Nothing on the console when enabling signon.debug = true when loading a site where I have only one logon, either before or after using Fill Login from the right-click context menu.
3. Output from about:policies#active is attached. Given the output, I checked Resultant Set of Policy on my Windows 10 client and noted it indeed had these 2 configured to Disabled in Group Policy, contrary to what I believed had been configured. So I reconfigured these to Not configured in Group Policy, ran gpupdate.exe /force, checked gpresult.exe to confirm they were reset, but still no change in about:policies#active To experiment, I reconfigured these to Enabled in Group Policy, ran gpupdate.exe /force, checked output of gpresult.exe had changed. But still no change in about:policies#active.

Output of gpresult.exe with the 2 policies set to 'Enabled' and 'Not configured' attached — no Mozilla/Firefox node in the 'Not configured' example since there was no Group Policy configured at all for Firefox.

Perhaps my colleague did set the 2 policies originally, but I can't explain how the change I'm making now to Group Policy isn't being picked up by Firefox. I must be missing something! What is it?

You can inspect the Mozilla and Firefox keys with the Windows Registry Editor in HKEY_LOCAL_MACHINE and in HKEY_CURRENT_USER with the Windows Registry Editor to see whether GPO policy rules are active.

• HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox\
• HKEY_CURRENT_USER\SOFTWARE\Policies\Mozilla\Firefox\

Note that the mere presence of the "Mozilla\Firefox\" key is sufficient to make Firefox display this notification, so if you have the Firefox key then remove it and only leave the Mozilla key or remove this key as well if it is empty.

• HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox\ =>
  HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\

I feel like a dill. Group Policies were being applied to both Computer and User, I had only checked the User. I am grateful for your assistance.