Showing questions tagged: Show all questions

Firefox ESR Update

We use Firefox ESR in our environment today, Is it possible to have a policy that would display "update required" message to end-users, or have it automatically update wi… (read more)

We use Firefox ESR in our environment today, Is it possible to have a policy that would display "update required" message to end-users, or have it automatically update without users opening the browsers.

Asked by Ayodeji David 1 week ago

Last reply by Mike Kaply 1 week ago

  • Solved

website is not displayed completely

Firefox version 128.2.0esr (64-bit) Operating system Windows 10/Windows11 23H2 Septembre patch Hello everyone, maybe you can tell me/explain what the proble… (read more)

Firefox version

   128.2.0esr (64-bit)

Operating system

   Windows 10/Windows11 23H2 Septembre patch

Hello everyone,


maybe you can tell me/explain what the problem could be.

In our company we had Firefox version 115.14.0esr (64-bit) and then we updated to 128.2.0esr (64-bit).

Since version 128.2 ESR we have experienced problems in Firefox when trying to access DNN+ pages (with login). https://www.dnn.de/sport/regional/dresdner-sc-denkt-ueber-uebernahme-der-margon-arena-nach-C3IC74MZ6FE43AKGCZJSKUXA3I.html

In Firefox the content is cut off, in Edge it is displayed normally.

With Edge and Firefox 115.14.0esr the page is displayed normally. No AdBlock installed.

In developer mode I see the errors in the versions, so it shouldn't be that.

Cross-source (cross-origin) request blocked: The same-source rule prohibits reading the external resource on https://gum.criteo.com/sid/json?origi...AAAAAAAA&gdpr=1. (Reason: CORS request failed). Status code: (null).

Cross-source (cross-origin) request blocked: The same-source rule prohibits reading the external resource on https://id5-sync.com/api/config/prebid. (Reason: CORS request failed). Status code: (null).

Any ideas? Thank you very much! :)

Asked by Maik09 2 months ago

Answered by Maik09 2 months ago

Support ECH or ESNI in 128.2.0esr

Hello, I installed Firefox 128.2.0esr. I set the next parameters in GPO for settings DNSOverHTTPS: "DNSOverHTTPS": { "Enabled": true, "Provi… (read more)

Hello,

I installed Firefox 128.2.0esr. I set the next parameters in GPO for settings DNSOverHTTPS: "DNSOverHTTPS": {

                      "Enabled":  true,

"ProviderURL": "https://safe.dot.dns.yandex.net/dns-query", "Locked": true, "Fallback": true }. But when checking via https://www.cloudflare.com/ru-ru/ssl/encrypted-sni/#results I get (screenshot in attachment). As you can see from the screenshot, DNS and SNI did not receive the coveted check marks. Secure DNS We weren’t able to detect whether you were using a DNS resolver over secure transport. Contact your DNS provider or try using 1.1.1.1 for fast & secure DNS. DNSSEC Attackers cannot trick you into visiting a fake website by manipulating DNS responses for domains that are outside their control. TLS 1.3 Nobody snooping on the wire can see the certificate of the website you made a TLS connection to. Secure SNI Anybody listening on the wire can see the exact website you made a TLS connection to.

In my browser / about:config: network.trr.mode = 2 network.trr.uri = https://safe.dot.dns.yandex.net/dns-query

In 128.2.0esr there is no protection against ESNI interceptions and ECH is enabled by default? Or is the problem that the DNS provider does not support the technology from Mozilla? Or what other settings we need use (via GPO)?

Thank you.

Asked by Mark Talala 2 months ago

Last reply by Valentin 2 months ago

New profile after upgrade from ESR 115 to 128

I am working on upgrading our organization from ESR version 115 to 128. While testing, I am experiencing an issue where a new profile is being created and defaulted to on… (read more)

I am working on upgrading our organization from ESR version 115 to 128. While testing, I am experiencing an issue where a new profile is being created and defaulted to on first run after the upgrade. This removes all the bookmarks, themes, extensions, etc. For a technical person like myself, I can easily revert this by going to about:profiles and setting my previous profile back as the default and then restarting Firefox. The issue lies in that this process is not something we can feasibly do for over 1000 people if/when they see this problem. I have been trying to wrap the install with a few commands to back up the previous profiles.ini and put it back after upgrade but this isn't working out too well.

Is there a way to automate keeping whatever profile was being used as the default intact without generating a new one and having it take over?

One thing to note is that we are following CIS guidelines as closely as possible, thus using synced profiles is not an option.

Asked by yaponte 2 months ago

  • Solved

Uninstall All Extensions/Add-Ons via Intune

I am trying to manage Firefox for company devices via Intune and would like to know if there is a way to uninstall all extensions/add-ons besides one or two approved ones… (read more)

I am trying to manage Firefox for company devices via Intune and would like to know if there is a way to uninstall all extensions/add-ons besides one or two approved ones.

I have been able to import the Firefox AMDX into Intune and have made a policy to install uBlock (which works without issue) and I can uninstall specific extensions/add-ins via their Extension ID (also without issue), however I can't see a way to uninstall all extensions. If I try and put a wildcard in the Extension ID field, nothing is affected.

We have a large number of devices with their own user-installed extensions so auditing this and then updating a policy manually with specific extension IDs may be quite painful.

Asked by matthew.winter 3 months ago

Answered by matthew.winter 3 months ago

  • Archived

Issue with Blocking Websites in Mozilla Firefox via Group Policy

We followed the links below to block internet access in Firefox browser: https://www.youtube.com/watch?v=fAGYYX5hYb8 https://github.com/mozilla/policy-templates/release… (read more)

We followed the links below to block internet access in Firefox browser:

https://www.youtube.com/watch?v=fAGYYX5hYb8 https://github.com/mozilla/policy-templates/releases

We downloaded the ADMX and ADML files. Using these files, we were able to locate Mozilla Firefox in Group Policy Management and successfully block all websites in the Firefox browser using the pattern :///*.

However, we encountered an issue with exceptions. We do not wish to block certain websites, including localhost. We attempted to use the "Exceptions to block websites" option, providing values such as ://msn.com/ to exclude specific sites. Unfortunately, this approach did not work as intended. For instance, msn.com is one of the websites we want to allow, among others and also localhost.

We require assistance with the following issue: "Exceptions to block websites" is not functioning properly within the group policy of Mozilla Firefox.

Asked by hitenj.trivedi 8 months ago

Last reply by Mike Kaply 7 months ago

  • Archived

Enforce use of extension

Hello, My company recently started using ActivTrak Monitoring software and I need some help configuring the setup for Apple computers. I'm trying to create a custom .mob… (read more)

Hello,

My company recently started using ActivTrak Monitoring software and I need some help configuring the setup for Apple computers. I'm trying to create a custom .mobileconfig to automatically turn on the browser extension and then stop the end users from turning the add-on off. I can successfully install and lock the extension on once installed but need to manually activate the add-on first. What do I need to add to the plist to enable the extension automatically?

Thank you!

Asked by MiITsolutions 6 months ago

Last reply by Mike Kaply 4 months ago

Require device sign in to fill and mange passwords (mozilla.cfg)

Hi all I like to enforce the following setting "Require device sign in to fill and mange passwords" in the mozilla.cfg but I couldn't find the setting in about:config. … (read more)

Hi all

I like to enforce the following setting "Require device sign in to fill and mange passwords" in the mozilla.cfg but I couldn't find the setting in about:config.

Can anyone help?

Regards

Ogami

Asked by Ogami Itto (Gobi85) 4 months ago

Last reply by Mike Kaply 4 months ago

  • Solved

Is there any Group Policy for AutoSelectCertificateForUrls

Is there any parameter or group policy similar to Chrome "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\AutoSelectCertificateForUrls]", as we implemented application… (read more)

Is there any parameter or group policy similar to Chrome "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\AutoSelectCertificateForUrls]", as we implemented application with Certificate sign-in, it pop-up every time when navigating to different on-prem servers, we enabled Group policy for MSEdge & Chrome, but need to do same for Mozilla Firefox.

I need expert advice on this subject matter.

Regards,

Kamal Kiri

Asked by Kamal Kiri 4 months ago

Answered by Kamal Kiri 4 months ago

Deploying Firefox Developer Edition with Intune

I'm having trouble find clear directions online on how to import Firefox Developer Edition into my Intune App Catalog to deploy it to users. I was able to convert the .ex… (read more)

I'm having trouble find clear directions online on how to import Firefox Developer Edition into my Intune App Catalog to deploy it to users. I was able to convert the .exe installer into a .intunewin file but Intune won't import it for some reason. All the other directions i keep finding just direct me to creating a custom configuration policy around FireFox but it looks like it is just the basic Firefox for Enterprise.

I'm hoping to either get directed to actual directions for this or even a .msi installer for the developer edition. Does that exist?

Asked by sstroup970 5 months ago

Last reply by James 5 months ago

Addon/Extension allow list with group policy

Hello! I manage our browser configuration for our enterprise. We use group policy to restrict browser addons until they clear our internal security review. I'm looking … (read more)

Hello!

I manage our browser configuration for our enterprise. We use group policy to restrict browser addons until they clear our internal security review.

I'm looking for a way to allow specific addons using group policy, while generally blocking everything else.

I've found the setting to enforce the installation of addons, but we'd like to avoid forcing every addon to install on every system as there would be overlap between things like password managers and such.

Is there a way to accomplish this?

Asked by ggroathouse 5 months ago

Last reply by Mike Kaply 5 months ago

  • Archived

Azure Virtual Desktop

Hello, We have a client using Azure Virtual Desktops. Most of the users prefer to use Firefox. We are having an issue that anytime we update Firefox and reimage the vi… (read more)

Hello,

We have a client using Azure Virtual Desktops. Most of the users prefer to use Firefox. We are having an issue that anytime we update Firefox and reimage the virtual hosts. When the users login they get a new Firefox profile. We have to remote in and copy their old profile data to the new profile.

Is there a better way for us to handle Firefox and profiling in and Azure Virtual Desktop deployment?

Asked by jbrady6 6 months ago

Last reply by Mike Kaply 6 months ago

  • Archived

Extensions through GPO

Hi, I already have the admx and adml templates installed on my gpo. I would like to control or prevent the install of vpn extensions on the firefox browser. Specificall… (read more)

Hi,

I already have the admx and adml templates installed on my gpo. I would like to control or prevent the install of vpn extensions on the firefox browser.

Specifically I would like to prevent the install of all vpn extensions to the firefox browser for the users in my company. I would like them to download and install other extensions. How could I do this through modifying the json file in the extensions folder of the firefox template in my gpo.

Thanks in advance, Floyd,

Asked by fcastellino 6 months ago

Last reply by Mike Kaply 6 months ago

  • Solved
  • Archived

ExtensionSettings does not show up as a GPO setting with the latest ADMX files

the settings ExtessionSettings does not show up to be able to modify even tho it is on the ADMX file (5.11)? Should I use the older Extensions policies? I want to install… (read more)

the settings ExtessionSettings does not show up to be able to modify even tho it is on the ADMX file (5.11)? Should I use the older Extensions policies? I want to install and pin an extension from the store.

Asked by Christopher Roble 6 months ago

Answered by Mike Kaply 6 months ago

  • Archived

Enquiry On Force Update Firefox

Does anyone possess expertise in executing a forced update for Firefox within the user's profile directory located at "AppData\Local\Mozilla Firefox"? It would be advanta… (read more)

Does anyone possess expertise in executing a forced update for Firefox within the user's profile directory located at "AppData\Local\Mozilla Firefox"? It would be advantageous to employ a PowerShell script for rectifying this issue. It appears that certain users are not frequently opening Firefox, thus impeding the automatic update process.

Asked by slimmonkey 7 months ago

Last reply by Mike Kaply 6 months ago

  • Archived

Group Policy Settings list with description

Hi, I would like to implement GPO settings for Firefox, and would like to review the list of the policies with description (explanation of what the policy is about and w… (read more)

Hi, I would like to implement GPO settings for Firefox, and would like to review the list of the policies with description (explanation of what the policy is about and what happens if its enabled or disabled) on a table or excel format. Is there a site or page that will give me that list?

Asked by aurel_dimaculangan 7 months ago

Last reply by cor-el 7 months ago

  • Archived

Folder redirection conflicts synchronization firefox profile

Welcome, We are implementing redirected folders in our company via Widnows Server. We are also redirecting the Appdata folder. We have offline mode enabled which means th… (read more)

Welcome, We are implementing redirected folders in our company via Widnows Server. We are also redirecting the Appdata folder. We have offline mode enabled which means that the folders are synchronised every 5 minutes. The synchronised Appdata folder has a Firefox profile which causes a lot of conflicts. Every time the folder is synced there are conflicts like "Both versions have been updated since the last sync" or "Cannot sync now. Try again". I attach a screen shot of how much of this there is. No other applications cause such errors. Only Firefox blocks us from a large deployment. If the problem cannot be resolved we will be forced to abandon the FireFox browser altogether. Has anyone had a similar problem?

Asked by sebastian.pawlowski 9 months ago

Last reply by Mike Kaply 8 months ago