Prikaz označenih pitanja: Prikaži sva pitanja
  • Arhivirano

Extension Management via GPO not working

Trying to block all but allow specific plugins. I have the okta one and the web password filler working, but not the logon assist. I've tried putting in (secret-server-l… (pročitajte više)

Trying to block all but allow specific plugins. I have the okta one and the web password filler working, but not the logon assist. I've tried putting in (secret-server-logon-assist-ff57@thycotic.com), and {secret-server-logon-assist-ff57@thycotic.com}, and also without any extras. These codes come from just the numeric URL (ie https://addons.mozilla.org/firefox/downloads/file/1747490) which says "Secret Server Login Assist (secret-server-logon-assist-ff57@thycotic.com) is blocked by your system administrator. Extension not on OAI allowed list". Am I misreading this message, or missing something on this specific one?

{ "*": { "blocked_install_message" : "Extension not on OAI allowed list", "installation_mode": "blocked" }, "dd1e31d5-3623-45cb-b1ad-64074d36b360@thycotic.com": { "installation_mode": "allowed", "install_url": "https://addons.mozilla.org/firefox/downloads/file/3906662/secret_server_web_password_filler-3.2-fx.xpi" }, "secret-server-logon-assist-ff57@thycotic.com": { "installation_mode": "allowed", "install_url": "https://addons.mozilla.org/firefox/downloads/file/1747490/secret_server_login_assist-2.1.1-an+fx.xpi" }, "plugin@okta.com": { "installation_mode": "allowed", "install_url": "https://addons.mozilla.org/firefox/downloads/file/3901586/okta_browser_plugin-6.8.0-an+fx.xpi" } }

Asked by mhunt3 prije 2 godina

Last reply by trackcourier1 prije 1 godina

  • Arhivirano

How do I configure kiosk mode?

Mozilla's website states: "Numerous features of the kiosk mode are configurable through policy or command line parameters when launching the browser." However, other t… (pročitajte više)

Mozilla's website states:

"Numerous features of the kiosk mode are configurable through policy or command line parameters when launching the browser."

However, other than a single example to run kiosk mode as a private window, it doesn't seem to provide any information on how to access such configuration. I couldn't seem to find the information anywhere else either.

How can I configure kiosk mode? Preferably via the CLI, but I'd be interested also to learn what is meant by "configurable through policy".

Asked by davidecl175 prije 1 godina

Last reply by Mike Kaply prije 1 godina

  • Arhivirano

Silent Auto Update for Firefox ESR

Hi All- I am in charge of deploying Firefox ESR to my company and trying to get it to silently auto update on it's on with user interaction. We have policies in place (GP… (pročitajte više)

Hi All- I am in charge of deploying Firefox ESR to my company and trying to get it to silently auto update on it's on with user interaction. We have policies in place (GPO) that prevent it at this point. I need some guidance on whether I should use just GPOs to manage this or should I go the route of the .cfg file? If someone has a step by step on how to best achieve this I would appreciate it. I am currently using the .msi installer.

Here is settings in an old .cfg file that I am testing with:

lockPref("app.update.mode", 1); lockPref("app.update.service.enabled", true); lockPref("extensions.update.enabled", false); lockPref("extensions.update.autoUpdateEnabled", false);

// Set default homepage - users can change // Requires a complex preference defaultPref("browser.startup.homepage","data:text/plain,browser.startup.homepage=http://workday");

// Don't ask to install the Flash plugin lockPref("plugins.notifyMissingFlash", false);

// Disable Search Engine automatic updates lockPref("browser.search.update", false);

//Disable telemetry lockPref("toolkit.telemetry.prompted", 2); lockPref("toolkit.telemetry.rejected", true); lockPref("toolkit.telemetry.enabled", false);

// Disable health reporter lockPref("datareporting.healthreport.service.enabled", false); lockPref("datareporting.healthreport.logging.consoleEnabled", false); lockPref("datareporting.healthreport.uploadEnabled", false);

// Disable all data upload (Telemetry and FHR) lockPref("datareporting.policy.dataSubmissionEnabled", false);

// Disable crash reporter lockPref("toolkit.crashreporter.enabled", false); Components.classes["@mozilla.org/toolkit/crash-reporter;1"].getService(Components.interfaces.nsICrashReporter).submitReports = false;

// Don't show WhatsNew on first run after every update pref("browser.startup.homepage_override.mstone","ignore");

// Don't show 'know your rights' on first run pref("browser.rights.3.shown", true);

Asked by CherishYourLife prije 1 godina

Last reply by cor-el prije 1 godina

  • Arhivirano

Completely remove address bar

I would like to completely remove the address bar (url bar?) from Firefox 78 64bit. We had to update our Firefox at work and the old way of doing it through the userChrom… (pročitajte više)

I would like to completely remove the address bar (url bar?) from Firefox 78 64bit. We had to update our Firefox at work and the old way of doing it through the userChrome.css file doesnt seem to work with the newer versions.

Asked by pingaaron prije 1 godina

Last reply by Mike Kaply prije 1 godina

  • Riješeno
  • Arhivirano

Access to about:debugging while blocking all extensions via GPO

Hello, As the title mentions, applying a block to all extensions via "*" by utilizing Extension Management GPO will block about:debugging. Is there a way to simultaneou… (pročitajte više)

Hello,

As the title mentions, applying a block to all extensions via "*" by utilizing Extension Management GPO will block about:debugging.

Is there a way to simultaneously have all extensions blocked and about:debugging available?

Here's the JSON - { "*": { "installation_mode": "blocked" } }


Appreciate your time and help, - Dom

Asked by Dom Langella prije 1 godina

Answered by Mike Kaply prije 1 godina

  • Arhivirano

Automatic FF Updates needing user to log in

We have several servers with Firefox installed and automatic updates enabled to include "When Firefox is not running". However, our security scans indicate that the versi… (pročitajte više)

We have several servers with Firefox installed and automatic updates enabled to include "When Firefox is not running". However, our security scans indicate that the version is out of date. We have to connect to the box and finish the updates. The current version is at 103.0.1 and the previous version was above 100 (failing to remember exact version). Is there a way to ensure that Firefox remains up to date without connecting to the server?

Asked by vince321 prije 1 godina

Last reply by vince321 prije 1 godina

  • Arhivirano

Group Policy is applied but no changes

We use GPO to push out our Firefox homepage and bookmarks. I get totally different results for each user, some will make changes right away if I add a new book marks, but… (pročitajte više)

We use GPO to push out our Firefox homepage and bookmarks. I get totally different results for each user, some will make changes right away if I add a new book marks, but they don't see older ones?

I decided to build a few test machines (we don't have time to build a dev envir) and it applies the GPO for the home page but not the bookmarks, I can see the book marks in the registry even but nothing on firefox. Anyone have a guess?

thanks David

Asked by david.kafrissen prije 1 godina

Last reply by Mike Kaply prije 1 godina

  • Arhivirano

Unable to configure the firefox policy for Proxy in Intune

OMA-URI: ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/Proxy Value (string): <enabled/> <data id="ProxyLocked" value="true | false"/> <data i… (pročitajte više)

OMA-URI:

./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/Proxy Value (string):

<enabled/> <data id="ProxyLocked" value="true | false"/> <data id="ConnectionType" value="none | system | manual | autoDetect | autoConfig"/> <data id="HTTPProxy" value="https://httpproxy.example.com"/> <data id="UseHTTPProxyForAllProtocols" value="true | false"/> <data id="SSLProxy" value="https://sslproxy.example.com"/> <data id="FTPProxy" value="https://ftpproxy.example.com"/> <data id="SOCKSProxy" value="https://socksproxy.example.com"/> <data id="SOCKSVersion" value="4 | 5"/> <data id="AutoConfigURL" value="URL_TO_AUTOCONFIG"/> <data id="Passthrough" value="<local>" >="" <data="" <="" p=""></data>


This has mixure of String and Integer , when we configure as string and use one from the above or leaving blank or setting only string , it failed the policy with error - -2016281112

Asked by kamal.manoranjith prije 1 godina

Last reply by Mike Kaply prije 1 godina

  • Riješeno
  • Arhivirano

about:preferences " What should Firefox do with other files?" change with mozialla.cfg / How can I control this setting using mozilla.cfg?

From my point of view, the setting " What should Firefox do with other files?" has been added in the current ESR version. "What should Firefox do with other files?" ("Wi… (pročitajte više)

From my point of view, the setting " What should Firefox do with other files?" has been added in the current ESR version.

"What should Firefox do with other files?" ("Wie soll Firefox mit anderen Dateien verfahren?") . "Save files" ("Dateien speichern") . "Ask whether to open or save files" ("Fragen, ob Dateien geöffnet oder gespeichert werden sollen")


How can I control/change this setting using mozilla.cfg?


By the way:

// What should Firefox do with other files? - Wie soll Firefox mit anderen Dateien verfahren? lockPref("applications-ask-before-handling", false);

// What should Firefox do with other files? - Wie soll Firefox mit anderen Dateien verfahren? lockPref("applications-ask-before-handling", true);

works detectably via about:config but does not change the setting for "What should Firefox do with other files?".

Asked by bzam prije 1 godina

Answered by bzam prije 1 godina

  • Arhivirano

How to configure "What Firefox should do with other files" with policies.json

Hi, I deployed the last Firefox ESR update and I just found about this new feature : https://support.mozilla.org/en-US/kb/manage-downloads-preferences-using-downloa… (pročitajte više)

Hi,

I deployed the last Firefox ESR update and I just found about this new feature : https://support.mozilla.org/en-US/kb/manage-downloads-preferences-using-downloads-menu

So files are now downloaded and users are no longer prompted for what to do. My question is can we change this to "Ask whether to open or save files" using policies.json?

Kind regards,

McB

Asked by loic.hemat prije 1 godina

Last reply by cor-el prije 1 godina

  • Arhivirano

Extension Management GPO has a limit of 2048 characters

I'm trying to configure the "Extension Management" policy for firefox in my company. We have 14 addons to manage. using JSON this will end to a line of about 2500 chara… (pročitajte više)

I'm trying to configure the "Extension Management" policy for firefox in my company. We have 14 addons to manage. using JSON this will end to a line of about 2500 characters.

when I try to copy the code into the gpo I get a message telling me the limit is 2048 characters.

Is there a way to baypass this limitation ?


thank you

Asked by kalimera555 prije 1 godina

Last reply by Mike Kaply prije 1 godina

  • Arhivirano

multiple users needing single profile

We have 50 workstations set up for certain jobs and the users roam as needed. Each workstation has two printers using different media. the printers are controlled by ha… (pročitajte više)

We have 50 workstations set up for certain jobs and the users roam as needed. Each workstation has two printers using different media. the printers are controlled by having two instances of Firefox with each having a user profile to use one printer or the other. In addition to printer settings we set a number of other profile settings such as silent printing etc.

Having a profile per user requires a great deal of setup work to allow different users to log in with authentication and to align the printers with the programs which will print to them.

A solution that would allow us to write a copy of a master profile to each new user via a program would be nearly perfect. Thank you,

Asked by rprefontaine prije 1 godina

Last reply by Mike Kaply prije 1 godina

  • Arhivirano

ExtensionSettings not deploying through Intune OMA-URI

Hi, I've been struggling for a week to try and get our extensions managed in Firefox. Firstly I tried doing it in Intune through the Extension Management setting in the … (pročitajte više)

Hi,

I've been struggling for a week to try and get our extensions managed in Firefox. Firstly I tried doing it in Intune through the Extension Management setting in the ADMX however that wouldn't work as it couldn't parse the JSON. Then I've tried using the OMA-URI ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/ExtensionSettings

I'm now getting a straight up error in Intune -2016281112 (0x87d1fde8). I've followed the documentation as best as I can but it still doesn't seem to work. In the Intune logs there is no record of the Config profile even being attempted. Any ideas as to what is causing this error? Here is the full code being used for the OMA-URI string:

<enabled/>
<data id="ExtensionSettings" value='
{

   "*": {
       "blocked_install_message": "This extension is blocked. Please contact the helpdesk for further assistance.",
       "install_sources": ["about:addons","https://addons.mozilla.org/*"],
       "installation_mode": "blocked",
       "allowed_types": ["extension"]
   },
   "rested@restedclient": {
       "installation_mode": "allowed"
   },
   "{c45c406e-ab73-11d8-be73-000a95be3b12}": {
       "installation_mode": "allowed"
   },
   "{5caff8cc-3d2e-4110-a88a-003cc85b3858}": {
       "installation_mode": "allowed"
   },
   "selenium-ide": {
       "installation_mode": "allowed"
   },
   "{a6fd85ed-e919-4a43-a5af-8da18bda539f}": {
       "installation_mode": "allowed"
   },
   "{16a49f65-1369-4839-a5ef-db2581e08b16}": {
       "installation_mode": "allowed"
   },
   "{5384767E-00D9-40E9-B72F-9CC39D655D6F}": {
       "installation_mode": "allowed"
   },
   "{83efb7a7-cf21-4f94-840a-316f651053ef}": {
       "installation_mode": "allowed"
   },
   "{edfc63b3-fc9b-4b6b-b9bf-4561ad548044}": {
       "installation_mode": "allowed"
   },
    "{f1a3d59a-f759-4d03-9545-6f741e64524e}": {
       "installation_mode": "allowed"
   },
    "cors-everywhere@spenibus": {
       "installation_mode": "allowed"
   }
}'/>

Asked by liquidtabs prije 1 godina

Last reply by Mike Kaply prije 1 godina

  • Arhivirano

Credit Card/Debit Card Group Policy

Hi all, I need to be able to disable the option to save Credit Card/Debit cards through group policy, has anyone got a few steps to help me through this? Thank You … (pročitajte više)

Hi all,

I need to be able to disable the option to save Credit Card/Debit cards through group policy, has anyone got a few steps to help me through this?

Thank You

Asked by dan.maskrey prije 1 godina

Last reply by Mike Kaply prije 1 godina

  • Riješeno
  • Arhivirano

Intune ExtensionSettings Policy No Longer Working in Firefox

Hello, in Firefox browser, my organization has always blocked all extensions except for ones we allow through OMA-URI ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~fi… (pročitajte više)

Hello, in Firefox browser, my organization has always blocked all extensions except for ones we allow through OMA-URI ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/ExtensionSettings.

About a month ago this stopped working and our end users can now install any extension in the Firefox browser that they choose, without approval, creating a security risk.

When checking in about:policies, there is a policy error: Unable to parse JSON for ExtensionSettings. We have checked with Microsoft Intune support and they verified that the policy looks to be configured and targeted correctly.

Here is a snippet of our JSON, this is a test policy where microsoft support had us remove "about:addons" from the 'install sources'. Both test and production policies are not working.

<enabled/>
<data id="ExtensionSettings" value='
{
    "*": {
        "blocked_install_message": "Contact Service Line",
        "install_sources": ["https://addons.mozilla.org/*"],
        "installation_mode": "blocked",
        "allowed_types": ["extension"]
    },
    "cloudmetering@snowsoftware.com": {
        "installation_mode": "force_installed",
        "install_url": "file:///C:/Program Files/Snow Software/Inventory/Agent/FFCloudmetering.xpi"
    },
    "fpdlpffext2@forcepoint.com": {
        "installation_mode": "force_installed",
        "install_url": "file:///C:/Program Files/Websense/Websense Endpoint/winFFext.xpi"
    },
    "jid1-5AULKXLKGyjuLQ@jetpack": {
        "installation_mode": "allowed"
    },
    "abb@amazon.com": {
        "installation_mode": "allowed"
    },
    "ciscowebexstart1@cisco.com": {
        "installation_mode": "allowed"
    },
    "linkedinConverted@firefox-extension": {
        "installation_mode": "allowed"
    },
    "{7bc53591-5218-45a0-b572-4366979097fd}": {
        "installation_mode": "allowed"
    },
    "queryamoid@kaply.com": {
        "installation_mode": "allowed"
    },
    "jid1-93WyvpgvxzGATw@jetpack": {
        "installation_mode": "allowed"
    },

Is this a bug? Or something wrong with our configuration? Has firefox changed the requirements of the extensionsettings OMA-URI?

Thanks for any help in advance.

Asked by victoria.gray prije 1 godina

Answered by victoria.gray prije 1 godina

  • Arhivirano

Group Policy define exceptions for cookies and site data

In our organization, we enforce through group policy to clear cookies and site data each time the browser is closed. I see there's an exception list to define certain sit… (pročitajte više)

In our organization, we enforce through group policy to clear cookies and site data each time the browser is closed. I see there's an exception list to define certain sites that it will not clear cookies or site data. Where in group policy can this exception be set.

This option can be seen (allow) from the article here under Block cookies and site data for more than one website > Step 3 https://support.mozilla.org/en-US/kb/block-websites-storing-cookies-site-data-firefox

Thanks,

Asked by Robert.Fitzgerald prije 1 godina

Last reply by Mike Kaply prije 12 mjeseci

  • Arhivirano

Bypass info

Hi Dear support mozila Firefox IT team, I need to find out if there is an option on the user's computer in the local network, how to connect to the bypass list of the Fi… (pročitajte više)

Hi Dear support mozila Firefox IT team,

I need to find out if there is an option on the user's computer in the local network, how to connect to the bypass list of the Firefox browser with a hidden version. Which aims to adjust, add and modify without bothering the user to quickly organize the work. If there is an option, please send me a guide.

Asked by sasun.ispiryan prije 11 mjeseci

Last reply by cor-el prije 11 mjeseci

  • Arhivirano

Group Policy Block Extensions

Hello. I have trying to test a GPO this week that will lock down the use of extensions. In summary we are shifting to a complete "deny all/allow by exception format". As… (pročitajte više)

Hello. I have trying to test a GPO this week that will lock down the use of extensions. In summary we are shifting to a complete "deny all/allow by exception format".

As a reference I have been using the below article as my source on how to set this up. https://github.com/mozilla/policy-templates#extensionsettings

After reading through the article the base example they have works flawlessly. I have put this base example below.


{

 "*": {
   "blocked_install_message": "Custom error message.",
   "install_sources": ["https://yourwebsite.com/*"],
   "installation_mode": "blocked",
   "allowed_types": ["extension"]
 },
 "uBlock0@raymondhill.net": {
   "installation_mode": "force_installed",
   "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"
 },
 "https-everywhere@eff.org": {
   "installation_mode": "allowed"
 }

}


The minute I try to change it though the whole thing breaks. For context, I have tried adding 1 password as a forced installed add in, and also try placing it below under allowed. See my example below of the one where I am putting it is allowed. Any idea of what I am doing wrong?


{

 "*": {
   "blocked_install_message": "Custom error message.",
   "install_sources": ["https://yourwebsite.com/*"],
   "installation_mode": "blocked",
   "allowed_types": ["extension"]
 },
 "uBlock0@raymondhill.net": {
   "installation_mode": "force_installed",
   "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"
 },
 "*": {
   "installation_mode": "force_installed",
   "install_url": "https://addons.mozilla.org/firefox/downloads/latest/1password-x-password-manager/latest.xpi"
 }

}

Asked by bortkyle199410 prije 10 mjeseci

Last reply by Mike Kaply prije 10 mjeseci