All Products Support Forum

Dear Forum,

Maybe this has been already asked but i keep getting the quite opposite when searching.

is there a way that i can save passwords, for autofill purposes, for specific websites in Firefox using GPO?.

I have 4 computers, that are currently deployed with Firefox and all 4 should be able to login to a specific website with a given username and password. I would like to set the username and password for them stored in the Firefox password manager and let it autofill it for them when going to the given website.

Or should i do this using the created shortcut they received, deployed to their systems using GPO?

Thank you in advanced.

So I have been some issues with my Debian bookworm (Gnome bugged out) and changed to Sparky ( not a massive update I know, it's the same repo anyway) . Once Sparky Firefox upgraded to the latest version, I noticed some interesting behavior (tor running in the background and etc). I wasn't careful with playing gods with storage & cache, so had to again reinstall sparky. To my surprise my all passwords, bookmarks. add-ons are gone. I had just one account (was also using the dev browser for some time), so really it's awkward ad upsetting situation, any troubleshooting steps you can suggest?

So we update Firefox via PatchMyPC from SCCM. We don't want to disable Firefox Updates. The issue is how do you stop the Update notification popup every time you start Firefox. You don't have this issue on Edge and Chrome

Hello, I am trying to manage Firefox Extension using "Extension Setting" via Intune. Source: https://github.com/mozilla/policy-templates/blob/master/README.md#extensionsettings I am testing below JSON for testing. <enabled/> <data id="ExtensionSettings" value=' {

 "*": {
   "blocked_install_message": "Not Allowed contact HelpDesk.",
   "install_sources": ["https://www.example.com/*"],
   "installation_mode": "blocked",
   "allowed_types": ["extension"]
 },
 "uBlock0@raymondhill.net": {
   "installation_mode": "force_installed",
   "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"
 },
   "https-everywhere@eff.org": {
   "installation_mode": "allowed"
 },
 "jetpack-extension@dashlane.com": {
   "installation_mode": "allowed",
   "install_url": "https://prod.extensions.dashlane.com/downloads/firefox/dashlane-latest-fx.xpi"
 }

}'/>

When deployed to test devices, all extension previously installed get removed and Ublock get installed, seem like working as intended but when I try to install any "Allowed" I get the block installed message. I see no error in "about:policies". I don't know where else to look for why its getting blocked?

Any help will be much appreciated.

Good day.

I have created a custom Search Engine via a GPO.

The search engine is added to Firefox without issue. However, when a user enters in a search with a space, Firefox replaces the space with a "plus" instead of a %20. The search engine does not know how to interpret a "plus," so the search engine returns 'no results found.' I use the same search string in a Chrome GPO, and it works as Chrome replaces a space with a %20. Is there a way I can tweak the Search engine GPO to use %20 instead of a "plus" for a space?

Thanks.

Peter

Hi there,

We would like to disable ECH on our browsers as it is interfering with our Anti-virus Website blocks. I have identified the settings that need to be changed in about:config and was able to configure 2 of them to be controlled via a registry key but was not able to for another 3 as their keys should be placed in a different Key in the registry. I have searched all over but cannot identify the name for this Key.

The settings I need to manage are in the image. I was able to configure the settings beginning with network.dns but I am not sure how to manage the settings beginning with security.tls.ech

Any help would be much appreciated

Good afternoon,

We're currently trying to set up a Hardening Guide for Firefox ESR but are struggling with a few policies and setting wildcards.

For example, we're trying to set an origin in Cookies > Block Settings to something like "*", and we get the error "Ignoring parameter "*" - not a valid origin."

In Chrome / Edge you can set a wildcard like this: [*.]google.com for example - we receive the same error message for this.

Can you do such a thing for Firefox ESR without having to list every site you want to block?

ESR Version: 115.6.0esr (64-bit)

Kind Regards, Ethan Jerrum

How can I apply a policy based on "blocked_permissions". I've read Chrome documentation but I guess Firefox does not support this parameter. Right? If so, is there any way to request this feature?

I need a policy like

{

 "policies": {
   "ExtensionSettings": {
     "*": {
       "blocked_permissions": ["tabs"]
     }
   }
 }

}

Forgive me if I am not describing this correctly but really need help, if you ask me questions back, I will be happy to answer once I find that answer to your question. The issue we are experiencing is not my area of expertiese but no one in my org can find an answer so here I am.

We have not migrated our enterprise above Firefox ESR 91.x as of yet, we have some internal sites that use IBM Webseal to provide SSO and some of that functionality is broken in version 102.x and above. There are three options on the frontend page to use RSA token, PKI logon and username/password: each one a separate choice for the end user experience. RSA and Username/password work without issue but PKI logon does not, once you click on the logon button it is supposed to grab the certificate from your PKI card and use it to logon to the web application, but it does not seem to complete this process instead it proceeds to another page almost immediately that reads Error An attempt to authenticate with a client certificate failed. A valid client certificate is required to make this connection. Click here to return to the authentication page. DPWWA1124W A client certificate could not be authenticated. Our web developers have opened a ticket with IBM and from what I was told after troubleshooting and traffic capture, they never see the certificate make it to the backend for authentication and it is a Firefox issue because Google and MS Edge work just fine. Because of this IBM closed the case.

Has anyone experienced this issue and know of a fix or is there any suggestions as to what we can look for as an attempt to fix this issue? What has changed between version 91.x to 102.x ESR (we have tried the RRs and it is an issue there also)? Is this a bug in Firefox?

I am using Firefox ESR 102.2.0 version which I updated yesterday. Now when I try to login to my account on "https://myaccount.hdfclife.com/login", the captcha is covered and I can not read it. See the attached file.

It was working fine in the previous esr release 102.1.0. I have tested it with a new profile and captcha is visible in 102.2.0 version.

My query is about the cause of this issue and how can I fix it. I have checked and found that this issue does not appear on other websites. If there is an issue with the profile it should be with other websites which is not the case.

Please help

I have imported the ADMX and tried to add an extension but it does not appear. So I imported the admx and this is working because I have another custom oma-uri that sets the home pages.

Here is what I have for my custom oma-uri to try and get the 1password extension added to FireFox. It is coming back with an error, Any recommendations? Name: Extensions_Install OMA-URI: ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/Extensions_Install Data Type: String Value: <enabled/> <data id=”Extensions” value=”1\https://addons.mozilla.org/en-US/firefox/addon/1password-x-password-manager”/>

Locking this thread.
Please continue here: [/questions/1430409]
In my environment, we have Firefox version 117. Users get this pop up "You must log in to this network before you can access the Internet" (see snip 1) when they launch firefox. In order to get rid of we can toggle this preference setting to TRUE ""network.captive-portal-service.enabled" in the user's browser, which works fine. But i want to control this setting from GPO. I'm unable to find the GPO for the same in the GPO hive for FF. See snip 2 for 'Preferences' related GPOs.

Hello,

Applying Preferences & Extension Management GPO's will bug certain GUI settings. The three examples I have are HTTPS-Only Mode & Forms and Autofill within about:preferences, and Enable USB Devices within about:debugging.

When HTTPS-Only Mode is set to "Don't Enable HTTPS-Only Mode" and locked via Preferences GPO, Users can continue to toggle between the settings. Forms and Autofill settings will not populate within about:preferences if address and credit card formfill values are false and locked via Preferences GPO. However, when the same GPO is deployed from Active Directory, Forms and Autofill settings will populate with address available for User toggle. Key, the values within about:config reflect what is set via GPO, and do not change among toggle or User intervention.

When locking down Enable USB Devices within about:debugging by blocking the extension install via Extension Management GPO, Users can continue to toggle the button after the policy applied. Although, just as previously mentioned, the extension does not get installed and seems the policy intervenes.

My questions being, are these simply GUI bugs since the values respect group policy? Are there other methods to lock down these settings?

I understand this is quite a bit of information and appreciate your help and time!

Preferences JSON - { "extensions.formautofill.creditCards.available": {

   "Value": false,
   "Status": "locked"
 },

"extensions.formautofill.creditCards.enabled": {

   "Value": false,
   "Status": "locked"
 },
 "browser.formfill.enable": {
   "Value": false,
   "Status": "locked"
 },
 "extensions.formautofill.addresses.enabled": {
    "Value": false,
    "Status": "locked"
 }

}

Extension Management JSON - { "adb@mozilla.org": { "installation_mode": "blocked" } }

- Dom

I have seen many references to this problem that Mozilla does not seem to want to fix.

I have to log in to my (remote) server regulary using the server IP address - there is not a domain name.

Every time (cookies/history always cleared on exit) it presents the message "Warning: Potential Security Risk Ahead" and then have to click advanced then accept the risk. Under previous versions I use, this could be stored so you do not have to go thrugh this process EVERY time on logging in to the server.

Everyone knows you can NOT assign a security certificate to an IP address so why does Mozilla not take this into consideration?

Will they change this in future versions?

Is there a work around (no config changes seem to work or chrome changes)

rgds JR UK

I need to be able to hide the Extensions button from the toolbar. Is there a way to do that outside of the user.js or prefs.js? Preferably I'd like to do this though the policies.json file though I could not find any options for this.

I am using the intune preview feature which allows you to import admx/adml instead of using the custom injection method. Everything works far better then with the injection method, except for one settings:

ExtensionSettings this setting is working when I have only one setting set (ex):

{"someplugin@test.com": { "installation_mode" : "allowed" }}

If I add a second line to the entry:

{"someotherplugin@test.com":{ "installation_mode" : "allowed"}}

I understand this is a new feature, but if I had the correct format that would work for HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox\ExtensionSettings to allow two plugins to work I belive I shouldn't have any issue getting the admx feature to do this, I even tried manually editing the registry setting and it breaks whenever I add the second line to it.

I am reviewing my user.js and pref.js files in anticipation of deploying policy settings in GPO. As a part of the review, I am trying to document what each of the preferences in those files actually do, in order to be able to see in the future why a setting was set the way it was.

I am presently at the preference "pref.browser.language.disable_button.remove". Based on the name of the preference, I would think that if set to true, it would disable the remove button in the Webpage Language Settings window. (Hamburger menu -> Settings -> General -> Language -> Choose your preferred language for displaying pages)

When I set it to true, it does not disable the remove button but when I use the remove button, the preference is set to false.

Am I misunderstanding the purpose of this preference or is there more to using this preference than just setting its value in about:config?

Also, I see there are a number of other preferences that contain disable_button but that only one, "pref.privacy.disable_button.view_passwords", has a GPO policy for setting. I would expect that these preferences containing disable_button would all work in a similar way just each for a different button in the Firefox GUI.

If it matters, I'm running Firefox 115.3.1esr 64-bit en-ca on Windows 10.

Hi,

we want to switch our Firefox configuration from file-based (policies.json) to GPO-based. We rolled out the GPO on some test clients and it worked like a charm.

But... It shows that there are some clients which need a second firefox installation for a special purpose, which is not allowed to enter the internet or update itself.

The file-base configuration can handle these to different installations with two differend policies.json files.

Is there a way to accomplish this scenario with the use of GPOs? The GPO-base configuration seems to be global for every client.

At this moment i don't see a solution for our problem. Do you see one?

Software used: Firefox ESR 102.15.1 on RedHat Enterprise Linux 8 with the Xfce4 desktop environment in version 4.16.3.

I run two Firefox windows on two different virtual desktops. Most open tabs in each of them are tied to the workflow I use on each desktop, in case this is somehow important.

Problem description: Sometimes, Ctrl+clicking on HTTP or HTTPS links will open the resource in a new window instead of in a new tab. This appears to be random, and does not depend on the link target. It is also not properly reproducible, so the same link may work just fine and open the resource in a new tab as expected on another attempt to Ctrl+click it.

Properties like browser.link.open_newwindow or browser.link.open_newwindow.override.external are unmodified and set at their default values.

I can drag the new window's only tab back into the browser window in which I originally clicked on such a link, but this is becoming tedious. Sometimes I overlook this, resulting in a chaos of multiple open Firefox windows with multiple open tabs in each of them.

The behavior I would expect: When Ctrl+clicking on links, their resources should always open in a new tab, never in a new window, unless it's a link with a protocol that Firefox by itself won't handle and where it will have to rely on another program to open it (e.g. ftp://, ssh:// or mailto:somebody@somedomain.com).

My request: I would like this to be fixed if it's a real bug. If I am somehow responsible myself without knowing why, please just let me know what I might be doing wrong.

If there are some workarounds for this, e.g. some properties I could set in about:config, help with those would be appreciated as well.

Most information I can find about similar problems is pretty old by now and pre-dates Firefox 102.15.1 by many releases and years. All suggestions I could find about what one would need to change in about:config to fix this seem to be the default by now anyway.

Thank you very much!

Hi,

We are using Firefox Enterprise on Windows Server 2016 Remote Desktop for approx 100 users.

The users need very often to create a new profile when launching FireFox, and then loose all their bookmarks.

Is there a way to manage the profiles correctly to bypass this problem ?

Thank you for your help ! Have a nice day.