• Solved
  • Archived

Can no longer play media with Firefox ESR 102.x

Hello, ever since we moved endpoints from Firefox ESR 91.13 to 102.3, it has become impossible to play any media with Firefox. No video will play in youtube, for instanc… (read more)

Hello, ever since we moved endpoints from Firefox ESR 91.13 to 102.3, it has become impossible to play any media with Firefox.

No video will play in youtube, for instance (it just loads endlessly as if it would start, but it doesn't).

Can't use radio websites either. Anything with a "play" button (video or sound) does nothing.

This has been tested with a clean profile, a clean install, after allowing autoplay in the settings.

Is there any info on what exactly changed between ESR 91 and 102 that might explain this ? There has been no system change, If I reinstall 91 instead it works again as usual.

No issues anywhere else on the endpoints (Edge, Windows), this is on Windows 10 if it makes any difference.

Tanks for any help on this.

Asked by OdeonFF 1 year ago

Answered by OdeonFF 1 year ago

  • Archived

How can I allow certain host permissions to each user machine installation as an organization admin

I have one extension to be installed on the enterprise network machines. There are host permissions required to access All websites data. How can I, as an Admin, enable… (read more)

I have one extension to be installed on the enterprise network machines. There are host permissions required to access All websites data. How can I, as an Admin, enable this host permissions for the installation ?

Asked by Morankar 1 year ago

Last reply by Mike Kaply 11 months ago

  • Archived

GitHub Registry List

on GitHub the commands are all based on Java https://github.com/mozilla/policy-templates#preferences Is there a list of all available registry settings? Or where do thes… (read more)

on GitHub the commands are all based on Java https://github.com/mozilla/policy-templates#preferences

Is there a list of all available registry settings? Or where do these Java options come from, where can I read them out?

Asked by edv40038 1 year ago

Last reply by Mike Kaply 1 year ago

  • Solved
  • Archived

AutoConfig Alert

Good morning, I'm reaching out to see if I can get some assistance with Firefox on of our network. I'm System Admin at Goodfellow AFB. I've tried searching this issues … (read more)

Good morning,

I'm reaching out to see if I can get some assistance with Firefox on of our network. I'm System Admin at Goodfellow AFB. I've tried searching this issues on the web and found similar issues but solutions that were recommend online have not worked for us. Yes I have uninstalled Firefox completely and installed it from scratch. I know it has something to do with autoconfig file but not sure what exactly I'm looking for. Thanks.

Asked by Chase Cathey 2 years ago

Answered by jscher2000 - Support Volunteer 2 years ago

  • Solved
  • Archived

Firefox Intune OMA-URI error

Dear Everyone, Facing issue with deploying Configuration Profile for Extension Settings via Intune. Tried ADMX imported template with adding there "block all extensions"… (read more)

Dear Everyone, Facing issue with deploying Configuration Profile for Extension Settings via Intune. Tried ADMX imported template with adding there "block all extensions" and allow certain ones. Worked perfect in Jamf, for Intune failing all time. We are using Firefox v.121, policies are for v.120, but I am in doubt that this is the issue. Can someone review and let me know if there any issue or may be changes? Using latest instructions https://mozilla.github.io/policy-templates/#extensionsettings Also here is my OMA, very easy.

OMA used ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/ExtensionSettings

Value(string):

<enabled/> <data id="ExtensionSettings" value=' {

 "*": {
   "blocked_install_message": "Security Test",
   "installation_mode": "blocked",
   "allowed_types": ["extension"]
 },
 "{bf855ead-d7c3-4c7b-9f88-9a7e75c0efdf}": {
   "installation_mode": "force_installed",
   "install_url": "https://addons.mozilla.org/firefox/downloads/latest/zoom-new-scheduler/latest.xpi"
 },
   "@react-devtools": {
   "installation_mode": "allowed"
 }

}'/>

Asked by Valery Volos 6 months ago

Answered by Mike Kaply 6 months ago

  • Archived

Upgrade Problem

Every time you open Firefox, you will prompt old version bookmarks, history, and passwords, and you can't use them. Choose to opt out or create a new personal file. There… (read more)

Every time you open Firefox, you will prompt old version bookmarks, history, and passwords, and you can't use them. Choose to opt out or create a new personal file. There are also prompts for the upgrade, and the downgrading version is unsuccessful pls help me

Asked by yi yan 1 year ago

Last reply by Mike Kaply 1 year ago

  • Archived

FF 102.3.0esr doesn't update

FF 102.3.0esr (64-bit) says 'You are currently on the update channel' but doesn't update. I see 102.5.0 is available. Originally said policies managed by organization. … (read more)

FF 102.3.0esr (64-bit) says 'You are currently on the update channel' but doesn't update. I see 102.5.0 is available. Originally said policies managed by organization. Enterprises Policies. I Deleted [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox]. Enterprises Policies now gone, but message hasn't changed nor can I update.

Asked by Norbert38 1 year ago

Last reply by Mike Kaply 1 year ago

Folder redirection conflicts synchronization firefox profile

Welcome, We are implementing redirected folders in our company via Widnows Server. We are also redirecting the Appdata folder. We have offline mode enabled which means th… (read more)

Welcome, We are implementing redirected folders in our company via Widnows Server. We are also redirecting the Appdata folder. We have offline mode enabled which means that the folders are synchronised every 5 minutes. The synchronised Appdata folder has a Firefox profile which causes a lot of conflicts. Every time the folder is synced there are conflicts like "Both versions have been updated since the last sync" or "Cannot sync now. Try again". I attach a screen shot of how much of this there is. No other applications cause such errors. Only Firefox blocks us from a large deployment. If the problem cannot be resolved we will be forced to abandon the FireFox browser altogether. Has anyone had a similar problem?

Asked by sebastian.pawlowski 4 months ago

Last reply by Mike Kaply 3 months ago

  • Archived

Prefs.js file is generated in random userprofile path, need to overwrite it dynamically

Need way to overwrite prefs.js with corporate standard for kiosk like environment. Either need way to have firefox install in standard path within each user profile or h… (read more)

Need way to overwrite prefs.js with corporate standard for kiosk like environment. Either need way to have firefox install in standard path within each user profile or have firefox insert file from source. Advice ? thanks.

Asked by jon.dickens 2 years ago

Last reply by jon.dickens 1 year ago

  • Solved
  • Archived

deploying firefox-add-ons via group policies doesn't work anymore after proxy-change

Hello, I used to deploy add-ons via group policies - this worked like a charm: Firefox esr (91.11.0esr x64), ADMX-templates in Sysvol\PolicyDefinitions, Group Policies: … (read more)

Hello,

I used to deploy add-ons via group policies - this worked like a charm: Firefox esr (91.11.0esr x64), ADMX-templates in Sysvol\PolicyDefinitions, Group Policies: User configuration, administrative templates, mozilla, firefox, add-ons --> install add-ons --> https://addons.mozilla.org/firefox/downloads/file/1234567/goodaddon-1.0.01.xpi

A few months ago, we had to change our network-configuration. We were using a proxy before, but our proxy had direct access to the internet. Now our proxy forwards everything to another proxy. Since about that time, add-on-deployment via gpo doesn't work anymore. It could be something else, but i suspect the proxy-change.

I tried to deploy unc-paths, internal websites and different syntaxes; none of this works:

  • http://192.168.100.10/goodaddon-1.0.01.xpi
  • http://internalwebsite/goodaddon-1.0.01.xpi
  • https://192.168.100.10/goodaddon-1.0.01.xpi
  • https://internalwebsite/goodaddon-1.0.01.xpi
  • \\192.168.100.20\netshare\goodaddon-1.0.01.xpi
  • \\internalfileserver\netshare\goodaddon-1.0.01.xpi
  • file://///192.168.100.20/netshare/goodaddon-1.0.01.xpi
  • file://///internalfileserver/netshare/goodaddon-1.0.01.xpi

As you can see I tried using internal sites, so that no proxy would be needed. And I also added these sites to the allowed add-on-installation-sites (computer configuration, same group policy). The sites are all accessible; if I enter these addresses as url, firefox can access the xpi-file.

I know how to pack add-ons into the firefox-setup-file; that still works. But first of all, firefox is already installed on most of my clients. Second, after a fresh installation of firefox with this self-created package, all add-ons are installed, but not activated. And I would like to restrict activation/deactivation of add-ons via gpo.

  1. 1 Are there other ways to deploy add-ons in a domain-network (e.g. script-based)?
  2. 2 Are there any logs where I could find out what exactly goes wrong?
  3. 3 Are there any other syntaxes I could try (group policy urls)?
  4. 4 Can anyone guess what the problem is (why it is not working anymore)?

Help would be very much appreciated.

Best regards.

Asked by mozilla355 1 year ago

Answered by mozilla355 1 year ago

  • Archived

Firefox gives error message when launching on MAC

Every time Firefox is opened it gives an error message (see image). I have tried: Deleting and reinstalling. Deleting Firefox folder in //users/xxxxxxx/Library/Ap… (read more)

Every time Firefox is opened it gives an error message (see image).

I have tried:

  • Deleting and reinstalling.
  • Deleting Firefox folder in //users/xxxxxxx/Library/Application Support & //Library/Caches then uninstalling Firefox.
  • Both above using older Firefox versions.

This issue is happening on all of the Macs in our org. We have no custom configurations. The pkg is installed via FileWave device management. It occurs whether installed through FileWave or manually.

Thanks

Asked by twolf2286 2 years ago

Last reply by Mike Kaply 2 years ago

  • Archived

ESR 115 Windows - background update without user ever logging in or launching FF?

Hello, We want to run Firefox in our environment which is constantly scanned by a security scanner, and deducts points for applications which have a vulnerability that h… (read more)

Hello,

We want to run Firefox in our environment which is constantly scanned by a security scanner, and deducts points for applications which have a vulnerability that has an available patch, but the patch has not been installed. These are on shared Windows terminal servers. Firefox is one of two browsers, Edge being the other one.

If users do not launch firefox at least once, then Firefox never gets updated.

Yes, we have the background update service installed, but it sets itself to manual, and if I try to start it, it simply gives the error "error 1: incorrect function"

How can we configure Firefox 115ESR to be able to run this service automatically, check for updates, and install, without a user on a particular terminal server ever having launched the application once?

Asked by zach.heise 10 months ago

Last reply by Mike Kaply 8 months ago

How to Disable Saved Address and Credit Cards

During a client Audit earlier this week we were dinged on not having the option in Firefox ESR to block manually saving Addresses and Credit Cards. We have the autofill … (read more)

During a client Audit earlier this week we were dinged on not having the option in Firefox ESR to block manually saving Addresses and Credit Cards. We have the autofill disabled however users can still manually add credit cards and addresses and this poses an issue with our call center agents handling Credit Card info. I'd like to be able to gray out the Saved Addresses and Saved Credit Card boxes so as to prevent agents from manually entering card data into it using a GPO or Registry setting that we can push and apply to all our domain PCs. Ideally, if we could add an entry to the JSON preferences in the Mozilla GPO that would gray those options out that'd be best but any option that removes the users ability to add CC info would be acceptable.

Asked by rhall4 5 months ago

Last reply by rhall4 4 months ago

  • Solved
  • Archived

Intune ExtensionSettings Policy No Longer Working in Firefox

Hello, in Firefox browser, my organization has always blocked all extensions except for ones we allow through OMA-URI ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~fi… (read more)

Hello, in Firefox browser, my organization has always blocked all extensions except for ones we allow through OMA-URI ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/ExtensionSettings.

About a month ago this stopped working and our end users can now install any extension in the Firefox browser that they choose, without approval, creating a security risk.

When checking in about:policies, there is a policy error: Unable to parse JSON for ExtensionSettings. We have checked with Microsoft Intune support and they verified that the policy looks to be configured and targeted correctly.

Here is a snippet of our JSON, this is a test policy where microsoft support had us remove "about:addons" from the 'install sources'. Both test and production policies are not working.

<enabled/>
<data id="ExtensionSettings" value='
{
    "*": {
        "blocked_install_message": "Contact Service Line",
        "install_sources": ["https://addons.mozilla.org/*"],
        "installation_mode": "blocked",
        "allowed_types": ["extension"]
    },
    "cloudmetering@snowsoftware.com": {
        "installation_mode": "force_installed",
        "install_url": "file:///C:/Program Files/Snow Software/Inventory/Agent/FFCloudmetering.xpi"
    },
    "fpdlpffext2@forcepoint.com": {
        "installation_mode": "force_installed",
        "install_url": "file:///C:/Program Files/Websense/Websense Endpoint/winFFext.xpi"
    },
    "jid1-5AULKXLKGyjuLQ@jetpack": {
        "installation_mode": "allowed"
    },
    "abb@amazon.com": {
        "installation_mode": "allowed"
    },
    "ciscowebexstart1@cisco.com": {
        "installation_mode": "allowed"
    },
    "linkedinConverted@firefox-extension": {
        "installation_mode": "allowed"
    },
    "{7bc53591-5218-45a0-b572-4366979097fd}": {
        "installation_mode": "allowed"
    },
    "queryamoid@kaply.com": {
        "installation_mode": "allowed"
    },
    "jid1-93WyvpgvxzGATw@jetpack": {
        "installation_mode": "allowed"
    },

Is this a bug? Or something wrong with our configuration? Has firefox changed the requirements of the extensionsettings OMA-URI?

Thanks for any help in advance.

Asked by victoria.gray 1 year ago

Answered by victoria.gray 1 year ago

  • Archived

Preventing access to about: pages, specifically about:logins

Hi, I've been tasked to make some changes to the way users deal with logins and passwords in the office. So, in short, one of the issues is this: is there ANY way to dis… (read more)

Hi,

I've been tasked to make some changes to the way users deal with logins and passwords in the office. So, in short, one of the issues is this: is there ANY way to disable (I'd say "hide" is more accurate) the about:logins page on Firefox?

  • pref.privacy.disable_button.view_passwords (with a lock pref) in autoconfig only disables the "View saved logins" button in Settings.

As for policies:

  • a few policies for blocking about: pages do exist - BlockAboutAddons/Config/Profiles/Support, but can't find one, say, "BlockAboutLogins" or something like that.
  • PasswordManagerEnabled set to false disables the password manager completely, including about:logins, password autofill is disabled as well - not what I need.
  • WebsiteFilter, as expected, doesn't treat about: as a protocol, so it can't be done there either.


Any help is appreciated. Thanks in advance!

Asked by slavev16 1 year ago

Last reply by cor-el 1 year ago

  • Archived

Disable sync option configuration profile

Hi, We are currently looking for a configuration profile to disable the sync option to the users, we allow the users to sign in but not to sync the bookmarks, history, e… (read more)

Hi,

We are currently looking for a configuration profile to disable the sync option to the users, we allow the users to sign in but not to sync the bookmarks, history, etc.

We need to deploy this profile to all the users in our environment.

Regards, Jesus

Asked by J 1 year ago

Last reply by Mike Kaply 1 year ago

  • Archived

Firefox 102 with IBM Webseal PKI logon

Forgive me if I am not describing this correctly but really need help, if you ask me questions back, I will be happy to answer once I find that answer to your question. T… (read more)

Forgive me if I am not describing this correctly but really need help, if you ask me questions back, I will be happy to answer once I find that answer to your question. The issue we are experiencing is not my area of expertiese but no one in my org can find an answer so here I am.

We have not migrated our enterprise above Firefox ESR 91.x as of yet, we have some internal sites that use IBM Webseal to provide SSO and some of that functionality is broken in version 102.x and above. There are three options on the frontend page to use RSA token, PKI logon and username/password: each one a separate choice for the end user experience. RSA and Username/password work without issue but PKI logon does not, once you click on the logon button it is supposed to grab the certificate from your PKI card and use it to logon to the web application, but it does not seem to complete this process instead it proceeds to another page almost immediately that reads Error An attempt to authenticate with a client certificate failed. A valid client certificate is required to make this connection. Click here to return to the authentication page. DPWWA1124W A client certificate could not be authenticated. Our web developers have opened a ticket with IBM and from what I was told after troubleshooting and traffic capture, they never see the certificate make it to the backend for authentication and it is a Firefox issue because Google and MS Edge work just fine. Because of this IBM closed the case.

Has anyone experienced this issue and know of a fix or is there any suggestions as to what we can look for as an attempt to fix this issue? What has changed between version 91.x to 102.x ESR (we have tried the RRs and it is an issue there also)? Is this a bug in Firefox?

Asked by JohnVee 1 year ago

Last reply by JohnVee 1 year ago

  • Solved
  • Archived

Firefox ESR 91.12

Hello, Qualys is detecting Vulnerabilites on our Firefox ESR 91.12 Versions which were patched by MFSA2022-29. It is showing Vulnerabilities because MFSA2022-30 lists CV… (read more)

Hello, Qualys is detecting Vulnerabilites on our Firefox ESR 91.12 Versions which were patched by MFSA2022-29.

It is showing Vulnerabilities because MFSA2022-30 lists CVE's for ESR 102.X and we are on 91.12.

Is there anywhere I can go to get a list of all Vulnerabilities on 91.X to show our Security team, I believe CVE-2022-36314 and CVE-2022-2505 are not present in 91.12 because they are not listed in https://www.mozilla.org/en-US/security/advisories/mfsa2022-29/ but need evidence

Thank You,

Asked by mriley1 1 year ago

Answered by Mike Kaply 1 year ago

  • Solved
  • Archived

how to disable common users to modify the settings of "No proxy for" in "Connection Settings"

I am an admin of some servers, i modify the proxy settings of firefox in a GPO, and it works, but now ont thing is that users can modify the settings of "No proxy for" in… (read more)

I am an admin of some servers, i modify the proxy settings of firefox in a GPO, and it works, but now ont thing is that users can modify the settings of "No proxy for" in Connection Settings, then add the urls, then users can access to any web site which they want to, is there a method to disable this? thanks.

Asked by fas910 1 year ago

Answered by Mike Kaply 1 year ago