- Archived
Why is config tls.version.enable-deprecated not in ADMX template
Why is the config option security.tls.version.enable-deprecated not defined in the latest (4.7) ADMX template?
Why is the config option security.tls.version.enable-deprecated not defined in the latest (4.7) ADMX template?
Bonjour, Je travaille dans un musée. Nous utilisons Firefox sur des pc accessibles pour le public. Comment accéder à "aboutNetErrorCodes.js" pour l'éditer. Je souhaite re… (read more)
Bonjour, Je travaille dans un musée. Nous utilisons Firefox sur des pc accessibles pour le public. Comment accéder à "aboutNetErrorCodes.js" pour l'éditer. Je souhaite remplacer le message par défaut de Firefox et rediriger vers une une page en local. Merci pour votre aide. Yves
Hi i need to know how to achieve the following using windows 10 registry. 1. Block Extension installations and disable existing installed extensions. 2. Allow only app… (read more)
Hi
i need to know how to achieve the following using windows 10 registry.
1. Block Extension installations and disable existing installed extensions.
2. Allow only approved extensions so that users could install it from the store.
These settings were able to configure easily for Chrome and Edge browsers.
Thanks Muja
I would like to prevent users to navigate on the Linux system when they view a PDF and then use the Save option. The "PDFjs" policy enables or disables the PDF Viewer but… (read more)
I would like to prevent users to navigate on the Linux system when they view a PDF and then use the Save option. The "PDFjs" policy enables or disables the PDF Viewer but does not control the built-in PDF Viewer menus.
When I type about:policies, I get "The Enterprise Policies service is inactive". I'm trying to validate my configuration against Firefox STIGs which require certain of th… (read more)
When I type about:policies, I get "The Enterprise Policies service is inactive". I'm trying to validate my configuration against Firefox STIGs which require certain of these policies to be set. So what does this message actually mean? Does it mean no policies are set? Are they set somewhere else? I have Windows Server 2016. Thank you.
Is there a way to force Firefox updates within a specified time window via group policy? The ADMX templates appear to allow enabling or disabling updates or enforcing bac… (read more)
Is there a way to force Firefox updates within a specified time window via group policy? The ADMX templates appear to allow enabling or disabling updates or enforcing background updates, but we are not seeing an option in Group Policy to configure a delay or time window for searching for app updates.
Hello, We have a vulnerability scanner in our environment that tells us when Firefox needs to be updated. We found that in order to update it, we need to go the settings… (read more)
Hello,
We have a vulnerability scanner in our environment that tells us when Firefox needs to be updated. We found that in order to update it, we need to go the settings tab and then to the updates portion of the menu to initiate the update. After this we are asked to restart. Any way to avoid this entire process?
we have VDI environment where certificates are not reflecting in Firefox browser for all users.
Hi, I'm blocked because for my company i have to make a GPO that will setup the default handler for pdf files. I picked up different codes on internet but it went the sa… (read more)
Hi,
I'm blocked because for my company i have to make a GPO that will setup the default handler for pdf files. I picked up different codes on internet but it went the same way for all of them, it didn't work. Im pretty sure that's not a GPO application issue because actually all the others setings are working perfectly.
The json code was paste on the Handlers settings as u can see in the attachement.
Hopefully that i will find help there.
Cordially.
Hi, I am looking for a security Hardening guidelines for Firefox from Mozilla. Could you please guide me to the right direction where I can find one. Thanks Raju … (read more)
Hi, I am looking for a security Hardening guidelines for Firefox from Mozilla. Could you please guide me to the right direction where I can find one.
Thanks Raju
Can we set up these gpo`s so that there is a check for dependencies? Windows (GPO) Software\Policies\Mozilla\Firefox\SecurityDevices\Add\NAME_OF_DEVICE_TO_ADD = PATH_TO… (read more)
Can we set up these gpo`s so that there is a check for dependencies?
Windows (GPO)
Software\Policies\Mozilla\Firefox\SecurityDevices\Add\NAME_OF_DEVICE_TO_ADD = PATH_TO_LIBRARY_FOR_DEVICE Software\Policies\Mozilla\Firefox\SecurityDevices\Remove\1 = NAME_OF_DEVICE_TO_REMOVE
Thank you.
I am pushing out bookmarks company-wide through Intune on users Laptops. I spoke with Microsoft support and the configuration policy is created correctly and I followed F… (read more)
I am pushing out bookmarks company-wide through Intune on users Laptops. I spoke with Microsoft support and the configuration policy is created correctly and I followed Firefox's support page in creating them. It seems that the new JSON script that tells Firefox what bookmarks is unable to parse.
Anyone know if Firefox had an update that prevents intune from sending the JSON file?
Error message given through firefox.
"Unable to parse JSON for ManagedBookmarks"
We have put user and computer startup scripts to detect and delete firefox from our enterprise customers. Firefox cannot be kept SAFe through InfoSec. InfoSec and SAFe r… (read more)
We have put user and computer startup scripts to detect and delete firefox from our enterprise customers. Firefox cannot be kept SAFe through InfoSec.
InfoSec and SAFe require the business be in charge of security which is what our customers understand. They constantly find firefox out of date and vulnerable. We have tried over and over to use the firefox admx files to force background update both at the computer and user OUs but find that users can uncheck the box and it remains vulnerable and out of compliance. Edge and Chrome can be controlled by the business (not end user) through group policy and kept up to date and we never find either out of date by implementing our policies.
Firefox constantly tells end users how to check the boxes and no group policy can enforce them as we don't see the registry updated even though we even put a registry patch in, firefox is still in the control of the end user and not SAFe. If you don't know what I mean by SAFe, check this out.
When setting Windows to "Require DoH", firefox will not resolve DNS addresses, regardless of which "Enable secure DNS" setting is picked in FireFox security settings tab.… (read more)
When setting Windows to "Require DoH", firefox will not resolve DNS addresses, regardless of which "Enable secure DNS" setting is picked in FireFox security settings tab.
I expected at least "Off -- Use your default DNS resolver" to work.
If Windows is configured to just "Allow DoH", Firefox has no issues resolving DNS addresses, for any of the Firefox policy settings.
For reference, you can find the DoH policy setting in windows group policy editor, here:
gpedit.msc
Computer Configuration -> Administrative Templates -> Network -> DNS Client -> Configure DNS over HTTPS
(Have to enable it, then select Configure DoH options: Require DoH.)
you may need to issue a gpupdate /force for the setting to be picked up quickly.
I'm looking to allow the CyberArk extension for FireFox, via our GPO. I am not seeing the application ID for the extension, which is needed. I'm hoping that you folks ca… (read more)
I'm looking to allow the CyberArk extension for FireFox, via our GPO. I am not seeing the application ID for the extension, which is needed.
I'm hoping that you folks can provide that ID.
Thanks!
Looking to specify homepage, homepage button, and new tab page within Firefox on our Mac fleet. I was able to create a plist file for macs, and it was "deployed successf… (read more)
Looking to specify homepage, homepage button, and new tab page within Firefox on our Mac fleet.
I was able to create a plist file for macs, and it was "deployed successfully" according to Intune, but no changes actually happened on my test machines.
I've uploaded a redacted version of the used plist.
Anyone out there have any ideas?
Is there a way to trigger a Firefox browser update through command line or script? I need to trigger an update across a few hundered computers and I can do this, but thr… (read more)
Is there a way to trigger a Firefox browser update through command line or script? I need to trigger an update across a few hundered computers and I can do this, but through command line or script automation. What is the command line syntax to do this, if there is any?
Thank you for your help
Hi, I would like to migrate my 5000 users over onto FF. One of the requirements is to preload bookmarks for these users, something we can do with Chrome already. We are r… (read more)
Hi, I would like to migrate my 5000 users over onto FF. One of the requirements is to preload bookmarks for these users, something we can do with Chrome already. We are running on Windows devices and use an ADMX and an XML (listing the bookmarks and folders) to push this policy via InTune. I can't find any means of replicating it in FF... is it possible?
I'm setting up addon installation through `policy.json`. Below is an example. I am wondering howto configure addons thus installed using the same file. Is it possible? If… (read more)
I'm setting up addon installation through `policy.json`. Below is an example. I am wondering howto configure addons thus installed using the same file. Is it possible? If yes: where to find addon-specific keys/options? As an example: when providing below `policy.json`, starting any fresh firefox profile/installation produces the dialog "Startpage.com - Private Search Engine would like to change your default search engine from Google to Startpage.com - English. Is that OK?", followed by yes/no buttons. I would like to be able to just make the addon do so forgoing the dialog.
Thanks for any pointers.
{
"policies": { "ExtensionSettings": { "*": { "blocked_install_message": "Installation of extensions only allowed from 'policy.json'.", "installation_mode": "blocked" }, "{20fc2e06-e3e4-4b2b-812b-ab431220cada}": { "installation_mode": "force_installed", "install_url": "https://addons.mozilla.org/firefox/downloads/latest/startpage-private-search/latest.xpi" } }, "ExtensionUpdate": true }
}
Seems to be new in 122.0 because i never received that before. It asks if you want to open links with Firefox and if you do, it sets file associations for htm / html and … (read more)
Seems to be new in 122.0 because i never received that before. It asks if you want to open links with Firefox and if you do, it sets file associations for htm / html and things like that. However in a company environment i want to supress that notification