• Solved

Is there any Group Policy for AutoSelectCertificateForUrls

Is there any parameter or group policy similar to Chrome "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\AutoSelectCertificateForUrls]", as we implemented application… (read more)

Is there any parameter or group policy similar to Chrome "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\AutoSelectCertificateForUrls]", as we implemented application with Certificate sign-in, it pop-up every time when navigating to different on-prem servers, we enabled Group policy for MSEdge & Chrome, but need to do same for Mozilla Firefox.

I need expert advice on this subject matter.

Regards,

Kamal Kiri

Asked by Kamal Kiri 1 week ago

Answered by Kamal Kiri 6 days ago

  • Solved
  • Archived

AutoConfig Alert

Good morning, I'm reaching out to see if I can get some assistance with Firefox on of our network. I'm System Admin at Goodfellow AFB. I've tried searching this issues … (read more)

Good morning,

I'm reaching out to see if I can get some assistance with Firefox on of our network. I'm System Admin at Goodfellow AFB. I've tried searching this issues on the web and found similar issues but solutions that were recommend online have not worked for us. Yes I have uninstalled Firefox completely and installed it from scratch. I know it has something to do with autoconfig file but not sure what exactly I'm looking for. Thanks.

Asked by Chase Cathey 2 years ago

Answered by jscher2000 - Support Volunteer 2 years ago

Folder redirection conflicts synchronization firefox profile

Welcome, We are implementing redirected folders in our company via Widnows Server. We are also redirecting the Appdata folder. We have offline mode enabled which means th… (read more)

Welcome, We are implementing redirected folders in our company via Widnows Server. We are also redirecting the Appdata folder. We have offline mode enabled which means that the folders are synchronised every 5 minutes. The synchronised Appdata folder has a Firefox profile which causes a lot of conflicts. Every time the folder is synced there are conflicts like "Both versions have been updated since the last sync" or "Cannot sync now. Try again". I attach a screen shot of how much of this there is. No other applications cause such errors. Only Firefox blocks us from a large deployment. If the problem cannot be resolved we will be forced to abandon the FireFox browser altogether. Has anyone had a similar problem?

Asked by sebastian.pawlowski 4 months ago

Last reply by Mike Kaply 3 months ago

  • Archived

ESR 115 Windows - background update without user ever logging in or launching FF?

Hello, We want to run Firefox in our environment which is constantly scanned by a security scanner, and deducts points for applications which have a vulnerability that h… (read more)

Hello,

We want to run Firefox in our environment which is constantly scanned by a security scanner, and deducts points for applications which have a vulnerability that has an available patch, but the patch has not been installed. These are on shared Windows terminal servers. Firefox is one of two browsers, Edge being the other one.

If users do not launch firefox at least once, then Firefox never gets updated.

Yes, we have the background update service installed, but it sets itself to manual, and if I try to start it, it simply gives the error "error 1: incorrect function"

How can we configure Firefox 115ESR to be able to run this service automatically, check for updates, and install, without a user on a particular terminal server ever having launched the application once?

Asked by zach.heise 9 months ago

Last reply by Mike Kaply 8 months ago

  • Archived

Bypass UAC prompts through GPO settings

We are currently attempting to automate our Firefox update processes. Currently we use robocopy to push out new versions on release, but ideally we'd like to use the back… (read more)

We are currently attempting to automate our Firefox update processes. Currently we use robocopy to push out new versions on release, but ideally we'd like to use the background updater instead. We are currently on 64-bit 119.0.1, on Windows 10 Pro 22H2. We'd prefer not to switch over to ESR if at all possible. I've already reactivated the AppAutoUpdate and BackgroundAppUpdate policies, and DisableAppUpdate is disabled, but I'm still being hit with a UAC Admin prompt when I try to launch Firefox. I tried to bypass it through the registry at [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers], with "C:\Program Files\Mozilla Firefox\firefox.exe" = "RUNASINVOKER", but that also doesn't seem to have done anything. Any and all assistance would be appreciated

Asked by ddrake1 7 months ago

Last reply by Mike Kaply 7 months ago

  • Solved
  • Archived

Configure Firefox to always show menu bar, for all users

We are looking to mass deploy Firefox x64 for Windows to all staff in our organization, using SCCM. I know you can set a default home page in mozilla.cfg for all users, i… (read more)

We are looking to mass deploy Firefox x64 for Windows to all staff in our organization, using SCCM. I know you can set a default home page in mozilla.cfg for all users, including future users who don't yet have a profile on the computer Firefox is installed on. Is there a similar option so I can configure Firefox to always show the menu bar for all users? Preferably, another line I can add to mozilla.cfg so that I can easily copy that to all our machines? Thanks.

Asked by rick.sparrow 1 year ago

Answered by cor-el 1 year ago

  • Archived

Rapid Risk Assessment Tool

Good morning, Can you please answer some questions regarding the Rapid Risk Assessment tool that is available at the following link: https://infosec.mozilla.org/guideli… (read more)

Good morning,

Can you please answer some questions regarding the Rapid Risk Assessment tool that is available at the following link:

https://infosec.mozilla.org/guidelines/risk/rapid_risk_assessment.html

1. Will any information input into the tool be hosted within the United Kingdom's Servers? 2. Can you please clarify if any information submitted to the RRA toll is retained on your Servers? 3. Is there the option to configure the tool so that no information submitted is retained after the session has terminated.

Kind Regards,

Mark Gormley.

Asked by mark.gormley 1 year ago

Last reply by hwine+amo 1 year ago

  • Archived

in a corporate environment, using Kerberos authentication to authenticate AD user to OKTA (IdP) via Firefox

We have used Firefox in our environment for well over a year in the configuration explained here: https://help.okta.com/en-us/content/topics/directory/ad-dsso-configure-b… (read more)

We have used Firefox in our environment for well over a year in the configuration explained here: https://help.okta.com/en-us/content/topics/directory/ad-dsso-configure-browsers.htm

OKTA is our Identity provider to do Single Sign on to our SaaS applications.

today when version 118 rolled out, this functionality stopped working. Can you help me to get this working again. Chrome and Edge are not affected, so we have options, but we would really like to use Firefox.

Thanks so much for your help

Scott

Asked by Scott Voll 9 months ago

Last reply by Mike Kaply 9 months ago

  • Archived

Firefox clearkey addon crash when Applocker is in use drm content does not work.

We have Firefox-ESR in use and we are using Applocker. When we enable applocker dll Rule policys and start https://shaka-player-demo.appspot.com page clearkey addon cra… (read more)

We have Firefox-ESR in use and we are using Applocker.

When we enable applocker dll Rule policys and start https://shaka-player-demo.appspot.com page clearkey addon crashes.

We have allowed widevinedrm.dll in applocker rule policys, and we have used Process Monitor to track which dll file / files are being "locked" but we cant seem to pinpoint it.

Where does Firefox-ESR run DRM content and which dll files are needed to run ?

What we know that it is caused by applocker DLL rule policys, when disabling it clearkey addon does not crash and drm content can be played.

Also Applocker eventlogs does not show anything related to this.

br Ben

Asked by chef 1 year ago

Last reply by Mike Kaply 1 year ago

  • Archived

Why do SanitizeOnShutdown and Preferences look different from other policies on the Enterprise Policies page?

Are these supposed to look different, or am I just doing something wrong? In the image I included here, SanitizeOnShutdown and Preferences look different from FirefoxHome… (read more)

Are these supposed to look different, or am I just doing something wrong? In the image I included here, SanitizeOnShutdown and Preferences look different from FirefoxHome and look incorrect. I removed other policies to make this simpler, but all of the other policies with multiple policy values look just like FirefoxHome. It appears that SanitizeOnShutdown is at least working since my history is indeed getting cleared on shutdown, but I'm unsure whether this actually works when I set these to the settings they should be since they should all be false other than Locked. Am I doing something wrong here or are these two policies supposed to look like that for some reason? Thank you in advance for the help!

``` {

   "policies": {

"DisablePrivateBrowsing": true,

       "SanitizeOnShutdown": {
           "Cache": false,
           "Cookies": false,
           "Downloads": false,
           "FormData": false,
           "History": true,
           "Sessions": false,
           "SiteSettings": false,
           "OfflineApps": false,

"Locked": true

       },
       "FirefoxHome": {
           "TopSites": false,
           "Search": false,
           "SponsoredTopSites": false,
           "Pocket": false,
           "SponsoredPocket": false,
           "Highlights": false,
           "Snippets": false,
           "Locked": true
       }

"Preferences": {

   	    "browser.contentblocking.category": {
   			"Value": "strict",
   			"Status": "locked"
   		},
   		"extensions.htmlaboutaddons.recommendations.enabled": {
   		    "Value": false,
   		    "Status": false
   		}

}

   }

} ```

Asked by Terwassolam21434 11 months ago

Last reply by Terwassolam21434 10 months ago

  • Archived

Intune Bookmarks

Been managing bookmarks for users through Intune, but for some reason on my HP Elitebook 840 I keep getting an error "Unable to parse JSON for ManagedBookmarks" I haven't… (read more)

Been managing bookmarks for users through Intune, but for some reason on my HP Elitebook 840 I keep getting an error "Unable to parse JSON for ManagedBookmarks" I haven't changed anything to the bookmarks before swapping to the HP laptop from a Dell 5410. I have double-checked GitHub for the proper string for bookmarks and everything looks to be correct as well as submitting a support case with Microsoft who checked it and say it is something on Firefox's side that needs fixing.

I am also constantly getting this unknown extension setting. Not sure why I have this or where I can remove it.

ExtensionSettings {"firefoxhpsureclicksecurebrowsing@bromium.com":{"installation_mode":"blocked"},"firefoxhpwolfsecurityextension@bromium.com":{"installation_mode":"blocked"}}

Asked by aclawson 1 year ago

Last reply by Mike Kaply 1 year ago

Looking to customize Firefox application via Intune Plist

Looking to specify homepage, homepage button, and new tab page within Firefox on our Mac fleet. I was able to create a plist file for macs, and it was "deployed successf… (read more)

Looking to specify homepage, homepage button, and new tab page within Firefox on our Mac fleet.

I was able to create a plist file for macs, and it was "deployed successfully" according to Intune, but no changes actually happened on my test machines.

I've uploaded a redacted version of the used plist.

Anyone out there have any ideas?

Asked by jmajors50 4 months ago

Last reply by Mike Kaply 4 months ago

How to disable welcome back notification?

Seems to be new in 122.0 because i never received that before. It asks if you want to open links with Firefox and if you do, it sets file associations for htm / html and … (read more)

Seems to be new in 122.0 because i never received that before. It asks if you want to open links with Firefox and if you do, it sets file associations for htm / html and things like that. However in a company environment i want to supress that notification

Asked by Tynth 5 months ago

Last reply by Mike Kaply 5 months ago

  • Archived

How to prevent browser extension installation and allow only approved extensions to install

Hi i need to know how to achieve the following using windows 10 registry. 1. Block Extension installations and disable existing installed extensions. 2. Allow only app… (read more)

Hi

i need to know how to achieve the following using windows 10 registry.

1. Block Extension installations and disable existing installed extensions.

2. Allow only approved extensions so that users could install it from the store.

These settings were able to configure easily for Chrome and Edge browsers.

Thanks Muja

Asked by muja1913 1 year ago

Last reply by Mike Kaply 1 year ago

  • Archived

How can I allow certain host permissions to each user machine installation as an organization admin

I have one extension to be installed on the enterprise network machines. There are host permissions required to access All websites data. How can I, as an Admin, enable… (read more)

I have one extension to be installed on the enterprise network machines. There are host permissions required to access All websites data. How can I, as an Admin, enable this host permissions for the installation ?

Asked by Morankar 1 year ago

Last reply by Mike Kaply 11 months ago

  • Archived

GPO questions

I am wondering if I can get some help configuring some GPO for Firefox on our new domain we are building. I want to be able to block private browsing as well as I was won… (read more)

I am wondering if I can get some help configuring some GPO for Firefox on our new domain we are building. I want to be able to block private browsing as well as I was wondering if there is an option to force firefox to sign in with certain accounts only so we can monitor students as we are a school district

Asked by ericbenavidez 1 year ago

Last reply by Mike Kaply 1 year ago

I am working for an Organization.

HI Team, I am working for an organization, members have different versions installed and need help to uninstall the Firefox completely, Member able to see the applicatio… (read more)

HI Team,

I am working for an organization, members have different versions installed and need help to uninstall the Firefox completely, Member able to see the application installed in Apps and features and but files do not exist in program files or program files x86, please someone please contact me for my queries [removed phone# from support forum]. my email id [edited] @gmail.com

The script is not removing the application

IF EXIST "%ProgramFiles%\Mozilla Firefox\" ( "%ProgramFiles%\Mozilla Firefox\uninstall\helper.exe" /s )

IF EXIST "%Program Files (x86)%\Mozilla Firefox\" ( "%Program Files (x86)%\Mozilla Firefox\uninstall\helper.exe" /s )

Asked by siji monish karial 4 months ago

Last reply by Mike Kaply 4 months ago

  • Archived

I need to prepopulate a set of bookmarks in Firefox, is that possible?

Hi, I would like to migrate my 5000 users over onto FF. One of the requirements is to preload bookmarks for these users, something we can do with Chrome already. We are r… (read more)

Hi, I would like to migrate my 5000 users over onto FF. One of the requirements is to preload bookmarks for these users, something we can do with Chrome already. We are running on Windows devices and use an ADMX and an XML (listing the bookmarks and folders) to push this policy via InTune. I can't find any means of replicating it in FF... is it possible?

Asked by adam164 12 months ago

Last reply by Mike Kaply 11 months ago

  • Archived

Firefox Bookmarks GPO Using JSON

I am using the most recent Firefox ADMX templates and I am unable to get bookmarks to show up using JSON. I have verified that the GPO is applied, and there is a registry… (read more)

I am using the most recent Firefox ADMX templates and I am unable to get bookmarks to show up using JSON. I have verified that the GPO is applied, and there is a registry key being created under the user's profile, however it is not the right registry key.

The key it is creating: SOFTWARE\Policies\Mozilla\Firefox\Bookmarks Type: Reg_Multi-SZ


If I rename this registry key from Bookmarks to ManagedBookmarks, the bookmarks show up and work as intended.

I do not see "ManagedBookmarks" in the GPO anywhere. If I am not setting "ManagedBookmarks" in the correct location then please show me where I am supposed to set them. I am tempted to just modify the ADMX template and have it create the registry key "ManagedBookmarks" instead of "Bookmarks" as that seems to work, but I can't imagine this is how the devs wanted this.

Asked by tmgordon 1 year ago

Last reply by Mike Kaply 1 year ago

  • Archived

Looking for End Of Life (EOL) dates

We have about 35 versions of firefox running across the enterprise (38 to 91) and I have been tasked to update the EOL dates for all versions we have to help bring things… (read more)

We have about 35 versions of firefox running across the enterprise (38 to 91) and I have been tasked to update the EOL dates for all versions we have to help bring things up to speed and know what is/is not supported.

I found this page with release dates (https://www.mozilla.org/en-US/firefox/releases/) but nothing about when a version has reached it's EOL. Any help would be appreciated.

Asked by david.burrows 1 year ago

Last reply by James 1 year ago