Showing questions tagged: Show all questions

Deploying Firefox Developer Edition with Intune

I'm having trouble find clear directions online on how to import Firefox Developer Edition into my Intune App Catalog to deploy it to users. I was able to convert the .ex… (read more)

I'm having trouble find clear directions online on how to import Firefox Developer Edition into my Intune App Catalog to deploy it to users. I was able to convert the .exe installer into a .intunewin file but Intune won't import it for some reason. All the other directions i keep finding just direct me to creating a custom configuration policy around FireFox but it looks like it is just the basic Firefox for Enterprise.

I'm hoping to either get directed to actual directions for this or even a .msi installer for the developer edition. Does that exist?

Asked by sstroup970 5 months ago

Last reply by James 5 months ago

Support ECH or ESNI in 128.2.0esr

Hello, I installed Firefox 128.2.0esr. I set the next parameters in GPO for settings DNSOverHTTPS: "DNSOverHTTPS": { "Enabled": true, "Provi… (read more)

Hello,

I installed Firefox 128.2.0esr. I set the next parameters in GPO for settings DNSOverHTTPS: "DNSOverHTTPS": {

                      "Enabled":  true,

"ProviderURL": "https://safe.dot.dns.yandex.net/dns-query", "Locked": true, "Fallback": true }. But when checking via https://www.cloudflare.com/ru-ru/ssl/encrypted-sni/#results I get (screenshot in attachment). As you can see from the screenshot, DNS and SNI did not receive the coveted check marks. Secure DNS We weren’t able to detect whether you were using a DNS resolver over secure transport. Contact your DNS provider or try using 1.1.1.1 for fast & secure DNS. DNSSEC Attackers cannot trick you into visiting a fake website by manipulating DNS responses for domains that are outside their control. TLS 1.3 Nobody snooping on the wire can see the certificate of the website you made a TLS connection to. Secure SNI Anybody listening on the wire can see the exact website you made a TLS connection to.

In my browser / about:config: network.trr.mode = 2 network.trr.uri = https://safe.dot.dns.yandex.net/dns-query

In 128.2.0esr there is no protection against ESNI interceptions and ECH is enabled by default? Or is the problem that the DNS provider does not support the technology from Mozilla? Or what other settings we need use (via GPO)?

Thank you.

Asked by Mark Talala 2 months ago

Last reply by Valentin 2 months ago

Require device sign in to fill and mange passwords (mozilla.cfg)

Hi all I like to enforce the following setting "Require device sign in to fill and mange passwords" in the mozilla.cfg but I couldn't find the setting in about:config. … (read more)

Hi all

I like to enforce the following setting "Require device sign in to fill and mange passwords" in the mozilla.cfg but I couldn't find the setting in about:config.

Can anyone help?

Regards

Ogami

Asked by Ogami Itto (Gobi85) 4 months ago

Last reply by Mike Kaply 4 months ago

Firefox ESR Update

We use Firefox ESR in our environment today, Is it possible to have a policy that would display "update required" message to end-users, or have it automatically update wi… (read more)

We use Firefox ESR in our environment today, Is it possible to have a policy that would display "update required" message to end-users, or have it automatically update without users opening the browsers.

Asked by Ayodeji David 1 week ago

Last reply by Mike Kaply 1 week ago

Addon/Extension allow list with group policy

Hello! I manage our browser configuration for our enterprise. We use group policy to restrict browser addons until they clear our internal security review. I'm looking … (read more)

Hello!

I manage our browser configuration for our enterprise. We use group policy to restrict browser addons until they clear our internal security review.

I'm looking for a way to allow specific addons using group policy, while generally blocking everything else.

I've found the setting to enforce the installation of addons, but we'd like to avoid forcing every addon to install on every system as there would be overlap between things like password managers and such.

Is there a way to accomplish this?

Asked by ggroathouse 5 months ago

Last reply by Mike Kaply 5 months ago