Unable to disable DNS OVER HTTPS
Hi team ,
We are en enterprise with more than 50k devices , we want to disable "dns over https " for firefox .
I have tested , by applying a locala GPO which creates following registry , Software\Policies\Mozilla\Firefox\DNSOverHTTPS\Enabled =0
referred https://github.com/mozilla/policy-templates/blob/master/README.md#DNSOverHTTPS
after apply"ting this local GPO , registry is created and on browser as welll , in about:policies , it shows this policy but when checking on s=browser settings "ENABLE DNS OVER HTTPS " is still enabled .
Please help , have tried a lot , it does not work and disabling this DOH is very important for us Many thanks
All Replies (3)
The Enabled setting alone essentially acts like a default value. If the user already has DNS Over HTTPS enabled, the GPO isn't going to override that. It will only do so if you also have the Locked value set to enabled.
In that case, the DNS Over HTTPS will be disabled and the user will not be able to change that setting, which sounds like what you want to do anyway.
Hope this helps.
Hi Wesley ,
Thanks for your response.
Have just tried locked policy as well , seems policy is again making registry changes and visible in about:policies and now good thing is when i foto settings in browser , there is an info button at the top which says " Your browser is being managed by your organization." but when checking for DNSOverHttps , it is still accessible and not in the locked state ?
Can u please suggest , where its gong wrong?
Note : I did this test on a fresh machine , installed Morzilla for the first time on this machine and did'nt enabled DNSOVERHTTPS , jyust applied local GPO to lock it .
I just ran a quick check and it's working for me. I've attached a screenshot with my settings and what I'm seeing.
When you go to about:config, what is the value for network.trr.mode and is it locked (disabled)?