Форум поддержки Корпоративный Firefox

Hello, ever since we moved endpoints from Firefox ESR 91.13 to 102.3, it has become impossible to play any media with Firefox.

No video will play in youtube, for instance (it just loads endlessly as if it would start, but it doesn't).

Can't use radio websites either. Anything with a "play" button (video or sound) does nothing.

This has been tested with a clean profile, a clean install, after allowing autoplay in the settings.

Is there any info on what exactly changed between ESR 91 and 102 that might explain this ? There has been no system change, If I reinstall 91 instead it works again as usual.

No issues anywhere else on the endpoints (Edge, Windows), this is on Windows 10 if it makes any difference.

Tanks for any help on this.

Good morning,

I'm reaching out to see if I can get some assistance with Firefox on of our network. I'm System Admin at Goodfellow AFB. I've tried searching this issues on the web and found similar issues but solutions that were recommend online have not worked for us. Yes I have uninstalled Firefox completely and installed it from scratch. I know it has something to do with autoconfig file but not sure what exactly I'm looking for. Thanks.

I am currently creating new Images for our touch kiosks and would like to use Firefox.

Sadly I am confronted with some problems / strange behaviour.

I want to set up a windows Kiosk with Firefox as shell application. So far this worked but the Firefox window opens around 5 times at every restart, also it does not open again if it is closed. The reopening is a feature of the eshell which reacts to the exit code of the Application. Is there anything you know what causes these behaviours? Google chrome does nothing of these things and simply gets restarted if it is closed, as it should.

The second thing is, the built in Kiosk mode is great but our Application at least needs tabs. Is it possible without too much of a hassle to create such a locked down experience? I'd like to do it with a policy or settings file and not to create my own browser out of firefox, maybe there's a way I have overseeen.

I'd really like to do it with firefox as I personally always had a great experience and I trust the team behind it. Thank you for your support beforehand!

I am trying to use a policies.json file to include a certificate for my own website using a certificate stored online, but not locally. Would it be possible to do so using code similar to below: {

   "policies": {
   "Certificates": {
       "ImportEnterpriseRoots": true,
       "Install" [
           "cert_name",
           "http://www.xxxxxxxx.com/xxxxx/xxxxx.der"
                  ]
            }
       }
   }

Any help would be greatly appreciated.

Hello,

I used to deploy add-ons via group policies - this worked like a charm: Firefox esr (91.11.0esr x64), ADMX-templates in Sysvol\PolicyDefinitions, Group Policies: User configuration, administrative templates, mozilla, firefox, add-ons --> install add-ons --> https://addons.mozilla.org/firefox/downloads/file/1234567/goodaddon-1.0.01.xpi

A few months ago, we had to change our network-configuration. We were using a proxy before, but our proxy had direct access to the internet. Now our proxy forwards everything to another proxy. Since about that time, add-on-deployment via gpo doesn't work anymore. It could be something else, but i suspect the proxy-change.

I tried to deploy unc-paths, internal websites and different syntaxes; none of this works:

• http://192.168.100.10/goodaddon-1.0.01.xpi
• http://internalwebsite/goodaddon-1.0.01.xpi
• https://192.168.100.10/goodaddon-1.0.01.xpi
• https://internalwebsite/goodaddon-1.0.01.xpi
• \\192.168.100.20\netshare\goodaddon-1.0.01.xpi
• \\internalfileserver\netshare\goodaddon-1.0.01.xpi
• file://///192.168.100.20/netshare/goodaddon-1.0.01.xpi
• file://///internalfileserver/netshare/goodaddon-1.0.01.xpi

As you can see I tried using internal sites, so that no proxy would be needed. And I also added these sites to the allowed add-on-installation-sites (computer configuration, same group policy). The sites are all accessible; if I enter these addresses as url, firefox can access the xpi-file.

I know how to pack add-ons into the firefox-setup-file; that still works. But first of all, firefox is already installed on most of my clients. Second, after a fresh installation of firefox with this self-created package, all add-ons are installed, but not activated. And I would like to restrict activation/deactivation of add-ons via gpo.

1. 1 Are there other ways to deploy add-ons in a domain-network (e.g. script-based)?
2. 2 Are there any logs where I could find out what exactly goes wrong?
3. 3 Are there any other syntaxes I could try (group policy urls)?
4. 4 Can anyone guess what the problem is (why it is not working anymore)?

Help would be very much appreciated.

Best regards.

Hello, in Firefox browser, my organization has always blocked all extensions except for ones we allow through OMA-URI ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/ExtensionSettings.

About a month ago this stopped working and our end users can now install any extension in the Firefox browser that they choose, without approval, creating a security risk.

When checking in about:policies, there is a policy error: Unable to parse JSON for ExtensionSettings. We have checked with Microsoft Intune support and they verified that the policy looks to be configured and targeted correctly.

Here is a snippet of our JSON, this is a test policy where microsoft support had us remove "about:addons" from the 'install sources'. Both test and production policies are not working.

<enabled/>
<data id="ExtensionSettings" value='
{
    "*": {
        "blocked_install_message": "Contact Service Line",
        "install_sources": ["https://addons.mozilla.org/*"],
        "installation_mode": "blocked",
        "allowed_types": ["extension"]
    },
    "cloudmetering@snowsoftware.com": {
        "installation_mode": "force_installed",
        "install_url": "file:///C:/Program Files/Snow Software/Inventory/Agent/FFCloudmetering.xpi"
    },
    "fpdlpffext2@forcepoint.com": {
        "installation_mode": "force_installed",
        "install_url": "file:///C:/Program Files/Websense/Websense Endpoint/winFFext.xpi"
    },
    "jid1-5AULKXLKGyjuLQ@jetpack": {
        "installation_mode": "allowed"
    },
    "abb@amazon.com": {
        "installation_mode": "allowed"
    },
    "ciscowebexstart1@cisco.com": {
        "installation_mode": "allowed"
    },
    "linkedinConverted@firefox-extension": {
        "installation_mode": "allowed"
    },
    "{7bc53591-5218-45a0-b572-4366979097fd}": {
        "installation_mode": "allowed"
    },
    "queryamoid@kaply.com": {
        "installation_mode": "allowed"
    },
    "jid1-93WyvpgvxzGATw@jetpack": {
        "installation_mode": "allowed"
    },

Is this a bug? Or something wrong with our configuration? Has firefox changed the requirements of the extensionsettings OMA-URI?

Thanks for any help in advance.

Hello, Qualys is detecting Vulnerabilites on our Firefox ESR 91.12 Versions which were patched by MFSA2022-29.

It is showing Vulnerabilities because MFSA2022-30 lists CVE's for ESR 102.X and we are on 91.12.

Is there anywhere I can go to get a list of all Vulnerabilities on 91.X to show our Security team, I believe CVE-2022-36314 and CVE-2022-2505 are not present in 91.12 because they are not listed in https://www.mozilla.org/en-US/security/advisories/mfsa2022-29/ but need evidence

Thank You,

Hello,

we have some trouble in our Enterprise Environment with tls 1.3 and 0rtt data. The integrated google search and other websites doesnt work as they should (Pages doesnt load and stay white).

So we want to turn of "security.tls.enable_0rtt_data" with Group Policy. But i cannot find a switch for this setting.

When i try to set security.tls.enable_0rtt_data with Preferences in GPO it doesnt work (old Preferences is empty) { "security.tls.enable_0rtt_data": { "Value": false, "Status": "locked" } }

With Preferences i am able to configure security.tls.hello_downgrade_check, but not security.tls.enable_0rtt_data

The only workaround would be to disable tls 1.3 completely and use tls 1.2. (security.tls.version.max = 3) Is there a solution for this?

Regards, Michael

Hello world,

This problem is sticking for a year now. We even switched to ESR thinking it will fixed the problem but to no avail. After a bunch of test, I've finally decided to post and ask for help. Tests have been done on macos 11.6 fresh vanilla install, no encryption (no filevault, I hate it), and Firefox 91.1.0esr (64 bits), but problem is the same since version 75 + (no problem seen on windows or linux) If I don't use Profiles Manager, at each launch of Firefox a new profile is created with no import from former profiles. If I do use Profiles Manager, I can keep on choosing my default profile, and no new ones are created, BUT new install is added to install.ini and profiles.ini. All tests have been done with the exact same firefox (i mean, application is the same and correctly installed in the /Applications of macos).

Here is the profiles.ini

[Install5A291CFD23D97DBF] Default=Profiles/ucaeqkrb.default-esr Locked=1

[Profile0] Name=default-esr IsRelative=1 Path=Profiles/ucaeqkrb.default-esr Default=1

[General] StartWithLastProfile=0 Version=1

[InstallF5B6C4E8673B7987] Default=Profiles/ucaeqkrb.default-esr Locked=1

[Install7F9608401B386673] Default=Profiles/ucaeqkrb.default-esr Locked=1

And the installs.ini

[5A291CFD23D97DBF] Default=Profiles/ucaeqkrb.default-esr Locked=1

[F5B6C4E8673B7987] Default=Profiles/ucaeqkrb.default-esr Locked=1

[7F9608401B386673] Default=Profiles/ucaeqkrb.default-esr Locked=1

As you can see each launch of Firefox created a new hash of installation (even if same it's always the same firefox version). As long as I choose my default profile in profiles manager, I can keep it. If I switch to default comportment, I will get a new profile at each launch (as it see en new install hash) and it will not import former profiles (even if it's from the same or an older version).

So I'm wandering, why Firefox keeps on adding a news install hash on each launch, and/or how can I prevent it from doing it.

Hello, I ve tried to block file:///c:/ in Firefox Quantum release 60.4.0esr(32-bit) by the above .json with no results. I ve also tried to block it in a newer release and it was fine (78.15.0esr (32-bit)). Is anything i can do to block it in this particular version i m using(60.4.0esr(32-bit))?

Thank you

{ "policies": { "WebsiteFilter": { "Block": ["file:///C:/*"] } } }

Hi,

We've GPOs in place for Edge and Chrome that set said browsers on all our Windows endpoints to open downloaded ICA files in Citrix Workspace.

I've imported the firefox.admx and mozilla.admx file along with assocaited .adml files, checked Github, checked through the GPO settings yet cannot figure out how to do the same with Firefox.

Is there a Mozila Firefox for Windows GPO ADMX setting I can use to control the "Firefox>Settings>General>Files and Applications>Applications" section to add "Content type: ica | Action: Use Citrix Workspace"?

Thanking you....

Hello, I am trying to customize the Firefox Homepage XML file and need some assistance as to what fields need to modified with the url to set the default homepage. Please let me know if you have any questions. Thanks

<plist version="1.0"> <dict> <key>EnterprisePoliciesEnabled</key> <true/> <key>AllowedDomainsForApps</key> <string>managedfirefox.com,example.com</string> <key>AppAutoUpdate</key> <true/> <key>AppUpdateURL</key> <string>https://www.example.com/update.xml</string> <key>Authentication</key> <dict> <key>SPNEGO</key> <array> <string>mydomain.com</string> <string>https://myotherdomain.com</string> </array> <key>Delegated</key> <array> <string>mydomain.com</string> <string>https://myotherdomain.com</string> </array> <key>NTLM</key> <array> <string>mydomain.com</string> <string>https://myotherdomain.com</string> </array> <key>AllowNonFQDN</key> <dict> <key>SPNEGO</key> <true/> <key>NTLM</key> <true/> </dict> <key>AllowProxies</key> <dict> <key>SPNEGO</key> <true/> <key>NTLM</key> <true/> </dict> <key>PrivateBrowsing</key> <true/> <key>Locked</key> <true/> </dict> <key>AutoLaunchProtocolsFromOrigins</key> <array> <dict> <key>protocol</key> <string>zoommtg</string> <key>allowed_origins</key> <array> <string>https://somesite.zoom.us</string> </array> </dict> </array> <key>BlockAboutAddons</key> <true/> <key>BlockAboutConfig</key> <true/> <key>BlockAboutProfiles</key> <true/> <key>BlockAboutSupport</key> <true/> <key>Bookmarks</key> <array> <dict> <key>Title</key> <string>Example1</string> <key>URL</key> <string>https://www.example.org</string> <key>Favicon</key> <string>https://www.example.org/favicon.ico</string> <key>Placement</key> <string>toolbar</string> <key>Folder</key> <string>Example1Folder</string> </dict> <dict> <key>Title</key> <string>Example2</string> <key>URL</key> <string>https://www.example.com</string> <key>Favicon</key> <string>https://www.example.com/favicon.ico</string> <key>Placement</key> <string>menu</string> <key>Folder</key> <string>Example2Folder</string> </dict> </array> <key>CaptivePortal</key> <false/> <key>Certificates</key> <dict> <key>ImportEnterpriseRoots</key> <true/> <key>Install</key> <array> <string>cert1.der</string> <string>cert2.pem</string> </array> </dict> <key>Cookies</key> <dict> <key>Allow</key> <array> <string>https://www.example.org/</string> </array> <key>Allowsession</key> <array> <string>https://www.example.edu/</string> </array> <key>Block</key> <array> <string>https://www.example.edu/</string> </array> <key>Behavior</key> <string>limit-foreign</string> <key>Locked</key> <true/> </dict> <key>DefaultDownloadDirectory</key> <string>${home}/Downloads</string> <key>DownloadDirectory</key> <string>${home}/Downloads</string> <key>DNSOverHTTPS</key> <dict> <key>Enabled</key> <false/> <key>ProviderURL</key> <string>URL_TO_ALTERNATE_PROVIDER</string> <key>Locked</key> <true/> <key>ExcludedDomains</key> <array> <string>example.com</string> </array> </dict> <key>DisableAppUpdate</key> <true/> <key>DisableBuiltinPDFViewer</key> <true/> <key>DisabledCiphers</key> <dict> <key>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</key> <true/> <key>TLS_DHE_RSA_WITH_AES_256_CBC_SHA</key> <true/> <key>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</key> <true/> <key>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</key> <true/> <key>TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256</key> <true/> <key>TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256</key> <true/> <key>TLS_RSA_WITH_AES_128_CBC_SHA</key> <true/> <key>TLS_RSA_WITH_AES_256_CBC_SHA</key> <true/> <key>TLS_RSA_WITH_3DES_EDE_CBC_SHA</key> <true/> <key>TLS_RSA_WITH_AES_128_GCM_SHA256</key> <false/> <key>TLS_RSA_WITH_AES_256_GCM_SHA384</key> <false/> </dict> <key>DisableDeveloperTools</key> <true/> <key>DisableFeedbackCommands</key> <true/> <key>DisableFirefoxAccounts</key> <true/> <key>DisableFirefoxScreenshots</key> <true/> <key>DisableFirefoxStudies</key> <true/> <key>DisableForgetButton</key> <true/> <key>DisableFormHistory</key> <true/> <key>DisableMasterPasswordCreation</key> <true/> <key>DisablePasswordReveal</key> <true/> <key>DisablePocket</key> <true/> <key>DisablePrivateBrowsing</key> <true/> <key>DisableProfileImport</key> <true/> <key>DisableProfileRefresh</key> <true/> <key>DisableSafeMode</key> <true/> <key>DisableSecurityBypass</key> <dict> <key>InvalidCertificate</key> <true/> <key>SafeBrowsing</key> <true/> </dict> <key>DisableSetDesktopBackground</key> <true/> <key>DisableSystemAddonUpdate</key> <true/> <key>DisableTelemetry</key> <true/> <key>DisplayBookmarksToolbar</key> <true/> <key>DontCheckDefaultBrowser</key> <true/> <key>EnableTrackingProtection</key> <dict> <key>Value</key> <true/> <key>Locked</key> <true/> <key>Cryptomining</key> <true/> <key>Fingerprinting</key> <true/> <key>Exceptions</key> <array> <string>https://example.com</string> </array> </dict> <key>EncryptedMediaExtensions</key> <dict> <key>Enabled</key> <false/> <key>Locked</key> <false/> </dict> <key>Extensions</key> <dict> <key>Install</key> <array> <string>https://addons.mozilla.org/firefox/downloads/file/1053714/ghostery_privacy_ad_blocker-8.2.4-an+fx.xpi</string> </array> <key>Uninstall</key> <array/> <key>Locked</key> <array> <string>firefox@ghostery.com</string> </array> </dict> <key>ExtensionSettings</key> <dict> <key>*</key> <dict> <key>blocked_install_message</key> <string>Custom error message.</string> <key>install_sources</key> <array> <string>https://addons.mozilla.org/</string> </array> <key>installation_mode</key> <string>blocked</string> </dict> <key>uBlock0@raymondhill.net</key> <dict> <key>installation_mode</key> <string>force_installed</string> <key>install_url</key> <string>https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi</string> </dict> </dict> <key>ExtensionUpdate</key> <false/> <key>FirefoxHome</key> <dict> <key>Search</key> <true/> <key>TopSites</key> <true/> <key>SponsoredTopSites</key> <false/> <key>Highlights</key> <true/> <key>Pocket</key> <false/> <key>SponsoredPocket</key> <false/> <key>Snippets</key> <false/> <key>Locked</key> <true/> </dict> <key>FlashPlugin</key> <dict> <key>Allow</key> <array> <string>https://www.example.com</string> </array> <key>Block</key> <array> <string>https://www.example.org</string> </array> <key>Default</key> <true/> <key>Locked</key> <true/> </dict> <key>Handlers</key> <dict> <key>mimeTypes</key> <dict> <key>application/msword</key> <dict> <key>action</key> <string>useSystemDefault</string> <key>ask</key> <false/> </dict> </dict> <key>schemes</key> <dict> <key>mailto</key> <dict> <key>action</key> <string>useHelperApp</string> <key>ask</key> <false/> <key>handlers</key> <array> <dict> <key>name</key> <string>Gmail</string> <key>uriTemplate</key> <string>https://mail.google.com/mail/?extsrc=mailto&url=%s</string> </dict> </array> </dict> </dict> <key>extensions</key> <dict> <key>pdf</key> <dict> <key>action</key> <string>useHelperApp</string> <key>ask</key> <false/> <key>handlers</key> <array> <dict> <key>name</key> <string>Adobe Acrobat</string> <key>path</key> <string>/System/Applications/Preview.app</string> </dict> </array> </dict> </dict> </dict> <key>HardwareAcceleration</key> <false/> <key>Homepage</key> <dict> <key>URL</key> <string>http://example.com</string> <key>Locked</key> <true/> <key>Additional</key> <array> <string>https://www.example.com/extra-home1.htm</string> <string>https://www.example.com/extra-home2.htm</string> <string>https://www.example.com/extra-home3.htm</string> </array> <key>StartPage</key> <string>homepage</string> </dict> <key>InstallAddonsPermission</key> <dict> <key>Allow</key> <array> <string>https://example.org</string> <string>https://example.edu</string> </array> <key>Default</key> <false/> </dict> <key>LocalFileLinks</key> <array> <string>http://example.org</string> <string>http://example.edu</string> </array> <key>PrimaryPassword</key> <true/> <key>NetworkPrediction</key> <false/> <key>NewTabPage</key> <false/> <key>NoDefaultBookmarks</key> <true/> <key>OfferToSaveLogins</key> <false/> <key>OfferToSaveLoginsDefault</key> <true/> <key>OverrideFirstRunPage</key> <string>https://www.example.com</string> <key>OverridePostUpdatePage</key> <string></string> <key>PasswordManagerEnabled</key> <false/> <key>PDFjs</key> <dict> <key>Enabled</key> <false/> <key>EnablePermissions</key> <false/> </dict> <key>Permissions</key> <dict> <key>Camera</key> <dict> <key>Allow</key> <array> <string>https://example.org</string> </array> <key>Block</key> <array> <string>https://example.edu</string> </array> <key>BlockNewRequests</key> <true/> <key>Locked</key> <true/> </dict> <key>Microphone</key> <dict> <key>Allow</key> <array> <string>https://example.org</string> </array> <key>Block</key> <array> <string>https://example.edu</string> </array> <key>BlockNewRequests</key> <true/> <key>Locked</key> <true/> </dict> <key>Location</key> <dict> <key>Allow</key> <array> <string>https://example.org</string> </array> <key>Block</key> <array> <string>https://example.edu</string> </array> <key>BlockNewRequests</key> <true/> <key>Locked</key> <true/> </dict> <key>Notifications</key> <dict> <key>Allow</key> <array> <string>https://example.org</string> </array> <key>Block</key> <array> <string>https://example.edu</string> </array> <key>BlockNewRequests</key> <true/> <key>Locked</key> <true/> </dict> <key>Autoplay</key> <dict> <key>Allow</key> <array> <string>https://example.org</string> </array> <key>Block</key> <array> <string>https://example.edu</string> </array> <key>Default</key> <string>block-audio</string> <key>Locked</key> <true/> </dict> <key>VirtualReality</key> <dict> <key>Allow</key> <array> <string>https://example.org</string> </array> <key>Block</key> <array> <string>https://example.edu</string> </array> <key>BlockNewRequests</key> <true/> <key>Locked</key> <true/> </dict> </dict> <key>PictureInPicture</key> <dict> <key>Enabled</key> <false/> <key>Locked</key> <true/> </dict> <key>PopupBlocking</key> <dict> <key>Allow</key> <array> <string>https://www.example.org</string> <string>https://www.example.edu</string> </array> <key>Default</key> <true/> <key>Locked</key> <true/> </dict> <key>Preferences</key> <dict> <key>accessibility.force_disabled</key> <dict> <key>Value</key> <integer>1</integer> <key>Status</key> <string>default</string> </dict> <key>browser.cache.disk.parent_directory</key> <dict> <key>Value</key> <string>SOME_NATIVE_PATH</string> <key>Status</key> <string>user</string> </dict> <key>browser.tabs.warnOnClose</key> <dict> <key>Value</key> <false/> <key>Status</key> <string>locked</string> </dict> </dict> <key>Proxy</key> <dict> <key>SocksVersion</key> <string>4</string> <key>Mode</key> <string>manual</string> <key>HTTPProxy</key> <string>proxy.example.com:80</string> <key>Locked</key> <true/> </dict> <key>RequestedLocales</key> <array> <string>de</string> <string>en-US</string> </array> <key>SanitizeOnShutdown</key> <true/> <key>SearchBar</key> <string>separate</string> <key>UserMessaging</key> <dict> <key>WhatsNew</key> <false/> <key>ExtensionRecommendations</key> <false/> <key>FeatureRecommendations</key> <false/> <key>UrlbarInterventions</key> <false/> <key>SkipOnboarding</key> <true/> </dict> <key>WebsiteFilter</key> <dict> <key>Block</key> <array> <string><all_urls></string> </array> <key>Exceptions</key> <array> <string>https://www.google.com/*</string> <string>https://www.yahoo.com/*</string> </array> </dict> <key>SecurityDevices</key> <dict> <key>NAME_OF_DEVICE</key> <string>PATH_TO_LIBRARY_FOR_DEVICE</string> </dict> <key>ShowHomeButton</key> <true/> <key>SSLVersionMin</key> <string>tls1.2</string> <key>SSLVersionMax</key> <string>tls1.3</string> <key>SupportMenu</key> <dict> <key>Title</key> <string>Click here for help</string> <key>URL</key> <string>http://example.edu/</string> <key>AccessKey</key> <string>C</string> </dict> </dict> </plist>

Hello,

I am managing Firefox for a very large organization. We have several extension that we deploy using registry keys and we don't allow users to install additional addons. However, since version 102.3 I noticed some extensions that are present on the machine as .xpi files, but should not install unless a specific application is also present, are also being activated. They are enabled in the add-on manager, the information is present in the "extensions.json" and "extension-preferences.json" files. This should not happen. Is there any way to prevent the activation of these files?

Thank you!

I am using group policy, extension settings. I want to block all extensions, require 1, and allow a handful. I think I have the JSON figured out but finding the URL to use is escaping me.

I can find the site in the Mozilla addons, https://addons.mozilla.org/en-US/firefox/addon, but how do I find the exact filename to use? I see that many end in latest.xpi but I'm unsure what that means or how I should know which is correct. I know how to find it in Chrome but I'm now trying for FireFox. I've had a hard time and it's not as clear as the direct GPO implementation as Chrome uses.

My next thing to figure out is when extension settings are mentioned in multiple levels of the GPO hierarchy. That's a separate question and not needed for an answer to this question. I only mention it as someone who knows one part is likely to know the other as well.

Thanks, -g

I am looking for information regarding the support life for settings that are defined in the Preferences (Deprecated) section of the ADMX templates provided in GitHub. There doesn't appear to be a definitive answer as to when these preferences are no longer applicable to a version of Firefox. The term "Deprecated" certainly applies they're on their way to extinction. But only a small handful of preferences have been ported over to non-deprecated template settings (like Auto Update). Is there an expected version of Firefox where all these preferences are meaningless? Or will they be supported indefinitely? "Industry recommendations' from 3rd party security vendors are bloating my policies in the domain space and I can't definitively say they are 'no longer supported as of version xyz' for all these Firefox Preference settings, which happen to be about 80% of the security parameters defined by STIG and/or CIS Workbench.

Hello,

Firefox 102.6.0esr (x64) Firefox 108.2.0 (x64)

after implementing the bookmarks (JSON) setting by GPO policy, it turns out that an entry for Bookmarks is created in the registry and not ManagedBookmarks, which causes bookmarks not to appear in the bookmarks bar. When I manually rename a registry entry from Bookmarks to ManagedBookmarks, the bookmarks appear properly. Please let me know if I'm doing something wrong or if there really is a problem reported by me.

Yours sincerely Bart

I am in an enterprise environment with over 500 machines, and we are looking for a way to import users Bookmarks from IE to Firefox silently and behind the scenes without requiring user interaction.

Due to security restrictions 3rd party software is not a possibility. Most users have already been using Firefox. We do not want to delete their existing bookmarks in Firefox

Hello,

I want to download an extension using firefox policy templates. I put the location folder and extension id so that it cannot be deleted, but for some reason it doesn't want to install most of the times. The policy is added after using the gpupdate /force command and restarting the machine then open and close the browser. I wait 10 minutes for the policy to be configured on the computer and open the browser again and nothing happens. Also, the keys in the registry have the corresponding value type (checked in site https://admx.help/?Category=Firefox&Policy=Mozilla.Policies.Firefox::Extensions_Locked). But when I drag and drop with a mouse, the extension is installed and cannot be deleted. Can you tell me why does the extension not install when the policy is in effect?

I sent pictures from Group Policy Manager, Registry editor and showing that the extension can not be deleted after drag and drop with a mouse.

Thank you in advanced!

I am installing Firefox via microsoft endpoint, and deploying multi account containers with the OMA-URI policy for extensions. (this blog page is super helpful! https://securitygeneralist.blogspot.com/2019/08/auto-installing-extensions-on-firefox.html )

The extension by default has containers for Personal, Work, Banking, Shopping.

Is there a way to automatically remove that default container list as part of the install?

Even better, is there a way to create a different default containers list through Endpoint?

Thanks