Форум сообщества Корпоративный Firefox

I have one extension to be installed on the enterprise network machines. There are host permissions required to access All websites data. How can I, as an Admin, enable this host permissions for the installation ?

Good morning,

I'm reaching out to see if I can get some assistance with Firefox on of our network. I'm System Admin at Goodfellow AFB. I've tried searching this issues on the web and found similar issues but solutions that were recommend online have not worked for us. Yes I have uninstalled Firefox completely and installed it from scratch. I know it has something to do with autoconfig file but not sure what exactly I'm looking for. Thanks.

Hello,

I used to deploy add-ons via group policies - this worked like a charm: Firefox esr (91.11.0esr x64), ADMX-templates in Sysvol\PolicyDefinitions, Group Policies: User configuration, administrative templates, mozilla, firefox, add-ons --> install add-ons --> https://addons.mozilla.org/firefox/downloads/file/1234567/goodaddon-1.0.01.xpi

A few months ago, we had to change our network-configuration. We were using a proxy before, but our proxy had direct access to the internet. Now our proxy forwards everything to another proxy. Since about that time, add-on-deployment via gpo doesn't work anymore. It could be something else, but i suspect the proxy-change.

I tried to deploy unc-paths, internal websites and different syntaxes; none of this works:

• http://192.168.100.10/goodaddon-1.0.01.xpi
• http://internalwebsite/goodaddon-1.0.01.xpi
• https://192.168.100.10/goodaddon-1.0.01.xpi
• https://internalwebsite/goodaddon-1.0.01.xpi
• \\192.168.100.20\netshare\goodaddon-1.0.01.xpi
• \\internalfileserver\netshare\goodaddon-1.0.01.xpi
• file://///192.168.100.20/netshare/goodaddon-1.0.01.xpi
• file://///internalfileserver/netshare/goodaddon-1.0.01.xpi

As you can see I tried using internal sites, so that no proxy would be needed. And I also added these sites to the allowed add-on-installation-sites (computer configuration, same group policy). The sites are all accessible; if I enter these addresses as url, firefox can access the xpi-file.

I know how to pack add-ons into the firefox-setup-file; that still works. But first of all, firefox is already installed on most of my clients. Second, after a fresh installation of firefox with this self-created package, all add-ons are installed, but not activated. And I would like to restrict activation/deactivation of add-ons via gpo.

1. 1 Are there other ways to deploy add-ons in a domain-network (e.g. script-based)?
2. 2 Are there any logs where I could find out what exactly goes wrong?
3. 3 Are there any other syntaxes I could try (group policy urls)?
4. 4 Can anyone guess what the problem is (why it is not working anymore)?

Help would be very much appreciated.

Best regards.

Hello,

I am reaching out to gain information on ADMX GPO policies. We are retiring Policy Pak which used to add all the policies and secure Firefox for Enterprise. What we noticed is that Policy Pak used the app set to apply these policies and we are noticing that native GPO's for the most part to match the Policy Pak policies is not as accurate for GPO's My ask here is there any Most Viable Product suggestions to apply Native GPO's for securing Firefox.

During a client Audit earlier this week we were dinged on not having the option in Firefox ESR to block manually saving Addresses and Credit Cards. We have the autofill disabled however users can still manually add credit cards and addresses and this poses an issue with our call center agents handling Credit Card info. I'd like to be able to gray out the Saved Addresses and Saved Credit Card boxes so as to prevent agents from manually entering card data into it using a GPO or Registry setting that we can push and apply to all our domain PCs. Ideally, if we could add an entry to the JSON preferences in the Mozilla GPO that would gray those options out that'd be best but any option that removes the users ability to add CC info would be acceptable.

I am an admin of some servers, i modify the proxy settings of firefox in a GPO, and it works, but now ont thing is that users can modify the settings of "No proxy for" in Connection Settings, then add the urls, then users can access to any web site which they want to, is there a method to disable this? thanks.

Hello, I have a problem with setting up HTTPs only Mode in my Organization, I read a lot about that, but I dont see the "dom.security.https_only_mode" switch in GPO, we have the newest admx for Firefox. We need that to specific container, but still I dont know how to set it up, even via regedit, or preferences. Can someone describe me when can I set it up ? It could be using json file (which exactly file and how?), registry or just gpo. Regards, M.

Are these supposed to look different, or am I just doing something wrong? In the image I included here, SanitizeOnShutdown and Preferences look different from FirefoxHome and look incorrect. I removed other policies to make this simpler, but all of the other policies with multiple policy values look just like FirefoxHome. It appears that SanitizeOnShutdown is at least working since my history is indeed getting cleared on shutdown, but I'm unsure whether this actually works when I set these to the settings they should be since they should all be false other than Locked. Am I doing something wrong here or are these two policies supposed to look like that for some reason? Thank you in advance for the help!

``` {

   "policies": {

"DisablePrivateBrowsing": true,

       "SanitizeOnShutdown": {
           "Cache": false,
           "Cookies": false,
           "Downloads": false,
           "FormData": false,
           "History": true,
           "Sessions": false,
           "SiteSettings": false,
           "OfflineApps": false,

"Locked": true

       },
       "FirefoxHome": {
           "TopSites": false,
           "Search": false,
           "SponsoredTopSites": false,
           "Pocket": false,
           "SponsoredPocket": false,
           "Highlights": false,
           "Snippets": false,
           "Locked": true
       }

"Preferences": {

   	    "browser.contentblocking.category": {
   			"Value": "strict",
   			"Status": "locked"
   		},
   		"extensions.htmlaboutaddons.recommendations.enabled": {
   		    "Value": false,
   		    "Status": false
   		}

}

   }

} ```

Dears, Based on your documentation on https://github.com/mozilla/policy-templates/blob/master/README.md#extensionsettings I am not able to successfully deliver setting to firefox app via Intune OMA-URI. Can you check this on your side and help?

ExtensionSettings [./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/ExtensionSettings] Error -2016281112

Summary Session ID 68f1c5af4fb3404789cf Resource ID Not available Extension Microsoft_Intune_DeviceSettings Content PolicyReportSettingDetailBlade Error code 404

Thank you very much

We use Microsoft MDT for computer deployment. We have been installing the Standard version of Firefox for a long time with no problem. Recently we started using AD GPO Templates to configure firefox. To be able to configure certain settings you need to be running the ESR version. I downloaded the more recent ESR version: 102.12.0esr.msi file.

When deploying machine MDT to install Mozilla firefox I keep getting this error: Application Mozilla Firefox ESR returned an unexpected return code: 1618

This is the only application having issues and this issue only came up since I change the installation file to the ESR version.

This is the install command being used in MDT: msiexec /i "Firefoxesr.msi" /qn /norestart

I am posting here and not with MDT support, as this only started happening when I changed the installation file to the ESR version. Has anybody else had a problem deploying ESR version through MDT? Any help on how to fix?

Hi All, I have been on the struggle bus lately trying to get the application handlers set properly in our GPO. I am trying to get PDF, webp, avif to open in browser, and jnlp to auto launch Java. Any help will be greatly appreciated!

{"application/pdf":{"action":3,"extensions":["pdf"]},"image/webp":{"action":3,"extensions":["webp"]},"image/avif":{"action":3,"extensions":["avif"]},"application/x-java-jnlp-file":{"action":4,"handlers":[{"name":"javaws.exe","path":"C:\\Program Files (x86)\\Java\\jre-1.8\\bin\\javaws.exe"}],"extensions":["jnlp"]}}

im tryin to instal firefox in a firm users are non admins, and i distributing from a network server made a json file with som changes and on my test machine is lookin good but on a computer in the firm is startin to act funny creatin "Firefox Privat surfning.lnk" in "C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs" dont wont that changing my homepage settings showing "https://www.mozilla.org/en-US/privacy/firefox/ " dont want that how can i fix that try to google but no help there or is it another installer for enterprises? tryed this "https://www.mozilla.org/en-US/firefox/enterprise/#download" no diffrent

I recently deployed Mozilla Firefox 102.4 ESR here in our environment expecting that when a new version is released Firefox would automatically update on clients computers. Well today I noticed at a new release is out but isn't automatically updating on end users workstations. Does Firefox ESR not automatically update?

Hello Guys,

in our network we have several Fritzbox Routers which we remote administrate. If we connect to the routers with Firefox V115.2.0 we get a warning message - because it´s a Fritzbox self-signed certificate and cannot be validated. No Problem - everything okay with the message. But in Firefox 115.2.0 there is no advanced button that lets you go futher to connect to the website. With Version 102.14.0 ESR the advanced button is there. The webinterface works fine with Edge and Chrome (with warning but with advanced button to continue)

https://imgur.com/2ykzjY9

https://imgur.com/5LyIwzt

Is this a bug?

Best Regards, Michael

Hello,

I am working to convert my Org to Firefox ESR, but in order to this I need to uninstall the per user install of Firefox. We have many users that have the Firefox.exe located in their Local Appdata folder. So I need to test the uninstall of the Appdata install and then the install of ESR. But the problem is I haven't been able to get Firefox to automatically install into the appdata folder. How am I able to do this? The users who have it installed in the appdata folder are not admins on their computers. When I'm testing I've also been using a normal user account. Please let me know how I can install the exe into the appdata folder automatically without me specifically placing it there or which exe version I need to do this.

Thanks!

I am reviewing my user.js and pref.js files in anticipation of deploying policy settings in GPO. As a part of the review, I am trying to document what each of the preferences in those files actually do, in order to be able to see in the future why a setting was set the way it was.

I am presently at the preference "pref.browser.language.disable_button.remove". Based on the name of the preference, I would think that if set to true, it would disable the remove button in the Webpage Language Settings window. (Hamburger menu -> Settings -> General -> Language -> Choose your preferred language for displaying pages)

When I set it to true, it does not disable the remove button but when I use the remove button, the preference is set to false.

Am I misunderstanding the purpose of this preference or is there more to using this preference than just setting its value in about:config?

Also, I see there are a number of other preferences that contain disable_button but that only one, "pref.privacy.disable_button.view_passwords", has a GPO policy for setting. I would expect that these preferences containing disable_button would all work in a similar way just each for a different button in the Firefox GUI.

If it matters, I'm running Firefox 115.3.1esr 64-bit en-ca on Windows 10.

We're exploring adopting a default deny policy for Firefox extensions in our enterprise. However when I tested this by creating a custom policies.json Firefox unexpectedly removed all extensions for me, including the ones I thought I had allow listed. Here is my policies.json but just keeping in the Facebook Container add-on to illustrate:

{

   "policies": {
       "ExtensionSettings": {
           "*": {
               "blocked_install_message": "Only approved Firefox extensions can be installed, please email your request to itdept@example.org",
               "installation_mode": "blocked",
               "allowed_types": ["theme", "dictionary", "locale"]
           },
           "@contain-facebook.xpi": { "installation_mode": "allowed" }
       }
   }

}

What I would like is to to allow pre-approved extensions (including if they already are installed) and all other types of add-on, but remove and prohibit installation of unapproved extensions.

Can anyone assist, please?

Version: Firefox ESR 102.9.0 (64-bit) - Windows 10 Enterprise 22H2

Customers have been complaining for about 6 months that they can no longer drag and drop email attachments from Outlook (Microsoft Office Professional Plus 2019 - Exchange) into a Help Desk formula. I tested dragging from Outlook desktop and from the web version.

Drag and Drop works when using Edge and Chrome.

This is not a major issue, since customers can use the other browsers, but since they would prefer to use Firefox, a fix would really be appreciated.  :-)

Good afternoon,

We're currently trying to set up a Hardening Guide for Firefox ESR but are struggling with a few policies and setting wildcards.

For example, we're trying to set an origin in Cookies > Block Settings to something like "*", and we get the error "Ignoring parameter "*" - not a valid origin."

In Chrome / Edge you can set a wildcard like this: [*.]google.com for example - we receive the same error message for this.

Can you do such a thing for Firefox ESR without having to list every site you want to block?

ESR Version: 115.6.0esr (64-bit)

Kind Regards, Ethan Jerrum