]> git.p6c8.net - policy-templates.git/blobdiff - README.md
Add PrivateBrowsing to Authentication
[policy-templates.git] / README.md
index c95e8f8820c84ef32d5eee868221439e4036aca9..542840ebc14bc664fb994bbf65ab833013e4b4a5 100644 (file)
--- a/README.md
+++ b/README.md
@@ -1,8 +1,8 @@
 **These policies are in active development and so might contain changes that do not work with current versions of Firefox.**
 
-**You should use the officially released versions (https://github.com/mozilla/policy-templates/releases) if you are deploying changes.**
+**You should use the [officially released versions](https://github.com/mozilla/policy-templates/releases) if you are deploying changes.**
 
-Policies can be specified using the Group Policy templates on Windows (https://github.com/mozilla/policy-templates/tree/master/windows), configuration profiles on macOS (https://github.com/mozilla/policy-templates/tree/master/mac), or by creating a file called `policies.json`. On Windows, create a directory called `distribution` where the EXE is located and place the file there. On Mac, the file goes into `Firefox.app/Contents/Resources/distribution`.  On Linux, the file goes into `firefox/distribution`, where `firefox` is the installation directory for firefox, which varies by distribution.
+Policies can be specified using the [Group Policy templates on Windows](https://github.com/mozilla/policy-templates/tree/master/windows), [Intune on Windows](https://support.mozilla.org/kb/managing-firefox-intune), [configuration profiles on macOS](https://github.com/mozilla/policy-templates/tree/master/mac), or by creating a file called `policies.json`. On Windows, create a directory called `distribution` where the EXE is located and place the file there. On Mac, the file goes into `Firefox.app/Contents/Resources/distribution`.  On Linux, the file goes into `firefox/distribution`, where `firefox` is the installation directory for firefox, which varies by distribution.
 
 | Policy Name | Description
 | --- | --- |
@@ -32,9 +32,9 @@ Policies can be specified using the Group Policy templates on Windows (https://g
 | **[`DisableFirefoxStudies`](#disablefirefoxstudies)** | Disable Firefox studies (Shield).
 | **[`DisableForgetButton`](#disableforgetbutton)** | Disable the "Forget" button.
 | **[`DisableFormHistory`](#disableformhistory)** | Turn off saving information on web forms and the search bar.
+| **[`DisablePasswordReveal`](#disablepasswordreveal)** | Do not allow passwords to be revealed in saved logins.
 | **[`DisablePocket`](#disablepocket)** | Remove Pocket in the Firefox UI.
 | **[`DisablePrivateBrowsing`](#disableprivatebrowsing)** | Remove access to private browsing.
-| **[`DisablePasswordReveal`](#disablepasswordreveal)** | Do not allow passwords to be revealed in saved logins.
 | **[`DisableProfileImport`](#disableprofileimport)** | Disables the "Import data from another browser" option in the bookmarks window.
 | **[`DisableProfileRefresh`](#disableprofilerefresh)** | Disable the Refresh Firefox button on about:support and support.mozilla.org
 | **[`DisableSafeMode`](#disablesafemode)** | Disable safe mode within the browser.
@@ -82,8 +82,8 @@ Policies can be specified using the Group Policy templates on Windows (https://g
 | **[`SearchEngines -> PreventInstalls`](#searchengines--preventinstalls)** | Prevent installing search engines from webpages.
 | **[`SearchEngines -> Remove`](#searchengines--remove)** | Hide built-in search engines.
 | **[`SearchEngines -> Add`](#searchengines--add)** | Add new search engines.
-| **[`SecurityDevices`](#securitydevices)** | Install PKCS #11 modules.
 | **[`SearchSuggestEnabled`](#searchsuggestenabled)** | Enable search suggestions.
+| **[`SecurityDevices`](#securitydevices)** | Install PKCS #11 modules.
 | **[`SSLVersionMax`](#sslversionmax)** | Set and lock the maximum version of TLS.
 | **[`SSLVersionMin`](#sslversionmin)** | Set and lock the minimum version of TLS.
 | **[`SupportMenu`](#supportmenu)** | Add a menuitem to the help menu for specifying support information.
@@ -175,9 +175,11 @@ Configure sites that support integrated authentication.
 
 See https://developer.mozilla.org/en-US/docs/Mozilla/Integrated_authentication for more information.
 
-**Compatibility:** Firefox 60, Firefox ESR 60 (AllowNonFQDN added in 62/60.2, AllowProxies added in 70/68.2, Locked added in 71/68.3)\
+`PrivateBrowsing` enables integrated authentication in prviate browsing.
+
+**Compatibility:** Firefox 60, Firefox ESR 60 (AllowNonFQDN added in 62/60.2, AllowProxies added in 70/68.2, Locked added in 71/68.3, PrivateBrowsing added in 77/68.9)\
 **CCK2 Equivalent:** N/A\
-**Preferences Affected:** `network.negotiate-auth.trusted-uris`,`network.negotiate-auth.delegation-uris`,`network.automatic-ntlm-auth.trusted-uris`,`network.automatic-ntlm-auth.allow-non-fqdn`,`network.negotiate-auth.allow-non-fqdn`,`network.automatic-ntlm-auth.allow-proxies`,`network.negotiate-auth.allow-proxies`
+**Preferences Affected:** `network.negotiate-auth.trusted-uris`,`network.negotiate-auth.delegation-uris`,`network.automatic-ntlm-auth.trusted-uris`,`network.automatic-ntlm-auth.allow-non-fqdn`,`network.negotiate-auth.allow-non-fqdn`,`network.automatic-ntlm-auth.allow-proxies`,`network.negotiate-auth.allow-proxies`,`network.auth.private-browsing-sso`
 
 #### Windows (GPO)
 ```
@@ -192,6 +194,7 @@ Software\Policies\Mozilla\Firefox\Authentication\AllowNonFQDN\NTLM = 0x1 | 0x0
 Software\Policies\Mozilla\Firefox\Authentication\AllowProxies\SPNEGO = 0x1 | 0x0
 Software\Policies\Mozilla\Firefox\Authentication\AllowProxies\NTLM = 0x1 | 0x0
 Software\Policies\Mozilla\Firefox\Authentication\Locked = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Authentication\PrivateBrowsing = 0x1 | 0x0
 ```
 #### Windows (Intune)
 OMA-URI:
@@ -201,7 +204,6 @@ OMA-URI:
 Value (string):
 ```
 <enabled/>
-
 <data id="Authentication" value="1&#xF000;mydomain&#xF000;2&#xF000;https://myotherdomain.com"/>
 ```
 OMA-URI:
@@ -211,7 +213,6 @@ OMA-URI:
 Value (string):
 ```
 <enabled/>
-
 <data id="Authentication" value="1&#xF000;mydomain&#xF000;2&#xF000;https://myotherdomain.com"/>
 ```
 OMA-URI:
@@ -221,7 +222,6 @@ OMA-URI:
 Value (string):
 ```
 <enabled/>
-
 <data id="Authentication" value="1&#xF000;mydomain&#xF000;2&#xF000;https://myotherdomain.com"/>
 ```
 OMA-URI:
@@ -231,19 +231,24 @@ OMA-URI:
 Value (string):
 ```
 <enabled/>
-
 <data id="Authentication_AllowNonFQDN_NTLM" value="true | false"/>
 <data id="Authentication_AllowNonFQDN_SPNEGO" value="true | false"/>
 ```
 OMA-URI:
 ```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Homepage/HomepageStartPage
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Authentication/Authentication_Locked
 ```
 Value (string):
 ```
-<enabled/>
-
-<data id="StartPage" value="none | homepage | previous-session"/>
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Authentication/Authentication_PrivateBrowsing
+```
+Value (string):
+```
+<enabled/> or <disabled/>
 ```
 #### macOS
 ```
@@ -281,6 +286,8 @@ Value (string):
     </dict>
     <key>Locked</key>
     <true/> | <false/>
+    <key>PrivateBrowsing</key>
+    <true/> | <false/>
   </dict>
 </dict>
 ```
@@ -300,7 +307,8 @@ Value (string):
         "SPNEGO": true | false,
         "NTLM": true | false
       },
-      "Locked": true | false
+      "Locked": true | false,
+      "PrivateBrowsing": true | false
     }
   }
 }
@@ -952,6 +960,23 @@ Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_RSA_WITH_AES_128_CBC_SHA =
 Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_RSA_WITH_AES_256_CBC_SHA = 0x1 | 0x0
 Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x1 | 0x0
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DisabledCiphers/DisabledCiphers_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DisabledCiphers/DisabledCiphers_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DisabledCiphers/DisabledCiphers_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DisabledCiphers/DisabledCiphers_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DisabledCiphers/DisabledCiphers_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DisabledCiphers/DisabledCiphers_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DisabledCiphers/DisabledCiphers_TLS_RSA_WITH_AES_128_CBC_SHA
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DisabledCiphers/DisabledCiphers_TLS_RSA_WITH_AES_256_CBC_SHA
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DisabledCiphers/DisabledCiphers_TLS_RSA_WITH_3DES_EDE_CBC_SHA
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
 #### macOS
 ```
 <dict>
@@ -1737,6 +1762,41 @@ Software\Policies\Mozilla\Firefox\DNSOverHTTPS\ProviderURL = "URL_TO_ALTERNATE_P
 Software\Policies\Mozilla\Firefox\DNSOverHTTPS\Locked = 0x1 | 0x0
 Software\Policies\Mozilla\Firefox\DNSOverHTTPS\ExcludedDomains\1 = "example.com"
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DNSOverHTTPS/DNSOverHTTPS_Enabled
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DNSOverHTTPS/DNSOverHTTPS_ProviderURL
+```
+Value (string):
+```
+<enabled/>
+<data id="String" value="URL_TO_ALTERNATE_PROVIDER"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DNSOverHTTPS/DNSOverHTTPS_Locked
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DNSOverHTTPS/DNSOverHTTPS_ExcludedDomains
+```
+Value (string):
+```
+<enabled/>
+<data id="List" value="1&#xF000;example.com"/>
+```
 #### macOS
 ```
 <dict>
@@ -1779,6 +1839,15 @@ Don't check if Firefox is the default browser at startup.
 ```
 Software\Policies\Mozilla\Firefox\DontCheckDefaultBrowser = 0x1 | 0x0
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DontCheckDefaultBrowser
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
 #### macOS
 ```
 <dict>
@@ -1807,6 +1876,16 @@ You can use ${home} for the native home directory.
 ```
 Software\Policies\Mozilla\Firefox\DefaultDownloadDirectory = "${home}\Downloads"
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DefaultDownloadDirectory
+```
+Value (string):
+```
+<enabled/>
+<data id="Preferences_String" value="${home}\Downloads"/>
+```
 #### macOS
 ```
 <dict>
@@ -1841,6 +1920,16 @@ You can use ${home} for the native home directory.
 ```
 Software\Policies\Mozilla\Firefox\DownloadDirectory = "${home}\Downloads"
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DownloadDirectory
+```
+Value (string):
+```
+<enabled/>
+<data id="Preferences_String" value="${home}\Downloads"/>
+```
 #### macOS
 ```
 <dict>
@@ -2123,6 +2212,15 @@ Control extension updates.
 ```
 Software\Policies\Mozilla\Firefox\ExtensionUpdate = 0x1 | 0x0
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/ExtensionUpdate
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
 #### macOS
 ```
 <dict>
@@ -2169,7 +2267,6 @@ Value (string):
 ```
 <enabled/>
 <data id="Permissions" value="1&#xF000;https://example.org&#xF000;2&#xF000;https://example.edu"/>
-
 ```
 OMA-URI:
 ```
@@ -2236,6 +2333,21 @@ Software\Policies\Mozilla\Firefox\FirefoxHome\Pocket = 0x1 | 0x0
 Software\Policies\Mozilla\Firefox\FirefoxHome\Snippets = 0x1 | 0x0
 Software\Policies\Mozilla\Firefox\FirefoxHome\Locked = 0x1 | 0x0
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/CustomizeFirefoxHome
+```
+Value (string):
+```
+<enabled/>
+<data id="FirefoxHome_Search"  value="true | false"/>
+<data id="FirefoxHome_TopSites"  value="true | false"/>
+<data id="FirefoxHome_Highlights"  value="true | false"/>
+<data id="FirefoxHome_Pocket"  value="true | false"/>
+<data id="FirefoxHome_Snippets"  value="true | false"/>
+<data id="FirefoxHome_Locked"  value="true | false"/>
+```
 #### macOS
 ```
 <dict>
@@ -2282,6 +2394,15 @@ Control hardware acceleration.
 ```
 Software\Policies\Mozilla\Firefox\HardwareAcceleration = 0x1 | 0x0
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/HardwareAcceleration
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
 #### macOS
 ```
 <dict>
@@ -2464,6 +2585,15 @@ This policy only work on Windows via GPO (not policies.json).
 ```
 Software\Policies\Mozilla\Firefox\LegacyProfiles = = 0x1 | 0x0
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/LegacyProfiles
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
 ### LocalFileLinks
 Enable linking to local files by origin.
 
@@ -2476,6 +2606,16 @@ Enable linking to local files by origin.
 Software\Policies\Mozilla\Firefox\LocalFileLinks\1 = "https://example.org"
 Software\Policies\Mozilla\Firefox\LocalFileLinks\2 = "https://example.edu"
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/LocalFileLinks
+```
+Value (string):
+```
+<enabled/>
+<data id="LocalFileLinks" value="1&#xF000;https://example.org&#xF000;2&#xF000;https://example.edu"/>
+```
 #### macOS
 ```
 <dict>
@@ -2495,23 +2635,30 @@ Software\Policies\Mozilla\Firefox\LocalFileLinks\2 = "https://example.edu"
   }
 }
 ```
-### NoDefaultBookmarks
-Disable the creation of default bookmarks.
-
-This policy is only effective if the user profile has not been created yet.
+### NetworkPrediction
+Enable or disable network prediction (DNS prefetching).
 
-**Compatibility:** Firefox 60, Firefox ESR 60\
-**CCK2 Equivalent:** `removeDefaultBookmarks`\
-**Preferences Affected:** N/A
+**Compatibility:** Firefox 67, Firefox ESR 60.7\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `network.dns.disablePrefetch`,`network.dns.disablePrefetchFromHTTPS`
 
 #### Windows (GPO)
 ```
-Software\Policies\Mozilla\Firefox\NoDefaultBookmarks = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\NetworkPrediction = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/NetworkPrediction
+```
+Value (string):
+```
+<enabled/> or <disabled/>
 ```
 #### macOS
 ```
 <dict>
-  <key>NoDefaultBookmarks</key>
+  <key>NetworkPrediction</key>
   <true/> | <false/>
 </dict>
 ```
@@ -2519,25 +2666,33 @@ Software\Policies\Mozilla\Firefox\NoDefaultBookmarks = 0x1 | 0x0
 ```
 {
   "policies": {
-    "NoDefaultBookmarks": true | false
-  }
+    "NetworkPrediction": true | false
 }
 ```
-### NetworkPrediction
-Enable or disable network prediction (DNS prefetching).
+### NewTabPage
+Enable or disable the New Tab page.
 
-**Compatibility:** Firefox 67, Firefox ESR 60.7\
+**Compatibility:** Firefox 68, Firefox ESR 68\
 **CCK2 Equivalent:** N/A\
-**Preferences Affected:** `network.dns.disablePrefetch`,`network.dns.disablePrefetchFromHTTPS`
+**Preferences Affected:** `browser.newtabpage.enabled`
 
 #### Windows (GPO)
 ```
-Software\Policies\Mozilla\Firefox\NetworkPrediction = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\NewTabPage = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/NewTabPage
+```
+Value (string):
+```
+<enabled/> or <disabled/>
 ```
 #### macOS
 ```
 <dict>
-  <key>NetworkPrediction</key>
+  <key>NewTabPage</key>
   <true/> | <false/>
 </dict>
 ```
@@ -2545,24 +2700,26 @@ Software\Policies\Mozilla\Firefox\NetworkPrediction = 0x1 | 0x0
 ```
 {
   "policies": {
-    "NetworkPrediction": true | false
+    "NewTabPage": true | false
 }
 ```
-### NewTabPage
-Enable or disable the New Tab page.
+### NoDefaultBookmarks
+Disable the creation of default bookmarks.
 
-**Compatibility:** Firefox 68, Firefox ESR 68\
-**CCK2 Equivalent:** N/A\
-**Preferences Affected:** `browser.newtabpage.enabled`
+This policy is only effective if the user profile has not been created yet.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `removeDefaultBookmarks`\
+**Preferences Affected:** N/A
 
 #### Windows (GPO)
 ```
-Software\Policies\Mozilla\Firefox\NewTabPage = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\NoDefaultBookmarks = 0x1 | 0x0
 ```
 #### Windows (Intune)
 OMA-URI:
 ```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/NewTabPage
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/NoDefaultBookmarks
 ```
 Value (string):
 ```
@@ -2571,7 +2728,7 @@ Value (string):
 #### macOS
 ```
 <dict>
-  <key>NewTabPage</key>
+  <key>NoDefaultBookmarks</key>
   <true/> | <false/>
 </dict>
 ```
@@ -2579,7 +2736,8 @@ Value (string):
 ```
 {
   "policies": {
-    "NewTabPage": true | false
+    "NoDefaultBookmarks": true | false
+  }
 }
 ```
 ### OfferToSaveLogins
@@ -2593,6 +2751,15 @@ Control whether or not Firefox offers to save passwords.
 ```
 Software\Policies\Mozilla\Firefox\OfferToSaveLogins = 0x1 | 0x0
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/OfferToSaveLogins
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
 #### macOS
 ```
 <dict>
@@ -2619,6 +2786,15 @@ Sets the default value of signon.rememberSignons without locking it.
 ```
 Software\Policies\Mozilla\Firefox\OfferToSaveLoginsDefault = 0x1 | 0x0
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/OfferToSaveLoginsDefault
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
 #### macOS
 ```
 <dict>
@@ -2680,6 +2856,16 @@ Override the upgrade page. If the value is blank, no upgrade page is displayed.
 ```
 Software\Policies\Mozilla\Firefox\OverridePostUpdatePage = "http://example.org"
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/OverridePostUpdatePage
+```
+Value (string):
+```
+<enabled/>
+<data id="OverridePage" value="https://example.com"/>
+```
 #### macOS
 ```
 <dict>
@@ -2821,6 +3007,32 @@ Value (string):
 <enabled/>
 <data id="Permissions" value="1&#xF000;https://example.org"/>
 ```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Permissions~Autoplay/Autoplay_Block
+```
+Value (string):
+```
+<enabled/>
+<data id="Permissions" value="1&#xF000;https://example.edu"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Permissions~Autoplay/Autoplay_Default
+```
+Value (string):
+```
+<enabled/>
+<data id="Autoplay_Default" value="allow-audio-video | block-audio | block-audio-video"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Permissions~Autoplay/Autoplay_Locked
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
 #### macOS
 ```
 <dict>
@@ -2964,6 +3176,32 @@ Software\Policies\Mozilla\Firefox\PopupBlocking\Allow\2 = "https://example.edu"
 Software\Policies\Mozilla\Firefox\PopupBlocking\Default = 0x1 | 0x0
 Software\Policies\Mozilla\Firefox\PopupBlocking\Locked = 0x1 | 0x0
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Popups/PopupBlocking_Allow
+```
+Value (string):
+```
+<enabled/>
+<data id="Permissions" value="1&#xF000;https://example.org&#xF000;2&#xF000;https://example.edu"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Popups/PopupBlocking_Default
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Popups/PopupBlocking_Locked
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
 #### macOS
 ```
 <dict>
@@ -3150,6 +3388,15 @@ Ask where to save each file before downloading.
 ```
 Software\Policies\Mozilla\Firefox\PromptForDownloadLocation = 0x1 | 0x0
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/PromptForDownloadLocation
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
 #### macOS
 ```
 <dict>
@@ -3303,6 +3550,16 @@ or
 
 Software\Policies\Mozilla\Firefox\RequestedLocales = "de,en-US"
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/RequestedLocalesString
+```
+Value (string):
+```
+<enabled/>
+<data id="Preferences_String" value="de,en-US"/>
+```
 #### macOS
 ```
 <dict>
@@ -3457,6 +3714,16 @@ Set whether or not search bar is displayed.
 ```
 Software\Policies\Mozilla\Firefox\SearchBar = "unified" | "separate"
 ```
+
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/SearchBar
+```
+Value (string):
+```
+<enabled/>
+<data id="Permissions" value="unified | separate"/>
 #### macOS
 ```
 <dict>
@@ -3464,7 +3731,6 @@ Software\Policies\Mozilla\Firefox\SearchBar = "unified" | "separate"
   <string>unified | separate</string>
 </dict>
 ```
-
 #### policies.json
 ```
 {
@@ -3489,6 +3755,16 @@ Set the default search engine. This policy is only available on the ESR.
 ```
 Software\Policies\Mozilla\Firefox\SearchEngines\Default = NAME_OF_SEARCH_ENGINE
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Search/SearchEngines_Default
+```
+Value (string):
+```
+<enabled/>
+<data id="SearchEngines_Default" value="NAME_OF_SEARCH_ENGINE"/>
+```
 #### macOS
 ```
 <dict>
@@ -3562,6 +3838,16 @@ Hide built-in search engines. This policy is only available on the ESR.
 ```
 Software\Policies\Mozilla\Firefox\SearchEngines\Remove\1 = NAME_OF_SEARCH_ENGINE
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Search/SearchEngines_Remove
+```
+Value (string):
+```
+<enabled/>
+<data id="SearchEngines_Remove" value="1&#xF000;NAME_OF_SEARCH_ENGINE"/>
+```
 #### macOS
 ```
 <dict>
@@ -3619,7 +3905,23 @@ Software\Policies\Mozilla\Firefox\SearchEngines\Add\1\Description = "Example Des
 Software\Policies\Mozilla\Firefox\SearchEngines\Add\1\SuggestURLTemplate = "https://www.example.org/suggestions/q={searchTerms}"
 Software\Policies\Mozilla\Firefox\SearchEngines\Add\1\PostData = "name=value&q={searchTerms}"
 ```
-
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Search/SearchEngines_1
+```
+Value (string):
+```
+<enabled/>
+<data id="SearchEngine_Name" value="Example1"/>
+<data id="SearchEngine_URLTemplate" value="https://www.example.org/q={searchTerms"/>
+<data id="SearchEngine_Method" value="GET | POST"/>
+<data id="SearchEngine_IconURL" value="https://www.example.org/favicon.ico"/>
+<data id="SearchEngine_Alias" value="example"/>
+<data id="SearchEngine_Description" value="Example Description"/>
+<data id="SearchEngine_SuggestURLTemplate" value="https://www.example.org/suggestions/q={searchTerms}"/>
+<data id="SearchEngine_PostData" value="name=value&amp;q={searchTerms}"/>
+```
 #### macOS
 ```
 <dict>
@@ -3682,6 +3984,15 @@ Enable search suggestions.
 ```
 Software\Policies\Mozilla\Firefox\SearchSuggestEnabled = 0x1 | 0x0
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/SearchSuggestEnabled
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
 #### macOS
 ```
 <dict>
@@ -3709,6 +4020,16 @@ Install PKCS #11 modules.
 ```
 Software\Policies\Mozilla\Firefox\SecurityDevices\NAME_OF_DEVICE = PATH_TO_LIBRARY_FOR_DEVICE
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/SecurityDevices
+```
+Value (string):
+```
+<enabled/>
+<data id="SecurityDevices" value="NAME_OF_DEVICE&#xF000;PATH_TO_LIBRARY_FOR_DEVICE"/>
+```
 #### macOS
 ```
 <dict>
@@ -3742,6 +4063,16 @@ Set and lock the maximum version of TLS.
 ```
 Software\Policies\Mozilla\Firefox\SSLVersionMax = "tls1" | "tls1.1" | "tls1.2" | "tls1.3"
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/SSLVersionMax
+```
+Value (string):
+```
+<enabled/>
+<data id="SSLVersion" value="tls1 | tls1.2 | tls1.3"/>
+```
 #### macOS
 ```
 <dict>
@@ -3809,6 +4140,18 @@ Software\Policies\Mozilla\Firefox\SupportMenu\Title = "Support Menu"
 Software\Policies\Mozilla\Firefox\SupportMenu\URL = "http://example.com/support"
 Software\Policies\Mozilla\Firefox\SupportMenu\AccessKey = "S"
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/SupportMenu
+```
+Value (string):
+```
+<enabled/>
+<data id="SupportMenuTitle" value="Support Menu"/>
+<data id="SupportMenuURL" value="http://example.com/support"/>
+<data id="SupportMenuAccessKey" value="S">
+```
 #### macOS
 ```
 <dict>
@@ -3858,6 +4201,18 @@ Software\Policies\Mozilla\Firefox\UserMessaging\ExtensionRecommendations = 0x1 |
 Software\Policies\Mozilla\Firefox\UserMessaging\FeatureRecommendations = 0x1 | 0x0
 Software\Policies\Mozilla\Firefox\UserMessaging\UrlbarInterventions = 0x1 | 0x0
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/UserMessaging_WhatsNew
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/UserMessaging_ExtensionRecommendations
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/UserMessaging_FeatureRecommendations
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/UserMessaging_UrlbarInterventions
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
 #### macOS
 ```
 <dict>
@@ -3899,6 +4254,25 @@ Block websites from being visited. The parameters take an array of Match Pattern
 Software\Policies\Mozilla\Firefox\WebsiteFilter\Block\1 = "<all_urls>"
 Software\Policies\Mozilla\Firefox\WebsiteFilter\Exceptions\1 = "http://example.org/*"
 ```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/B_WebsiteFilter_Block
+```
+Value (string):
+```
+<enabled/>
+<data id="WebsiteFilter" value="1&#xF000;<all_urls>"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/B_WebsiteFilter_Exceptions
+```
+Value (string):
+```
+<enabled/>
+<data id="WebsiteFilter" value="1&#xF000;http://example.org/*"/>
+```
 #### macOS
 ```
 <dict>

patrick-canterino.de