X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/09d0c00368d0f04e164027991f6ee75fc891e58b..6fa5ad6f26a21449489f7fa6278920b8b377e575:/README.md diff --git a/README.md b/README.md index 5296410..9d7eaeb 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,5 @@ -Policies can either be specified using the GPO templates or by putting a file called policies.json in the distribution directory. +Policies can either be specified using the Group Policy templates or by creating a file called policies.json. On Windows, create a directory called distribution where the EXE is located and place the file there. On Mac, the file goes into Firefox.app/Content/Resources/distribution. + The content of the JSON file should look like this: ``` { @@ -7,8 +8,20 @@ The content of the JSON file should look like this: } } ``` -Policies are documented below. - +Policies are documented below. Note that even though comments are used in this file for documentation, comments are not allowed for JSON files. +### Authentication +This policy is for configuring sites that support integrated authentication. See https://developer.mozilla.org/en-US/docs/Mozilla/Integrated_authentication for more information. +``` +{ + "policies": { + "Authentication": { + "SPNEGO": ["mydomain.com", "https://myotherdomain.com"], + "Delegated": ["mydomain.com", "https://myotherdomain.com"], + "NTLM": ["mydomain.com", "https://myotherdomain.com"] + } + } +} +``` ### BlockAboutAddons This policy removes access to about:addons. ``` @@ -53,6 +66,33 @@ This policy removes the "Set As Desktop Background..." menuitem when right click } } ``` +### Certificates +This is a Windows only policy that tells Firefox to read certificates from the Windows certificate store. +``` +{ + "policies": { + "Certificates": { + "ImportEnterpriseRoots": [true|false] + } + } +} +``` +### Cookies +This policy controls various settings related to cookies. +``` +{ + "policies": { + "Cookies": { + "Allow": ["http://example.org/"], /* Domains where cookies are always allowed */ + "Block": ["http://example.edu/"], /* Domains where cookies are always blocked */ + "Default": [true|false], /* This sets the default value for "Accept cookies from websites" */ + "AcceptThirdParty": ["all", "none", "from-visited"], /* This sets the default value for "Accept third-party cookies" */ + "ExpireAtSessionEnd": [true|false], /* This determines when cookies expire */ + "Locked": [true|false] /* If this is true, cookies preferences can't be changed */ + } + } +} +``` ### CreateMasterPassword This policy removes the master password functionality. ``` @@ -269,18 +309,6 @@ This policy sets domains that can install extensions } } ``` -### Cookies -This policy sets domains that can set or not set cookies. -``` -{ - "policies": { - "Cookies": { - "Allow": ["http://example.org/"], - "Block": ["http://example.edu/"] - } - } -} -``` ### FlashPlugin This policy sets domains that can use or not use Flash ``` @@ -314,17 +342,17 @@ same folder name are grouped together. ``` ### Proxy This policy allows you to specify proxy settings. These settings correspond to the connection settings in Firefox preferences. -To specify ports, append them to the URLs with a colon (:). If Locked is set to true, the values can't be changed by the user. +To specify ports, append them to the hostnames with a colon (:). If Locked is set to true, the values can't be changed by the user. ``` { "Proxy": { "Mode": ["none", "system", "manual", "autoDetect", "autoConfig"] "Locked": [true, false] -Z "HTTPProxy": "URL_TO_PROXY", + "HTTPProxy": "hostname", "UseHTTPProxyForAllProtocols": [true, false] - "SSLProxy": "URL_TO_PROXY", - "FTPProxy": "URL_TO_PROXY", - "SOCKSProxy": { "URL_TO_PROXY", + "SSLProxy": "hostname", + "FTPProxy": "hostname", + "SOCKSProxy": "hostname", "SOCKSVersion": [4, 5], "Passthrough": "List of passthrough addresses/domains", "AutoConfigURL": "URL_TO_AUTOCONFIG",