X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/194c2f7dbeff66f7ebecd7606cb2372a47ad3231..6b54301630f94c0d7ffd499b784ce4f2288abba1:/windows/en-US/firefox.adml diff --git a/windows/en-US/firefox.adml b/windows/en-US/firefox.adml index e5f23e6..3f6572f 100644 --- a/windows/en-US/firefox.adml +++ b/windows/en-US/firefox.adml @@ -1,14 +1,23 @@ - + Microsoft Windows XP SP2 or later - Firefox 60 or later + Firefox 60 or later, Firefox 60 ESR or later + Firefox 62 or later, Firefox 60.2 ESR or later + Firefox 63 or later + Firefox 64 or later, Firefox 60.4 ESR or later + Firefox 66 or later, Firefox 60.6 ESR or later + Firefox 67 or later, Firefox 60.7 ESR or later Firefox 60 ESR or later Firefox Permissions + Camera + Microphone + Location + Notifications Authentication Bookmarks Certificates @@ -21,6 +30,10 @@ Search Allowed Sites Blocked Sites + Custom Update URL + If this policy is enabled, you can set a URL to an update server other than the default. This could be helpful if you run your own update server on your network. + +If this policy is disabled or not configured, the default update URL is used. SPNEGO If this policy is enabled, the specified websites are permitted to engage in SPNEGO authentication with the browser. Entries in the list are formatted as mydomain.com or https://myotherdomain.com. @@ -39,6 +52,10 @@ For more information, see https://developer.mozilla.org/en-US/docs/Mozilla/Integ If this policy is disabled or not configured, no websites are trusted to use NTLM authentification. For more information, see https://developer.mozilla.org/en-US/docs/Mozilla/Integrated_authentication. + Allow Non FQDN + If this policy is enabled, you can always allow SPNEGO or NTLM on non FQDNs (fully qualified domain names). + +If this policy is disabled or not configured, NTLM and SPNEGO are not enabled on non FQDNs. Block Add-ons Manager If this policy is enabled, the user cannot access the Add-ons Manager or about:addons. @@ -59,10 +76,22 @@ If this policy is disabled or not configured, the user can access Troubleshootin If this policy is enabled, the user cannot set an image as their desktop background. If this policy is disabled or not configured, users can set images as their desktop background. + Captive Portal + If this policy is disabled, captive portal support is disabled. + +If this policy is enabled or not configured, captive portal support is enabled. Import Enterprise Roots If this policy is enabled, Firefox will read certificates from the Windows certificate store. If this policy is disabled or not configured, Firefox will not read certificates from the Windows certificate store. + Install Certificates + If this policy is enabled, Firefox will install the listed certificates into Firefox. It will look in %USERPROFILE%\AppData\Local\Mozilla\Certificates and %USERPROFILE%\AppData\Roaming\Mozilla\Certificates. + +If this policy is disabled or not configured, Firefox will not install additional certificates. + Configure DNS Over HTTPS + If this policy is enabled, the default configuration for DNS over HTTPS can be changed. + +If this policy is disabled or not configured, DNS Over HTTPS uses the default Firefox configuration. Disable Master Password Creation If this policy is enabled, users cannot create a master password. @@ -168,7 +197,19 @@ If this policy is disabled or not configured, no extensions are uninstalled.Prevent extensions from being disabled or removed If this policy is enabled, you can specify a list of extension IDs that the user will be unable to uninstall or disable. -If this policy is disabled or not configured, no extensions are locked. +If this policy is disabled or not configured, no extensions are locked + Extension Update + If this policy is disabled, extensions will not be updated automatically. + +If this policy is enabled or not configured, extensions will be updated automatically. + Hardware Acceleration + If this policy is disabled, hardware acceleration and cannot be enabled. + +If this policy is enabled or not configured, hardware acceleration is enabled. + Network Prediction + If this policy is disabled, network prediction (DNS prefetching) will be disabled. + +If this policy is enabled or not configured, network prediction (DNS prefetching) will be enabled. Offer to save logins If this policy is enabled or not configured, Firefox will offer to save website logins and passwords. @@ -211,11 +252,71 @@ This setting is ignored if this policy is disabled or not configured or if cooki Keep cookies until Firefox is closed If this policy is enabled and cookies are allowed, they will expire when Firefox is closed. +This setting is ignored if this policy is disabled or not configured or if cookies are not allowed. + Reject trackers + If this policy is enabled and cookies are allowed, Firefox will reject tracker cookies by default. + This setting is ignored if this policy is disabled or not configured or if cookies are not allowed. Do not allow preferences to be changed If this policy is enabled, cookie preferences cannot be changed by the user. If this policy is disabled or not configured, the user can change their cookie preferences. + If this policy is enabled, access to the camera is always allowed for the origins indicated. + +If this policy is disabled or not configured, the default camera policy is followed. + If this policy is enabled, access to the camera is blocked for the origins indicated. + +If this policy is disabled or not configured, access to the camera is not blocked by default. + Block new requests asking to access the camera + If this policy is enabled, sites that are not in the Allow policy will not be allowed to ask permission to access the camera. + +If this policy is disabled or not configured, any site that is not in the Block policy can ask permission to access the camera. + Do not allow preferences to be changed + If this policy is enabled, camera preferences cannot be changed by the user. + +If this policy is disabled or not configured, the user can change their camera preferences. + If this policy is enabled, access to the microphone is always allowed for the origins indicated. + +If this policy is disabled or not configured, the default microphone policy is followed. + If this policy is enabled, access to the microphone is blocked for the origins indicated. + +If this policy is disabled or not configured, access to the microphone is not blocked by default. + Block new requests asking to access the microphone + If this policy is enabled, sites that are not in the Allow policy will not be allowed to ask permission to access the microphone. + +If this policy is disabled or not configured, any site that is not in the Block policy can ask permission to access the microphone. + Do not allow preferences to be changed + If this policy is enabled, microphone preferences cannot be changed by the user. + +If this policy is disabled or not configured, the user can change their camera preferences. + If this policy is enabled, access to location is always allowed for the origins indicated. + +If this policy is disabled or not configured, the default location policy is followed. + If this policy is enabled, access to location is blocked for the origins indicated. + +If this policy is disabled or not configured, access to location is not blocked by default. + Block new requests asking to access location + If this policy is enabled, sites that are not in the Allow policy will not be allowed to ask permission to access location. + +If this policy is disabled or not configured, any site that is not in the Block policy can ask permission to access location. + Do not allow preferences to be changed + If this policy is enabled, location preferences cannot be changed by the user. + +If this policy is disabled or not configured, the user can change location preferences. + If this policy is enabled, notifications can always be sent for the origins indicated. + +If this policy is disabled or not configured, the default notification policy is followed. + If this policy is enabled, notifications are always blocked for the origins indicated. + +If this policy is disabled or not configured, notifications are not blocked by default. + Block new requests asking to send notifications + If this policy is enabled, sites that are not in the Allow policy will not be allowed to ask permission to send notifications. + +If this policy is disabled or not configured, any site that is not in the Block policy can ask permission to send notifications. + Do not allow preferences to be changed + If this policy is enabled, notification preferences cannot be changed by the user. + +If this policy is disabled or not configured, the user can change their notification preferences. If this policy is enabled, Flash is activated by default for the origins indicated unless Flash is completely disabled. If a top level domain is specified (http://example.org), Flash is allowed for all subdomains as well. If this policy is disabled or not configured, the default Flash policy is followed. @@ -223,7 +324,7 @@ If this policy is disabled or not configured, the default Flash policy is follow If this policy is disabled or not configured, the default Flash policy is followed. Activate Flash on websites - If this policy is enabled, Flash is always activates on websites. + If this policy is enabled, Flash is always activated on websites. If this policy is disabled, Flash is never activated on websites, even if they are in the specified in the Allow list. @@ -252,11 +353,56 @@ If this policy is disabled or not configured, no websites are blocked. If this policy is enabled, and the website filter is enabled, you can specify match patterns for sites you do not want to block. The match patterns are documented at https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Match_patterns. Only http/https addresses are supported at the moment. There is a 1000 entry limit. If this policy is disabled or not configured, there are no exceptions to the website filter. - Bookmark One - Bookmark Two - Bookmark Three - Bookmark Four - Bookmark Five + Bookmark 01 + Bookmark 02 + Bookmark 03 + Bookmark 04 + Bookmark 05 + Bookmark 06 + Bookmark 07 + Bookmark 08 + Bookmark 09 + Bookmark 10 + Bookmark 11 + Bookmark 12 + Bookmark 13 + Bookmark 14 + Bookmark 15 + Bookmark 16 + Bookmark 17 + Bookmark 18 + Bookmark 19 + Bookmark 20 + Bookmark 21 + Bookmark 22 + Bookmark 23 + Bookmark 24 + Bookmark 25 + Bookmark 26 + Bookmark 27 + Bookmark 28 + Bookmark 29 + Bookmark 30 + Bookmark 31 + Bookmark 32 + Bookmark 33 + Bookmark 34 + Bookmark 35 + Bookmark 36 + Bookmark 37 + Bookmark 38 + Bookmark 39 + Bookmark 40 + Bookmark 41 + Bookmark 42 + Bookmark 43 + Bookmark 44 + Bookmark 45 + Bookmark 46 + Bookmark 47 + Bookmark 48 + Bookmark 49 + Bookmark 50 If this policy is enabled, you can configure a bookmark be added to Firefox. Due to a bug, you must select the location. Note that you must specify the bookmarks in order. If this policy is disabled or not configured, a new bookmark is not added. @@ -276,6 +422,13 @@ If this policy is disabled or not configured, the user can set and change the ho If this policy is enabled, you can have additional home pages. They are opened in multiple tabs. If this policy is disabled or not configured, there is only one home page. + Start Page + If this policy is enabled, you can change what is displayed when Firefox starts. It can be the homepage, the previous session, or a blank page. + +If this policy is disabled or not configured, the start page defaults to the previous session. + None + Homepage + Previous Session Proxy Settings If this policy is enabled, you can configure and lock network settings. @@ -300,6 +453,14 @@ If this policy is disabled or not configured, the default network settings are u If this policy is disabled, tracking protection is disabled and locked in both the browser and private browsing. If this policy is enabled, private browsing is enabled by default in both the browser and private browsing and you can choose whether or not to prevent the user from changing it. + Requested locale + If this policy is enabled, you can specify a list of requested locales for the application in order of preference. It will cause the corresponding language pack to become active. + +If this policy is disabled or not configured, the application will use the default locale. + Security Devices + If this policy is enabled, you can specify a list of PKCS #11 modules to be installed. Modules are specified as a name and a fully qualified path. + +If this policy is disabled or not configured, no additional PKCS #11 modules will be installed. Search bar location If this policy is enabled, you can set whether the search bar is separate from the URL bar. @@ -324,11 +485,45 @@ If this policy is disabled or not configured, the Firefox default engine is used If this policy is enabled, the user cannot install search engines from web page. If this policy is disabled or not configured, search engines can be installed from web pages. + Remove Search Engines + If this policy is enabled, you can specify the names of engines to be removed or hidden. + +If this policy is disabled or not configured, search engines will not be removed or hidden. + Minimum SSL version enabled + If this policy is enabled, Firefox will not use SSL/TLS versions less than the value specified. + +If this policy is disabled or not configured, Firefox defaults to a minimum of TLS 1.0. + Maximum SSL version enabled + If this policy is enabled, Firefox will not use SSL/TLS versions greater than the value specified. + +If this policy is disabled or not configured, Firefox defaults to a maximum of TLS 1.3. + TLS 1.0 + TLS 1.1 + TLS 1.2 + TLS 1.3 + + + + + + + Always allow NTLM on non FQDNs + Always allow SPNEGO on non FQDNs + + + + + + + + + + @@ -361,6 +556,9 @@ If this policy is disabled or not configured, search engines can be installed fr Additional homepages + + + Title: @@ -408,6 +606,9 @@ If this policy is disabled or not configured, search engines can be installed fr + + + Don't allow proxy settings to be changed. Connection Type: @@ -443,6 +644,17 @@ If this policy is disabled or not configured, search engines can be installed fr Do not prompt for authentication if password is saved. Proxy DNS when using SOCKS v5. + + Provider URL: + + + Enable DNS over HTTPS. + Don't allow DNS over HTTPS preferences to be changed. + + + +