X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/235e10d358dbb8bdbaa1b706d064eccd04c6b704..fddf307533b2e3493203753c01ad2cc81bbdcbc7:/README.md
diff --git a/README.md b/README.md
index 3615e91..301456f 100644
--- a/README.md
+++ b/README.md
@@ -6,8 +6,9 @@ Policies can be specified using the Group Policy templates on Windows (https://g
| Policy Name | Description
| --- | --- |
-| **[`AppUpdateURL`](#AppUpdateURL)** | Change the URL for application update.
-| **[`Authentication`](#Authentication)** | Configure sites that support integrated authentication.
+| **[`AppAutoUpdate`](#appautoupdate)** | Enable or disable automatic application update.
+| **[`AppUpdateURL`](#appupdateurl)** | Change the URL for application update.
+| **[`Authentication`](#authentication)** | Configure sites that support integrated authentication.
| **[`BlockAboutAddons`](#blockaboutaddons)** | Block access to the Add-ons Manager (about:addons).
| **[`BlockAboutConfig`](#blockaboutconfig)** | Block access to about:config.
| **[`BlockAboutProfiles`](#blockaboutprofiles)** | Block access to About Profiles (about:profiles).
@@ -22,6 +23,7 @@ Policies can be specified using the Group Policy templates on Windows (https://g
| **[`DisableMasterPasswordCreation`](#disablemasterpasswordcreation)** | Remove the master password functionality.
| **[`DisableAppUpdate`](#disableappupdate)** | Turn off application updates.
| **[`DisableBuiltinPDFViewer`](#disablebuiltinpdfviewer)** | Disable the built in PDF viewer.
+| **[`DisableDefaultBrowserAgent`](#disabledefaultbrowseragent)** | Prevent the default browser agent from taking any actions (Windows only).
| **[`DisableDeveloperTools`](#disabledevelopertools)** | Remove access to all developer tools.
| **[`DisableFeedbackCommands`](#disablefeedbackcommands)** | Disable the menus for reporting sites.
| **[`DisableFirefoxScreenshots`](#disablefirefoxscreenshots)** | Remove access to Firefox Screenshots.
@@ -31,6 +33,7 @@ Policies can be specified using the Group Policy templates on Windows (https://g
| **[`DisableFormHistory`](#disableformhistory)** | Turn off saving information on web forms and the search bar.
| **[`DisablePocket`](#disablepocket)** | Remove Pocket in the Firefox UI.
| **[`DisablePrivateBrowsing`](#disableprivatebrowsing)** | Remove access to private browsing.
+| **[`DisablePasswordReveal`](#disablepasswordreveal)** | Do not allow passwords to be revealed in saved logins.
| **[`DisableProfileImport`](#disableprofileimport)** | Disables the "Import data from another browser" option in the bookmarks window.
| **[`DisableProfileRefresh`](#disableprofilerefresh)** | Disable the Refresh Firefox button on about:support and support.mozilla.org
| **[`DisableSafeMode`](#disablesafemode)** | Disable safe mode within the browser.
@@ -83,8 +86,51 @@ Policies can be specified using the Group Policy templates on Windows (https://g
| **[`SSLVersionMax`](#sslversionmax)** | Set and lock the maximum version of TLS.
| **[`SSLVersionMin`](#sslversionmin)** | Set and lock the minimum version of TLS.
| **[`SupportMenu`](#supportmenu)** | Add a menuitem to the help menu for specifying support information.
+| **[`UserMessaging`](#usermessaging)** | Don't show certain messages to the user.
| **[`WebsiteFilter`](#websitefilter)** | Block websites from being visited.
+### AppAutoUpdate
+
+Enable or disable **automatic** application update.
+
+If set to true, application updates are installed without user approval.
+
+If set to false, application updates are downloaded but the user can choose when to install the update.
+
+If you have disabled updates via DisableAppUpdate, this policy has no effect.
+
+**Compatibility:** Firefox 75, Firefox ESR 68.7\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** app.update.auto
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\AppAutoUpdate = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/AppAutoUpdate
+```
+Value (string):
+```
+ or
+```
+#### macOS
+```
+
+ AppAutoUpdate
+ |
+
+```
+#### policies.json
+```
+{
+ "policies": {
+ "AppAutoUpdate": true | false
+ }
+}
+```
### AppUpdateURL
Change the URL for application update.
@@ -97,6 +143,16 @@ Change the URL for application update.
```
Software\Policies\Mozilla\Firefox\AppUpdateURL = "https://yoursite.com"
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/AppUpdateURL
+```
+Value (string):
+```
+
+
+```
#### macOS
```
@@ -136,6 +192,58 @@ Software\Policies\Mozilla\Firefox\Authentication\AllowProxies\SPNEGO = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\Authentication\AllowProxies\NTLM = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\Authentication\Locked = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Authentication/Authentication_SPNEGO
+```
+Value (string):
+```
+
+
+
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Authentication/Authentication_Delegated
+```
+Value (string):
+```
+
+
+
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Authentication/Authentication_NTLM
+```
+Value (string):
+```
+
+
+
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Authentication/Authentication_AllowNonFQDN
+```
+Value (string):
+```
+
+
+
+
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Homepage/HomepageStartPage
+```
+Value (string):
+```
+
+
+
+```
#### macOS
```
@@ -208,6 +316,15 @@ Block access to the Add-ons Manager (about:addons).
```
Software\Policies\Mozilla\Firefox\BlockAboutAddons = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/BlockAboutAddons
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -235,6 +352,15 @@ Block access to about:config.
```
Software\Policies\Mozilla\Firefox\BlockAboutConfig = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/BlockAboutConfig
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -262,6 +388,15 @@ Block access to About Profiles (about:profiles).
```
Software\Policies\Mozilla\Firefox\BlockAboutProfiles = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/BlockAboutProfiles
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -289,6 +424,15 @@ Block access to Troubleshooting Information (about:support).
```
Software\Policies\Mozilla\Firefox\BlockAboutSupport = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/BlockAboutSupport
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -320,6 +464,20 @@ Software\Policies\Mozilla\Firefox\Bookmarks\1\Favicon = "https://example.com/fav
Software\Policies\Mozilla\Firefox\Bookmarks\1\Placement = "toolbar" | "menu"
Software\Policies\Mozilla\Firefox\Bookmarks\1\Folder = "FolderName"
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Bookmarks/Bookmark01
+```
+Value (string):
+```
+
+
+
+
+
+
+```
#### macOS
```
@@ -367,6 +525,15 @@ Enable or disable the detection of captive portals.
```
Software\Policies\Mozilla\Firefox\CaptivePortal = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/CaptivePortal
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -398,6 +565,15 @@ See https://support.mozilla.org/kb/setting-certificate-authorities-firefox for m
```
Software\Policies\Mozilla\Firefox\Certificates\ImportEnterpriseRoots = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Certificates/Certificates_ImportEnterpriseRoots
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -450,6 +626,16 @@ Binary (DER) and ASCII (PEM) certificates are both supported.
Software\Policies\Mozilla\Firefox\Certificates\Install\1 = "cert1.der"
Software\Policies\Mozilla\Firefox\Certificates\Install\2 = "C:\Users\username\cert2.pem"
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Certificates/Certificates_Install
+```
+Value (string):
+```
+
+
+```
#### macOS
```
@@ -499,11 +685,71 @@ Configure cookie preferences.
Software\Policies\Mozilla\Firefox\Cookies\Allow\1 = "https://example.com"
Software\Policies\Mozilla\Firefox\Cookies\Block\1 = "https://example.org"
Software\Policies\Mozilla\Firefox\Cookies\Default = 0x1 | 0x0
-Software\Policies\Mozilla\Firefox\Cookies\AcceptThirdParty = "always" | "never" |"from-visited"
+Software\Policies\Mozilla\Firefox\Cookies\AcceptThirdParty = "always" | "never" | "from-visited"
Software\Policies\Mozilla\Firefox\Cookies\ExpireAtSessionEnd = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\Cookies\RejectTracker = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\Cookies\Locked = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_Allow
+```
+Value (string):
+```
+
+
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_Block
+```
+Value (string):
+```
+
+
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_Default
+```
+Value (string):
+```
+ or
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_AcceptThirdParty
+```
+Value (string):
+```
+
+
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_ExpireAtSessionEnd
+```
+Value (string):
+```
+ or
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_RejectTracker
+```
+Value (string):
+```
+ or
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_Locked
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -557,7 +803,15 @@ Remove the "Set As Desktop Background..." menuitem when right clicking on an ima
```
Software\Policies\Mozilla\Firefox\DisableSetDesktopBackground = 0x1 | 0x0
```
-
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableSetDesktopBackground
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -584,7 +838,15 @@ Remove the master password functionality.
```
Software\Policies\Mozilla\Firefox\DisableMasterPasswordCreation = 0x1 | 0x0
```
-
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableMasterPasswordCreation
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -611,6 +873,15 @@ Turn off application updates.
```
Software\Policies\Mozilla\Firefox\DisableAppUpdate = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableAppUpdate
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -637,7 +908,15 @@ Disable the built in PDF viewer. PDF files are downloaded and sent externally.
```
Software\Policies\Mozilla\Firefox\DisableBuiltinPDFViewer = 0x1 | 0x0
```
-
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableBuiltinPDFViewer
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -653,6 +932,34 @@ Software\Policies\Mozilla\Firefox\DisableBuiltinPDFViewer = 0x1 | 0x0
}
}
```
+### DisableDefaultBrowserAgent
+Prevent the default browser agent from taking any actions. Only applicable to Windows; other platforms donât have the agent.
+
+**Compatibility:** Firefox 75, Firefox ESR 68.7 (Windows only)\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableDefaultBrowserAgent = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableDefaultBrowserAgent
+```
+Value (string):
+```
+ or
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableDefaultBrowserAgent": true | false
+ }
+}
+```
### DisableDeveloperTools
Remove access to all developer tools.
@@ -664,7 +971,15 @@ Remove access to all developer tools.
```
Software\Policies\Mozilla\Firefox\DisableDeveloperTools = 0x1 | 0x0`
```
-
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableDeveloperTools
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -691,6 +1006,15 @@ Disable the menus for reporting sites (Submit Feedback, Report Deceptive Site).
```
Software\Policies\Mozilla\Firefox\DisableFeedbackCommands = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableFeedbackCommands
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -717,6 +1041,15 @@ Remove access to Firefox Screenshots.
```
Software\Policies\Mozilla\Firefox\DisableFirefoxScreenshots = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableFirefoxScreenshots
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -743,6 +1076,15 @@ Disable Firefox Accounts integration (Sync).
```
Software\Policies\Mozilla\Firefox\DisableFirefoxAccounts = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableFirefoxAccounts
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -769,6 +1111,15 @@ Disable Firefox studies (Shield).
```
Software\Policies\Mozilla\Firefox\DisableFirefoxStudies = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableFirefoxStudies
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -795,6 +1146,15 @@ Disable the "Forget" button.
```
Software\Policies\Mozilla\Firefox\DisableForgetButton = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableForgetButton
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -821,6 +1181,15 @@ Turn off saving information on web forms and the search bar.
```
Software\Policies\Mozilla\Firefox\DisableFormHistory = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableFormHistory
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -847,7 +1216,15 @@ Do not allow passwords to be shown in saved logins
```
Software\Policies\Mozilla\Firefox\DisablePasswordReveal = 0x1 | 0x0
```
-
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisablePasswordReveal
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -874,6 +1251,15 @@ Remove Pocket in the Firefox UI. It does not remove it from the new tab page.
```
Software\Policies\Mozilla\Firefox\DisablePocket = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisablePocket
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -900,6 +1286,15 @@ Remove access to private browsing.
```
Software\Policies\Mozilla\Firefox\DisablePrivateBrowsing = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisablePrivateBrowsing
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -926,6 +1321,15 @@ Disables the "Import data from another browser" option in the bookmarks window.
```
Software\Policies\Mozilla\Firefox\DisableProfileImport = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableProfileImport
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -952,6 +1356,15 @@ Disable the Refresh Firefox button on about:support and support.mozilla.org, as
```
Software\Policies\Mozilla\Firefox\DisableProfileRefresh = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableProfileRefresh
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -980,6 +1393,15 @@ On Windows, this disables safe mode via the command line as well.
```
Software\Policies\Mozilla\Firefox\DisableSafeMode = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableSafeMode
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -1011,6 +1433,24 @@ Prevent the user from bypassing security in certain cases.
Software\Policies\Mozilla\Firefox\DisableSecurityBypass\InvalidCertificate = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\DisableSecurityBypass\SafeBrowsing = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/P_DisableSecurityBypass_InvalidCertificate
+```
+Value (string):
+```
+ or
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/P_DisableSecurityBypass_SafeBrowsing
+```
+Value (string):
+```
+ or
+```
+
#### macOS
```
@@ -1042,7 +1482,17 @@ Prevent system add-ons from being installed or update.
**Preferences Affected:** N/A
#### Windows (GPO)
-```Software\Policies\Mozilla\Firefox\DisableSystemAddonUpdate = 0x1 | 0x0
+```
+Software\Policies\Mozilla\Firefox\DisableSystemAddonUpdate = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableSystemAddonUpdate
+```
+Value (string):
+```
+ or
```
#### macOS
```
@@ -1072,6 +1522,15 @@ Mozilla recommends that you do not disable telemetry. Information collected thro
```
Software\Policies\Mozilla\Firefox\DisableTelemetry = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableTelemetry
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -1098,6 +1557,15 @@ Set the initial state of the bookmarks toolbar. A user can still hide it and it
```
Software\Policies\Mozilla\Firefox\DisplayBookmarksToolbar = 0x1 | 0x0
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisplayBookmarksToolbar
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -1158,6 +1626,16 @@ Set the state of the menubar.
```
Software\Policies\Mozilla\Firefox\DisplayMenuBar = "always", "never", "default-on", "default-off"
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisplayMenuBar_Enum
+```
+Value (string):
+```
+
+
+```
#### macOS
```
@@ -1182,7 +1660,9 @@ Configure DNS over HTTPS.
`Locked` prevents the user from changing DNS over HTTPS preferences.
-**Compatibility:** Firefox 63, Firefox ESR 68\
+`ExcludedDomains` excludes domains from DNS over HTTPS.
+
+**Compatibility:** Firefox 63, Firefox ESR 68 (ExcludedDomains added in 75/68.7)\
**CCK2 Equivalent:** N/A\
**Preferences Affected:** `network.trr.mode`,`network.trr.uri`
@@ -1191,6 +1671,7 @@ Configure DNS over HTTPS.
Software\Policies\Mozilla\Firefox\DNSOverHTTPS\Enabled = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\DNSOverHTTPS\ProviderURL = "URL_TO_ALTERNATE_PROVIDER"
Software\Policies\Mozilla\Firefox\DNSOverHTTPS\Locked = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\DNSOverHTTPS\ExcludedDomains\1 = "example.com"
```
#### macOS
```
@@ -1203,6 +1684,10 @@ Software\Policies\Mozilla\Firefox\DNSOverHTTPS\Locked = 0x1 | 0x0
URL_TO_ALTERNATE_PROVIDER
Locked
|
+ ExcludedDomains
+
+ example.com
+
```
@@ -1213,7 +1698,8 @@ Software\Policies\Mozilla\Firefox\DNSOverHTTPS\Locked = 0x1 | 0x0
"DNSOverHTTPS": {
"Enabled": true | false,
"ProviderURL": "URL_TO_ALTERNATE_PROVIDER",
- "Locked": true | false
+ "Locked": true | false,
+ "ExcludedDomains": ["example.com"]
}
}
}
@@ -1710,6 +2196,38 @@ Software\Policies\Mozilla\Firefox\Homepage\Additional\1 = "https://example.org"
Software\Policies\Mozilla\Firefox\Homepage\Additional\2 = "https://example.edu"
Software\Policies\Mozilla\Firefox\Homepage\StartPage = "none" | "homepage" | "previous-session"
```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Homepage/HomepageURL
+```
+Value (string):
+```
+
+
+
+
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Homepage/HomepageAdditional
+```
+Value (string):
+```
+
+
+
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Homepage/HomepageStartPage
+```
+Value (string):
+```
+
+
+
+```
#### macOS
```
@@ -2020,7 +2538,7 @@ Remove access to the password manager via preferences and blocks about:logins on
**Compatibility:** Firefox 70, Firefox ESR 60.2\
**CCK2 Equivalent:** N/A\
-**Preferences Affected:** `prefs.privacy.disable_button.view_passwords`
+**Preferences Affected:** `pref.privacy.disable_button.view_passwords`
#### Windows (GPO)
```
@@ -2042,7 +2560,7 @@ Software\Policies\Mozilla\Firefox\PasswordManagerEnabled = 0x1 | 0x0
}
```
### Permissions
-Set permissions associated with camera, microphone, location, and notifications. Because these are origins, not domains, entries with unique ports must be specified separately. See examples below.
+Set permissions associated with camera, microphone, location, notifications, and autoplay. Because these are origins, not domains, entries with unique ports must be specified separately. See examples below.
`Allow` is a list of origins where the feature is allowed.
@@ -2052,7 +2570,7 @@ Set permissions associated with camera, microphone, location, and notifications.
`Locked` prevents the user from changing preferences for the feature.
-**Compatibility:** Firefox 62, Firefox ESR 60.2\
+**Compatibility:** Firefox 62, Firefox ESR 60.2 (Autoplay added in Firefox 74, Firefox ESR 68.6\
**CCK2 Equivalent:** N/A\
**Preferences Affected:** `permissions.default.camera`,`permissions.default.microphone`,`permissions.default.geo`,`permissions.default.desktop-notification`
@@ -2075,6 +2593,8 @@ Software\Policies\Mozilla\Firefox\Permissions\Notifications\Allow\1 = "https://e
Software\Policies\Mozilla\Firefox\Permissions\Notifications\Block\1 = "https://example.edu"
Software\Policies\Mozilla\Firefox\Permissions\Notifications\BlockNewRequests = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\Permissions\Notifications\Locked = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Permissions\Autoplay\Allow\1 = "https://example.org"
+Software\Policies\Mozilla\Firefox\Permissions\Autoplay\Block\1 = "https://example.edu"
```
#### macOS
```
@@ -2142,6 +2662,17 @@ Software\Policies\Mozilla\Firefox\Permissions\Notifications\Locked = 0x1 | 0x0
Locked
+ Autoplay
+
+ Allow
+
+ https://example.org
+
+ Block
+
+ https://example.edu
+
+
```
@@ -2173,6 +2704,10 @@ Software\Policies\Mozilla\Firefox\Permissions\Notifications\Locked = 0x1 | 0x0
"Block": ["https://example.edu"],
"BlockNewRequests": true | false,
"Locked": true | false
+ },
+ "Autoplay": {
+ "Allow": ["https://example.org"],
+ "Block": ["https://example.edu"]
}
}
}
@@ -2239,7 +2774,7 @@ Set and lock certain preferences.
| --- | --- | --- | ---
| accessibility.force_disabled | integer | Firefox 70, Firefox ESR 68.2 | 0
| If set to 1, platform accessibility is disabled.
-| app.update.auto | boolean | Firefox 68, Firefox ESR 68 | true
+| app.update.auto (Deprecated - Switch to AppAutoUpdate policy) | boolean | Firefox 68, Firefox ESR 68 | true
| If false, Firefox doesn't automatically install update.
| browser.bookmarks.autoExportHTML | boolean | Firefox 70, Firefox ESR 68.2 | false
| If true, bookmarks are exported on shutdown.
@@ -2368,7 +2903,7 @@ Software\Policies\Mozilla\Firefox\Preferences\string_preference_name = "string_v
Ask where to save each file before downloading.
**Compatibility:** Firefox 68, Firefox ESR 68\
-**CCK2 Equivalent:** N/A
+**CCK2 Equivalent:** N/A\
**Preferences Affected:** `browser.download.useDownloadDir`
#### Windows (GPO)
@@ -2541,6 +3076,8 @@ or
}
}
```
+
+
### SanitizeOnShutdown (Selective)
Clear data on shutdown. Choose from Cache, Cookies, Download History, Form & Search History, Browsing History, Active Logins, Site Preferences and Offline Website Data.
@@ -2657,10 +3194,7 @@ Software\Policies\Mozilla\Firefox\SearchBar = "unified" | "separate"
}
}
```
-
-
-
-
+
### SearchEngines (This policy is only available on the ESR.)
@@ -3003,6 +3537,58 @@ Software\Policies\Mozilla\Firefox\SupportMenu\AccessKey = "S"
}
}
```
+### UserMessaging
+
+Prevent installing search engines from webpages.
+
+`WhatsNew` Remove the "What's New" icon and menuitem. (Firefox 75 only)
+
+`ExtensionRecommendations` Don't recommend extensions.
+
+`FeatureRecommendations` Don't recommend browser features.
+
+`UrlbarInterventions` Don't offer Firefox specific suggestions in the URL bar. (Firefox 75 only)
+
+**Compatibility:** Firefox 75, Firefox ESR 68.7\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.messaging-system.whatsNewPanel.enabled`,`browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons`,`browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\UserMessaging\WhatsNew = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\UserMessaging\ExtensionRecommendations = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\UserMessaging\FeatureRecommendations = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\UserMessaging\UrlbarInterventions = 0x1 | 0x0
+```
+#### macOS
+```
+
+ UserMessaging
+
+ WhatsNew
+ |
+ ExtensionRecommendations
+ |
+ FeatureRecommendations
+ |
+ UrlbarInterventions
+ |
+
+
+```
+#### policies.json
+```
+{
+ "policies": {
+ "UserMessaging": {
+ "WhatsNew": true | false,
+ "ExtensionRecommendations": true | false,
+ "FeatureRecommendations": true | false,
+ "UrlbarInterventions": true | false
+ }
+ }
+}
+```
### WebsiteFilter
Block websites from being visited. The parameters take an array of Match Patterns, as documented in https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Match_patterns. Only http/https addresses are supported at the moment. The arrays are limited to 1000 entries each.
@@ -3012,8 +3598,8 @@ Block websites from being visited. The parameters take an array of Match Pattern
#### Windows (GPO)
```
-Software\Policies\Mozilla\Firefox\WebsiteFilters\Block\1 = ""
-Software\Policies\Mozilla\Firefox\WebsiteFilters\Exceptions\1 = "http://example.org/*"
+Software\Policies\Mozilla\Firefox\WebsiteFilter\Block\1 = ""
+Software\Policies\Mozilla\Firefox\WebsiteFilter\Exceptions\1 = "http://example.org/*"
```
#### macOS
```