X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/8eeb0097159d76bbbdc0dc36d9a6c488a0c10a38..867f28814be78428f3de7f961752819597b7af1e:/README.md diff --git a/README.md b/README.md index c3341ff..e8af2a7 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,3 @@ -**These policies are in active development and so might contain changes that do not work with current versions of Firefox.** - -**You should use the [officially released versions](https://github.com/mozilla/policy-templates/releases) if you are deploying changes.** - Policies can be specified using the [Group Policy templates on Windows](https://github.com/mozilla/policy-templates/tree/master/windows), [Intune on Windows](https://support.mozilla.org/kb/managing-firefox-intune), [configuration profiles on macOS](https://github.com/mozilla/policy-templates/tree/master/mac), or by creating a file called `policies.json`. On Windows, create a directory called `distribution` where the EXE is located and place the file there. On Mac, the file goes into `Firefox.app/Contents/Resources/distribution`. On Linux, the file goes into `firefox/distribution`, where `firefox` is the installation directory for firefox, which varies by distribution or you can specify system-wide policy by placing the file in `/etc/firefox/policies`. | Policy Name | Description @@ -90,10 +86,10 @@ Policies can be specified using the [Group Policy templates on Windows](https:// | **[`SanitizeOnShutdown` (Selective)](#sanitizeonshutdown-selective)** | Clear data on shutdown. | **[`SearchBar`](#searchbar)** | Set whether or not search bar is displayed. | **[`SearchEngines`](#searchengines-this-policy-is-only-available-on-the-esr)** | +| **[`SearchEngines -> Add`](#searchengines--add)** | Add new search engines. | **[`SearchEngines -> Default`](#searchengines--default)** | Set the default search engine. | **[`SearchEngines -> PreventInstalls`](#searchengines--preventinstalls)** | Prevent installing search engines from webpages. | **[`SearchEngines -> Remove`](#searchengines--remove)** | Hide built-in search engines. -| **[`SearchEngines -> Add`](#searchengines--add)** | Add new search engines. | **[`SearchSuggestEnabled`](#searchsuggestenabled)** | Enable search suggestions. | **[`SecurityDevices`](#securitydevices)** | Install PKCS #11 modules. | **[`ShowHomeButton`](#showhomebutton)** | Show the home button on the toolbar. @@ -108,86 +104,86 @@ Policies can be specified using the [Group Policy templates on Windows](https:// Allow WebExtensions to configure policy. For more information, see [Adding policy support to your extension](https://extensionworkshop.com/documentation/enterprise/adding-policy-support-to-your-extension/). -### AppAutoUpdate - -Enable or disable **automatic** application update. +### AllowedDomainsForApps -If set to true, application updates are installed without user approval within Firefox. The operating system might still require approval. +Define domains allowed to access Google Workspace. -If set to false, application updates are downloaded but the user can choose when to install the update. +This policy is based on the [Chrome policy](https://chromeenterprise.google/policies/#AllowedDomainsForApps) of the same name. -If you have disabled updates via `DisableAppUpdate`, this policy has no effect. +If this policy is enabled, users can only access Google Workspace using accounts from the specified domains. If you want to allow Gmail, you can add ```consumer_accounts``` to the list. -**Compatibility:** Firefox 75, Firefox ESR 68.7\ +**Compatibility:** Firefox 89, Firefox ESR 78.11\ **CCK2 Equivalent:** N/A\ -**Preferences Affected:** `app.update.auto` +**Preferences Affected:** N/A #### Windows (GPO) ``` -Software\Policies\Mozilla\Firefox\AppAutoUpdate = 0x1 | 0x0 +Software\Policies\Mozilla\Firefox\AllowedDomainsForApps = "managedfirefox.com,example.com" ``` #### Windows (Intune) OMA-URI: ``` -./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/AppAutoUpdate +./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/AllowedDomainsForApps ``` Value (string): ``` - or + + ``` #### macOS ``` - AppAutoUpdate - | + AllowedDomainsForApps + managedfirefox.com,example.com ``` #### policies.json ``` { "policies": { - "AppAutoUpdate": true | false + "AllowedDomainsForApps": "managedfirefox.com,example.com" } } ``` -### AllowedDomainsForApps +### AppAutoUpdate -Define domains allowed to access Google Workspace. +Enable or disable **automatic** application update. -This policy is based on the [Chrome policy](https://chromeenterprise.google/policies/#AllowedDomainsForApps) of the same name. +If set to true, application updates are installed without user approval within Firefox. The operating system might still require approval. -If this policy is enabled, users can only access Google Workspace using accounts from the specified domains. If you want to allow Gmail, you can add ```consumer_accounts``` to the list. +If set to false, application updates are downloaded but the user can choose when to install the update. -**Compatibility:** Firefox 89, Firefox ESR 78.11\ +If you have disabled updates via `DisableAppUpdate`, this policy has no effect. + +**Compatibility:** Firefox 75, Firefox ESR 68.7\ **CCK2 Equivalent:** N/A\ -**Preferences Affected:** N/A +**Preferences Affected:** `app.update.auto` #### Windows (GPO) ``` -Software\Policies\Mozilla\Firefox\AllowedDomainsForApps = "managedfirefox.com,example.com" +Software\Policies\Mozilla\Firefox\AppAutoUpdate = 0x1 | 0x0 ``` #### Windows (Intune) OMA-URI: ``` -./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/AllowedDomainsForApps +./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/AppAutoUpdate ``` Value (string): ``` - - + or ``` #### macOS ``` - AllowedDomainsForApps - managedfirefox.com,example.com + AppAutoUpdate + | ``` #### policies.json ``` { "policies": { - "AllowedDomainsForApps": "managedfirefox.com,example.com" + "AppAutoUpdate": true | false } } ``` @@ -4229,7 +4225,7 @@ as well as the following security preferences: | security.tls.version.enable-deprecated | boolean | false |     If true, browser will accept TLS 1.0. and TLS 1.1 (Firefox 86, Firefox 78.8). | security.warn_submit_secure_to_insecure | boolean | true -|     If false, no warning is shown when submitting s form from https to http. +|     If false, no warning is shown when submitting a form from https to http.   Using the preference as the key, set the `Value` to the corresponding preference value. @@ -5454,7 +5450,7 @@ Prevent Firefox from messaging the user in certain situations. `ExtensionRecommendations` If false, don't recommend extensions while the user is visiting web pages. -`FeatureRecommendations` IF false, don't recommend browser features. +`FeatureRecommendations` If false, don't recommend browser features. `UrlbarInterventions` If false, Don't offer Firefox specific suggestions in the URL bar.