X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/e65189343aadb0423bc848f33d8d04a0a19b4c49..f35869400e9ad155aa0a5a506240623d53e4fe40:/windows/en-US/firefox.adml?ds=inline diff --git a/windows/en-US/firefox.adml b/windows/en-US/firefox.adml index 46199be..c7eda8c 100644 --- a/windows/en-US/firefox.adml +++ b/windows/en-US/firefox.adml @@ -5,7 +5,8 @@ Microsoft Windows XP SP2 or later - Firefox 60 or later + Firefox 60 or later, Firefox 60 ESR or later + Firefox 62 or later, Firefox 60.2 ESR or later Firefox 60 ESR or later Firefox Permissions @@ -22,9 +23,13 @@ Allowed Sites Blocked Sites SPNEGO + URL for Firefox Updates + If this policy is enabled, you can set a URL to an other Updateserver than the default. This could be helpful, if you run your own Update-Server in your Network and the Clients have no direct access to the Internet and the Mozilla Update Server. + +If this policy is disabled or not configured, the default update Url is used. If this policy is enabled, the specified websites are permitted to engage in SPNEGO authentication with the browser. Entries in the list are formatted as mydomain.com or https://myotherdomain.com. -If this policy is disabled or not configured, No websites are permitted to engage in SPNEGO authentication with the browser. +If this policy is disabled or not configured, no websites are permitted to engage in SPNEGO authentication with the browser. For more information, see https://developer.mozilla.org/en-US/docs/Mozilla/Integrated_authentication. Delegated @@ -36,39 +41,44 @@ For more information, see https://developer.mozilla.org/en-US/docs/Mozilla/Integ NTLM If this policy is enabled, the specified websites are trusted to use NTLM authentification. Entries in the list are formatted as mydomain.com or https://myotherdomain.com. -If this policy is disabled or not configured, No websites are trusted to use NTLM authentification. +If this policy is disabled or not configured, no websites are trusted to use NTLM authentification. For more information, see https://developer.mozilla.org/en-US/docs/Mozilla/Integrated_authentication. + Allow Non FQDN + If this policy is enabled, you can always allow SPNEGO or NTLM on non FQDNs (fully qualified domain names). + +If this policy is disabled or not configured, NTLM and SPNEGO are not enabled on non FQDNs. Block Add-ons Manager - If this policy is enabled, the user can not access the Add-ons Manager or about:addons. + If this policy is enabled, the user cannot access the Add-ons Manager or about:addons. If this policy is disabled or not configured, the user can access the Add-ons Manager and about:addons. Block about:config - If this policy is enabled, the user can not access about:config. + If this policy is enabled, the user cannot access about:config. If this policy is disabled or not configured, the user can access about:config. Block about:profiles - If this policy is enabled, the user can not access about:profiles. + If this policy is enabled, the user cannot access about:profiles. If this policy is disabled or not configured, the user can access about:profiles. Block Troubleshooting Information - If this policy is enabled, the user can not access Troubleshooting Information or about:support. + If this policy is enabled, the user cannot access Troubleshooting Information or about:support. If this policy is disabled or not configured, the user can access Troubleshooting Information and about:support. Disable Set Desktop Background - If this policy is enabled, the user can not set an image as their desktop background. + If this policy is enabled, the user cannot set an image as their desktop background. If this policy is disabled or not configured, users can set images as their desktop background. Import Enterprise Roots If this policy is enabled, Firefox will read certificates from the Windows certificate store. If this policy is disabled or not configured, Firefox will not read certificates from the Windows certificate store. + Disable Master Password Creation If this policy is enabled, users cannot create a master password. If this policy is disabled or not configured, users can create a master password. Disable Update - If this policy is enabled, the browser does not receive updates. + If this policy is enabled, the browser does not receive udpates. If this policy is disabled or not configured, the browser receives updates. Disable Built-in PDF Viewer (PDF.js) @@ -130,7 +140,7 @@ If this policy is disabled or not configured, safe mode is allowed. If this policy is disabled or not configured, certificate errors can be overridden. Prevent overriding safe browsing errors - If this policy is enabled, a user can not bypass the warning and visit a harmful site. + If this policy is enabled, a user cannot bypass the warning and visit a harmful site. If this policy is disabled or not configured, a user can choose to visit a harmful site. Disable System Addon Updates @@ -172,7 +182,7 @@ If this policy is disabled or not configured, no extensions are locked. Offer to save logins If this policy is enabled or not configured, Firefox will offer to save website logins and passwords. -If this policy is disabled, firefox will not offer to save website logins and passwords. +If this policy is disabled, Firefox will not offer to save website logins and passwords. If this policy is enabled, pop-up windows are always allowed for the origins indicated. If a top level domain is specified (http://example.org), pop-up windows are allowed for all subdomains as well. If this policy is disabled or not configured, the default pop-up policy is followed. @@ -181,7 +191,7 @@ If this policy is disabled or not configured, the default pop-up policy is follo If this policy is not configured or enabled, popups are not allowed from websites. Do not allow preferences to be changed - If this policy is enabled pop-up preferences cannot be changed by the user. + If this policy is enabled, pop-up preferences cannot be changed by the user. If this policy is disabled or not configured, the user can change their pop-up preferences. If this policy is enabled, add-ons are always allowed for the origins indicated unless add-on install is disabled. If a top level domain is specified (http://example.org), add-ons are allowed for all subdomains as well. @@ -213,13 +223,13 @@ This setting is ignored if this policy is disabled or not configured or if cooki This setting is ignored if this policy is disabled or not configured or if cookies are not allowed. Do not allow preferences to be changed - If this policy is enabled cookie preferences cannot be changed by the user. + If this policy is enabled, cookie preferences cannot be changed by the user. If this policy is disabled or not configured, the user can change their cookie preferences. If this policy is enabled, Flash is activated by default for the origins indicated unless Flash is completely disabled. If a top level domain is specified (http://example.org), Flash is allowed for all subdomains as well. If this policy is disabled or not configured, the default Flash policy is followed. - If this policy is enabled, Flash is blocked for the origins indicated. If a top level domain is specified (http://example.org), Flas is blocked from all subdomains as well. + If this policy is enabled, Flash is blocked for the origins indicated. If a top level domain is specified (http://example.org), Flash is blocked from all subdomains as well. If this policy is disabled or not configured, the default Flash policy is followed. Activate Flash on websites @@ -227,29 +237,29 @@ If this policy is disabled or not configured, the default Flash policy is follow If this policy is disabled, Flash is never activated on websites, even if they are in the specified in the Allow list. -If this policy is not configured Flash, Flash is click to play. +If this policy is not configured, Flash is click to play. Do not allow preferences to be changed - If this policy is enabled Flash preferences cannot be changed by the user. + If this policy is enabled, Flash preferences cannot be changed by the user. If this policy is disabled or not configured, the user can change their Flash preferences. Override the first run page If this policy is enabled, you can specify a URL to be used as the first run page. If you leave the URL blank, no first run page will be shown. -If this policy is disabled or not configured the first run page is displayed. +If this policy is disabled or not configured, the first run page is displayed. Override the upgrade page If this policy is enabled, you can specify a URL to be displayed after Firefox is updated. If you leave the URL blank, no upgrade page will be shown. -If this policy is disabled or not configured the upgrade is displayed. +If this policy is disabled or not configured, the upgrade is displayed. Clear all data when browser is closed If this policy is enabled, all data is cleared when Firefox is closed. This includes Browsing & Download History, Cookies, Active Logins, Cache, Form & Search History, Site Preferences and Offline Website Data. If this policy is disabled or not configured, data is not cleared when the browser is closed. Blocked websites - If this policy is enabled, you can specify match patterns that indicate sites to be blocked. The match patterns are documented at https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Match_patterns. Only http/https accesses are supported at the moment. There is a 1000 entry limit.", + If this policy is enabled, you can specify match patterns that indicate sites to be blocked. The match patterns are documented at https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Match_patterns. Only http/https addresses are supported at the moment. There is a 1000 entry limit. If this policy is disabled or not configured, no websites are blocked. Exceptions to blocked websites - If this policy is enabled, and the website filter is enabled, you can specify match patterns for sites you do not want to block. The match patterns are documented at https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Match_patterns. Only http/https accesses are supported at the moment. There is a 1000 entry limit.", + If this policy is enabled, and the website filter is enabled, you can specify match patterns for sites you do not want to block. The match patterns are documented at https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Match_patterns. Only http/https addresses are supported at the moment. There is a 1000 entry limit. If this policy is disabled or not configured, there are no exceptions to the website filter. Bookmark One @@ -259,7 +269,7 @@ If this policy is disabled or not configured, there are no exceptions to the web Bookmark Five If this policy is enabled, you can configure a bookmark be added to Firefox. Due to a bug, you must select the location. Note that you must specify the bookmarks in order. -If this policy is not configured or disabled, a new bookmark is not added. +If this policy is disabled or not configured, a new bookmark is not added. Toolbar Menu No Default Bookmarks @@ -303,7 +313,7 @@ If this policy is enabled, private browsing is enabled by default in both the br Search bar location If this policy is enabled, you can set whether the search bar is separate from the URL bar. -If this policy is not configured or disabled, new users get a unified search bar, users upgrading from Firefox 56 and below get a separate search bar. +If this policy is disabled or not configured, new users get a unified search bar, users upgrading from Firefox 56 and below get a separate search bar. Search Engine One Search Engine Two Search Engine Three @@ -311,24 +321,28 @@ If this policy is not configured or disabled, new users get a unified search bar Search Engine Five If this policy is enabled, you can configure a search engine to be added to Firefox. Use {searchTerms} to indicate where the search term is placed. Due to a bug, you must select the method (usually GET). Note that you must specify the search engines in order. -If this policy is not configured or disabled, a new search engine is not added. +If this policy is disabled or not configured, a new search engine is not added. Unified Separate GET POST Default Search Engine - If this policy is enabled, you can set type the name of a search engine to be used as the default. + If this policy is enabled, you can set the name of a search engine to be used as the default. -If this policy is not configured or disabled, the Firefox default engine is used. +If this policy is disabled or not configured, the Firefox default engine is used. Prevent Search Engine Installs If this policy is enabled, the user cannot install search engines from web page. -If this policy is not configured or disabled, search engines can be installed from web pages. +If this policy is disabled or not configured, search engines can be installed from web pages. + + Always allow NTLM on non FQDNs + Always allow SPNEGO on non FQDNs +