Manage Firefox with Group Policy
You’ve got Firefox and a large amount of users. How do you set up important, key settings like:
- Home page
- Update behavior
- Javascript behavior
- Encryption settings
- Privacy settings
… and just about every other Firefox setting.
Firefox itself has no native Group Policy support with ADM or ADMX files to control these key settings, what are you going to do? It’s true there are third party companies like Frontmotion which will repackage, modify and “re-sell” Firefox – each and every time an update is created. It’s also true they provide some ADM support with this modified software.
But there’s a better way – a much better way.
When you use PolicyPak and our Pre-configured PolicyPak for Firefox, you get to use the actual, unchanged real and genuine Firefox. You’re NOT using a re-packaged Firefox.
Full Group Policy lockdown and enforcementis available right now for all versions (current and future) of Firefox.It’s a better way to manage Firefox in your enterprise. Watch this video to see exactly how it’s done:
Our solution isn’t a mere “ADM” template, it’s a true Group Policy extension, with powerful management and lockdown capabilities. PolicyPak can deliver, lockdown and revoke Firefox settings – the way you need to using Group Policy.
Our PolicyPak software snaps-in to the Group Policy Editor and mimics the user interface of the Firefox application itself. You can set key settings like Home Page settings, like what is seen here:
'))
And you can manage how Firefox is updated, like what is seen here:
'))
With PolicyPak and the free Pre-Configured PolicyPak for Firefox, you get full control over Firefox, and granular control for each OU or users – using normal Group Policy controls.
Why wouldn’t you use it?
Besides, once you’re using PolicyPak to manage Firefox, you’ll also get to manage all your other enterprise desktop applications the same way:Java, WinZip, Acrobat, and any custom application you have. They’re 100% included – absolutely free.
It’s all included when you’re a PolicyPak Professional customer.
PolicyPak was designed by Group Policy MVP Jeremy Moskowitz – who “wrote the book” on Group Policy, runs GPanswers.com, and lives and breathes Group Policy and enterprise software deployments and desktop lockdown.
When you’re ready to get serious about managing Firefox today, and in the future, PolicyPak is ready for you.
Manage Firefox with Group Policy Video Transcript
Hi, this is Jeremy Moskowitz from PolicyPak Software.Today, we're going to learn how to use the preconfigured FirefoxPolicyPak. The FirefoxPolicyPakin this demonstration is in this ISO, but you might be downloading it separately off of PolicyPak.com. You can see here there's "Firefox." Inside the directory, you'll see the original XML, the source file that we used to create the PolicyPak and the preconfigured Firefox DLL.
This needs to go in "C:\Program Files\PolicyPak\Extensions"or "C:\Program Files (x86)\PolicyPak\Extensions" on 64-bit machines. You see I've already got it there, but this one's a little newer. So I'll go ahead and copy it over here and replace it if it already exists. Now I've got the latest version of Firefox on my machine.
What I'll go ahead and do is I will drill down under my "East Sales Users" here, and I'll "Create a GPO""FireFox Test GPO" here. Right click, go to "Edit..." here. pe down under "PolicyPak/Applications," and we'll go to "New/Application" and there's "Mozilla Firefox."
We'll also go ahead and click on "Tabs" here and, I don't know, just for fun even though these may not be things you really want to do, we'll go ahead and uncheck those checkboxes there as well. Maybe on "Security"we want to definitely "Warn" and "Block" these things.
So with the checkmark and the underline, that means we're delivering that setting. If the setting is underlined and no checkmark, that means we're actually delivering uncheck. So therefore if it is checked, we would be unchecking it. But that's not what we want to do. We want to actually deliver these settings here. So over here we're forcefully unchecking these settings, and over here we're forcefully checking those settings.
Let's go ahead and click "OK" here, and let's go ahead and log on. Now we're logged on to this machine here, but Firefox has never run. BecauseFirefox has never run before on this machine, we can't magically deliver the settings until Firefox has run at least one time. That is the one little trick about Firefox.
We'll go ahead and run Firefox one time here. We'll go ahead and set it as our default browser. You have to hit Alt to get that, by the way. So that's "Alt/Tools/Options." We'll see that the settings are not currently set. We haven't done anything yet here. We'll go ahead and prove that there's nothing set here yet. Go ahead and close this out.
Then we'll run GPUpdate or log off and log back on, getting the latest, greatest policy settings.BecauseFirefox has run before, everything is set up. All the directory structure is in place ready to go. It's changing the files we need changed. Our policy settings are being delivered, and now we can rerun Firefox and see the results.
We'll go to "Alt/T (for Tools)/Options" in Firefox. We'll go to the "General," and there it is. There's "www.test1.com" as we delivered. There's "Tabs." We've blanked all those entries out. Under "Security," we've forcefully checked these things.
If somebody does something they shouldn't do like uncheck those checkboxes or they set this up to "www.notwhatIwanted.com" - if somebody does something they shouldn't do, "OK" and they close this out, you don't even have to run GPUpdate. The very next time Firefox is run, if you go back to "Alt/Tools/Options," you'll see it's reset back to exactly what we want, "www.test1.com," and the settings are exactly how we want them too.
This Pak will work for Firefox 3 and later. That's about it. Quick and easy to use the Firefox Pak. Oh, let's do one more thing. Let's see what happens if the setting no longer applies. We did say to revert this back to the default when it no longer applies. Let's go ahead and check that out. Let's go ahead and close that. We'll have the GPO. We'll right click over it and uncheck "Link Enabled."
We could also if we were so inclined move the guy from sales to marketing and log off and log back on, but I've simply chosen to disable that Group Policy object. Now because that Group Policy object is disabled, the next time Group Policy applies, PolicyPak is going to do some magic and revert those settings back to the default values, the ones that we said. The only one we did say was the homepage.
So we go back to Firefox here. Go to Alt/Tools/Options, we can see it's about:blank, which is the default.Of course, you can always modify the Firefox Pak to your liking. If you don't like our default homepage of about:blank and you want to make it some differenthomepage, you are welcome to use the PolicyPak Design Studio to custom craft your own Firefox Pak based on the source that we provided.
That's it. That's how to use the Firefox PreConfigured Group Policy. I hope that's been informative. We'll see you soon in another video from PolicyPak Software.
Thanks.
