firefox.adm + Firefox 5.0.1 + Group Policy for SSO
I am new to using the firefox.adm template, so I apologize in advance for any dumb questions.
We have a Microsoft Active Directory domain where some users have Firefox on their systems. We have existing Firefox policies that used the following templates: firefoxdefaults and firefoxlock. These existing GPOs did stuff like set the homepage and other simple things like that. They worked fine.
We are implementing some Single Sign-On (SSO) stuff and to do so you have to set the following settings in Firefox to true: network.negotiate-auth.delegation-uris and network.negotiate-auth.trusted-uris.
So I added the firefox.adm template to the GPO and then set the Computer Configuration\Policies\Administrative Templates\Mozilla Firefox/Default Settings/Mozilla Advanced Options/networkshow settings as needed. Applied the GPO and the registry keys at HKLM\SOFTWARE\Policies\Mozilla\lockPref are now set with our domain on the affected desktops. However when I go to about:config from within Firefox, the network.negotiate-auth.delegation-uris and network.negotiate-auth.trusted-uris settings do not have this setting.
What are we doing wrong? Thanks for any help.
We have a Microsoft Active Directory domain where some users have Firefox on their systems. We have existing Firefox policies that used the following templates: firefoxdefaults and firefoxlock. These existing GPOs did stuff like set the homepage and other simple things like that. They worked fine.
We are implementing some Single Sign-On (SSO) stuff and to do so you have to set the following settings in Firefox to true: network.negotiate-auth.delegation-uris and network.negotiate-auth.trusted-uris.
So I added the firefox.adm template to the GPO and then set the Computer Configuration\Policies\Administrative Templates\Mozilla Firefox/Default Settings/Mozilla Advanced Options/networkshow settings as needed. Applied the GPO and the registry keys at HKLM\SOFTWARE\Policies\Mozilla\lockPref are now set with our domain on the affected desktops. However when I go to about:config from within Firefox, the network.negotiate-auth.delegation-uris and network.negotiate-auth.trusted-uris settings do not have this setting.
What are we doing wrong? Thanks for any help.
Re: firefox.adm + Firefox 5.0.1 + Group Policy for SSO
Have you run the Group Policy Results Wizard against a machine that is supposed to have the policy?
- DraconPern
- Site Admin
- Posts:1218
- Joined:Thu Oct 30, 2003 11:47 pm
- Location:Texas
- Contact:
Re: firefox.adm + Firefox 5.0.1 + Group Policy for SSO
Did you mean Firefox 15.0.1 or 5.0.1?
FrontMotion Lead Developer
Re: firefox.adm + Firefox 5.0.1 + Group Policy for SSO
Mozilla Firefox 5.0.1, not 15.0.1. Yes, I know it's a very old version, but it's our current corporate build.DraconPern wrote:Did you mean Firefox 15.0.1 or 5.0.1?
Re: firefox.adm + Firefox 5.0.1 + Group Policy for SSO
Yes, I've run RSOP against the workstation, and it is indeed receiving the correct GPO. The GPO shows "Firefox Computer Policy" as applying. Additionally, the "Mozilla Firefox/Locked Settings/Mozilla Advanced Options/network" has both network.negotiate-auth.delegation-uris and network.negotiate-auth.trusted-uris set to enabled, and the winning GPO listed as Firefox Computer Policy. All this is as expected, since the the registry keys that this GPO sets (HKLM\SOFTWARE\Policies\Mozilla\lockPref) are set to enabled with our domain listed.Curtis wrote:Have you run the Group Policy Results Wizard against a machine that is supposed to have the policy?
The GPO is working, but Firefox is not getting the updated settings. When I go to about:config the settings are not showing up. This is the problem.
Re: firefox.adm + Firefox 5.0.1 + Group Policy for SSO
So nobody has any ideas on this one?
Re: firefox.adm + Firefox 5.0.1 + Group Policy for SSO
Try using FrontMotion CE 20. If it works then maybe those policies weren't supported way back in mid 2011.
Re: firefox.adm + Firefox 5.0.1 + Group Policy for SSO
Just thought I would update with what fixed the problem. I updated to our latest corporate approved build of 8.0.1 and the settings are now showing as they should. So it looks like the Firefox adm that we were using did not support the older version.
- DraconPern
- Site Admin
- Posts:1218
- Joined:Thu Oct 30, 2003 11:47 pm
- Location:Texas
- Contact:
Re: firefox.adm + Firefox 5.0.1 + Group Policy for SSO
Ah, there wasn't a CE version for 5.0.1. The first one was 8.0.1.
FrontMotion Lead Developer