Firefox polices deployments from Intune
Dears, Based on your documentation on https://github.com/mozilla/policy-templates/blob/master/README.md#extensionsettings I am not able to successfully deliver setting to firefox app via Intune OMA-URI. Can you check this on your side and help?
ExtensionSettings [./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/ExtensionSettings] Error -2016281112
Summary
Session ID
68f1c5af4fb3404789cf
Resource ID
Not available
Extension
Microsoft_Intune_DeviceSettings
Content
PolicyReportSettingDetailBlade
Error code
404
Thank you very much
Alle svar (6)
That usually means an XML error. Can you post your value for Extension settings? Or send it to me?
Thank you Mike for replay. I used directly copied setting from your documentation I used copy icon on the corner in your document for eliminate typo from my end.
Windows (Intune) OMA-URI:
./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/ExtensionSettings Value (string):
<enabled/>
<data id="ExtensionSettings" value='
{
"*": { "blocked_install_message": "Custom error message.", "install_sources": ["https://yourwebsite.com/*"], "installation_mode": "blocked", "allowed_types": ["extension"] }, "uBlock0@raymondhill.net": { "installation_mode": "force_installed", "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi" }, "https-everywhere@eff.org": { "installation_mode": "allowed" }
}'/>
Another way how to managed Firefox is implement admx to Intune directly It is documented on this web https://learn.microsoft.com/en-us/mem/intune/configuration/administrative-templates-import-custom
but again there is a issue ( I do not know on MS or Mozilla side) ExtensionSettings has limit of the 1024 characters. and looks like field structure allow another field.
Looks like there is no current way how marred Firefox with Intune.
I have reported this to Microsoft multiple times and they haven't fixed it.
I'm using a REG_MULTI_SZ so in GPO it's a multiline entry field which I think it should be here. They've chosen to do multiple entry fields.
The work around is to put each line of the JSON on it's own line and it should keep adding entry fields.
I'm looking at creating a special entry in the GPO to handle this and you'll have to paste everything as one line (the same as Chrome).
I've verified that adding an extra entry to the GPO for a single line allows this. This will be included in the next policy updates in a couple weeks.
FYI, My new policy templates have a "one line JSON" option.