This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Èròjà atẹ̀lélànà yii ni a ti fi pamọ́ fọ́jọ́ pípẹ́. Jọ̀wọ́ béèrè ìbéèrè titun bí o bá nílò ìrànwọ́.

ImportEnterpriseRoots in policies.json working on most, but not all, windows computers with Firefox ESR 60.n.

  • 4 àwọn èsì
  • 1 ní ìṣòro yìí
  • 1 view
  • Èsì tí ó kẹ́hìn lọ́wọ́ Kenatureg

more options

I am testing using the policies.json file on our Windows 7/10 computers. Most of these computers have Firefox ESR 60.1 (32 bit) at least. The only entry in the json file is ImportEnterpriseRoots and it is set to true. This works fine on most of our computers, including all of my own test computers. The about:config shows security.enterprise_roots.enabled as locked, boolean, and true. However, on some computers, even though the distribution folder has been created and the policies.json file is in that folder the setting is apparently being ignored. The about:config is not showing that the security.enterprise_roots.enabled has been modified. What could be causing this issue? I do not know how to duplicate this issue.

I am testing using the policies.json file on our Windows 7/10 computers. Most of these computers have Firefox ESR 60.1 (32 bit) at least. The only entry in the json file is ImportEnterpriseRoots and it is set to true. This works fine on most of our computers, including all of my own test computers. The about:config shows security.enterprise_roots.enabled as locked, boolean, and true. However, on some computers, even though the distribution folder has been created and the policies.json file is in that folder the setting is apparently being ignored. The about:config is not showing that the security.enterprise_roots.enabled has been modified. What could be causing this issue? I do not know how to duplicate this issue.

Ọ̀nà àbáyọ tí a yàn

The first machine I looked at showed Enterprise Policies as inactive. It turns out that 32 and 64 bit Firefox were installed and 64 bit was the one pointed at by the desktop icon. Our default is 32 bit so I don't know why both were installed. The patch package only runs if it finds 32 bit Firefox. Another machine with the same issue had the same dual install. I will have to have a chat with our deployment group since both of these machines were recently imaged. This ticket can be closed. Not sure if clicking "Solved the problem" from a previous post will erase this reply so I won't attempt it. Thanks.

Ka ìdáhùn ni ìṣètò kíkà 👍 0

All Replies (4)

more options

Can you try this on the machine that is failing?

Go to about:config in the URL bar, right click and select "New->String". Add a string value called "browser.policies.loglevel" and set the value to "debug"

Then restart Firefox.

Open the browser Console (Ctrl+Shift+J) and there should be debug information about policies.

more options

Note that the "Help -> Troubleshooting Information" (about:support) page shows whether policies are active.

  • Enterprise Policies Active
more options

Thanks for the suggestions. Once I am able to get onto one of the failing machines I will give these a try.

more options

Ọ̀nà àbáyọ Tí a Yàn

The first machine I looked at showed Enterprise Policies as inactive. It turns out that 32 and 64 bit Firefox were installed and 64 bit was the one pointed at by the desktop icon. Our default is 32 bit so I don't know why both were installed. The patch package only runs if it finds 32 bit Firefox. Another machine with the same issue had the same dual install. I will have to have a chat with our deployment group since both of these machines were recently imaged. This ticket can be closed. Not sure if clicking "Solved the problem" from a previous post will erase this reply so I won't attempt it. Thanks.