Comments (6)
I'll try to find a good place for this, but for your info:
GPO always wins over policies.json.
Policy always wins over autoconfig.
I ran some tests and documented it here:
It is possible to do what you are asking.
Ship a policies.json with some level of configuration and then GPO will override.
GPO overrides individual policies, not everything, so they can be mixed.
from policy-templates.
@mkaply Do we have a detailed document about it now?
I think we should more extensively document the execution order, capabilities, and scope of impact of various configuration files to help people judge actual priorities.
For example policies
and autoconfig
support unlocking and locking prefs, while user.js
only affects a specific profile
, about:config
has the highest priority during the session but not unless that pref is not locked.
I've seen a list here, but it's far from detailed and official:
Priority
If there are contradictory configurations in different configuration files, the priority of the configuration files is as follows:
policies.json mozilla.cfg autoconfig.js local-settings.js user.js prefs.js
This means that configurations in the policies.json file will take precedence over configurations in the mozilla.cfg file, and so on. Configuration options set through the GUI or about:config page will take precedence over all other configuration files.
We should document everything in more detail to allow administrators to combine different configurations or to help users troubleshoot problems.
from policy-templates.
The only methods that we officially support for enterprise is policies.json and mozilla.cfg.
Anything else is use at your own risk. If you want to research this, feel free, but I won't be able to dedicate any bandwidth to it.
from policy-templates.
Okay, everyone researches and solves the problem on their own, repeating the same labor and getting maybe different answers, that always works for everyone right?
I believe this is what happens with all the "no sharing" and no official documentation, and yes, everyone is free to do everything at their own risk.
Why am I talking nonsense here. Sorry to bother everyone, I won't be back again.
from policy-templates.
There is official documentation for autoconfig and for policies. The other mechanisms have always been "use at your own risk"
I truly appreciate your input, but this is an extremely underfunded project.
from policy-templates.
All the issues I raise to do not asked you to do anything, invest time, energy or fund. But I'm really sorry for making you feel burdened and annoying.
I'll try to find a good place for this
Even with the comments in this issue, I'm just asking questions about your reply above and what I think about it.
You could answer that you never found a good place to add it, so people just need to "take a moment" to look through the issues.
I appreciate you taking the time to respond to my comment but not the question, and I don't think I'm worth your time.
There is official documentation for autoconfig and for policies.
Yes, people just have to figure out on their own all the things that are not covered in the documentation, priorities, order of execution, interactions...
This is a project about configuring Firefox policies. Recording the relationship and impact of other related configuration methods will be of great help to people using this project. This is the original intention of me proposing the idea.
Sorry, we don't have the time or fund to improve the documentation. For anything other than the documentation, you just need to do your own research and bear the risk.
The other mechanisms have always been "use at your own risk"
Maybe that's what's really missing from the documentation - a disclaimer.
from policy-templates.
Related Issues (20)
- EnableTrackingProtection should have an option to whether set it to strict or standard HOT 4
- Several bugs with settings.json HOT 11
- Failed to set `geo.enabled` HOT 3
- Allow configuration for "Enable DNS over HTTPS using:" in gpo
- AutoLaunchProtocolsFromOrigins does not seem to work HOT 3
- GPO Request for ManualAppUpdateOnly HOT 2
- Firefox View HOT 3
- Pin deployed bookmarks to the start of the bookmark toolbar? HOT 3
- Allow installation of Extensions and disabling it but not removing it? HOT 2
- MacOS Settings not reflecting on the devices. HOT 1
- https-only mode and https-only exceptions HOT 11
- Add policies Types for JavaScript/TypeScript project HOT 6
- Bug: DNSOverHTTPS policy ignores other settings when "Locked": true is used. HOT 4
- Remove deprecated keys in example templates? HOT 2
- Add more missing `Preferences` ? HOT 11
- Blocking `about:telemetry` should be set separately out of `DisableTelemetry`? HOT 2
- Dead link in document `Adding policy support to your extension` HOT 3
- GPO Wish: dom.block_download_insecure HOT 4
- `PasswordManagerEnabled` should also hide `Manage Passwords` menu
- About `runOncePerModification` policies HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from policy-templates.