搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Configurer MF with Intune MDM (admx/ OMA-URI)

  • 9 个回答
  • 3 人有此问题
  • 1 次查看
  • 最后回复者为 Mike Kaply

more options

Hi, In my compagny, we want to configure MF with Intune MDM. Unfortunately, we have some problem to set the homepage. We use the last version of MF and admx file but we get an error when we set up the parameters.

Hi, In my compagny, we want to configure MF with Intune MDM. Unfortunately, we have some problem to set the homepage. We use the last version of MF and admx file but we get an error when we set up the parameters.
已附加屏幕截图

被采纳的解决方案

I have an answer for you!

OMA URI is:

./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Homepage/HomepageURL

(assuming you used ./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/Firefox/Policy/FirefoxAdmx as the OMA-URI when importing the ADMX file)

Set the value to string and enter:

<enabled/>

<data id="HomepageURL" value="https://www.mozilla.org"/> and optionally <data id="HomepageLocked" value="true"/>

Now that I know how all of this works, I'll be working on Intune documentation.

定位到答案原位置 👍 0

所有回复 (9)

more options

Any news about this problem ?

more options

What errror specifically? Did you put the protocol in front of the homepage?

http://homepage.com

Is there an error on about:policies?

more options

Hello,

Yes we put the protocol in front of the homepage example : <data id="URL" value="https://domain.com/default.aspx/" />

We have the error "0x87d1fde8" in Intune MDM (it's the common error for bad OMA-URI settings).

We havn't this policies on "about:policies" (because Intune get an error when it tries to apply it).

由MattD于修改

more options

Just wanted to let you know I'm trying to get an account to test/debug this.

more options

选择的解决方案

I have an answer for you!

OMA URI is:

./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Homepage/HomepageURL

(assuming you used ./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/Firefox/Policy/FirefoxAdmx as the OMA-URI when importing the ADMX file)

Set the value to string and enter:

<enabled/>

<data id="HomepageURL" value="https://www.mozilla.org"/> and optionally <data id="HomepageLocked" value="true"/>

Now that I know how all of this works, I'll be working on Intune documentation.

more options

Hi Everyone,

I'm trying to configure an addon whitelist for firefox in my organization and having trouble translating from GPO format (json) to the value format (SyncML data).

According to the firefox policy documentation this can be done using the https://github.com/mozilla/policy-templates#extensionsettings policy which specifies an example windows GPO json:

Software\Policies\Mozilla\Firefox\ExtensionSettings (REG_MULTI_SZ) = {

 "*": {
   "blocked_install_message": "Custom error message.",
   "install_sources": ["https://addons.mozilla.org/"],
   "installation_mode": "blocked",
   "allowed_types": ["extension"]
 },
 "uBlock0@raymondhill.net": {
   "installation_mode": "force_installed",
   "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"
 }

}

Now looking in the ADMX I find:

<policy name="ExtensionSettings" class="Both" displayName="$(string.ExtensionSettings)" key="Software\Policies\Mozilla\Firefox" explainText="$(string.ExtensionSettings_Explain)" presentation="$(presentation.ExtensionSettings)">">

     <parentCategory ref="Extensions"/>
     <supportedOn ref="SUPPORTED_FF69"/>
     <elements>
       <multiText id="ExtensionSettings" valueName="ExtensionSettings"  maxLength="2048"/>
     </elements>
   </policy>

from which I understand that I need to specify a data element with the id ExtensionSetting in Intune. Something like this:

<data id="ExtensionSettings" value="*cfhdojbkjhnklbpkdaibdccddilifddb2ndjpnladcallmjemlbaebfadecfhkepb"/>

The problem is I have no idea how to specify a dictionary within the value property as described in the dicumentation (https://github.com/mozilla/policy-templates#extensionsettings) "The configuration for each extension is another dictionary that can contain the fields documented below."

How can I transform the GPO json to XML that I can enter as the value for this policy setting?

more options

You should just do a string value and put the JSON in the string value as you indicated.

The dictionary terminology is only referring to the JSON syntax.

I'm in the process of creating Intune documentation for all this and should have something soon.

more options

Mike Kaply said

You should just do a string value and put the JSON in the string value as you indicated. The dictionary terminology is only referring to the JSON syntax. I'm in the process of creating Intune documentation for all this and should have something soon.

That would be awesome. This is what the sring value for ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~extensions/ExtensionSettings looks like now:

<data id="ExtensionSettings" value=""*": {

   "blocked_install_message": "Contact IT for extension installation.",
   "installation_mode": "blocked",
 },
 "ced9def2-2d86-4a1b-a9eb-29e2f3c9eb48": {
   "installation_mode": "allowed",
   "install_url": "https://addons.mozilla.org/firefox/downloads/file/3465376/adblock_pro-2.0.3-an+fx.xpi"
 }"/>

I'm also trying to set a few policies but all of them are failing. The only thing that Intune is successfully deploying is the ADMX itself ./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/MozillaFirefox/Policy/FirefoxADMX

The other plolicies are:

Preventing application updated from being disabled: ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableAppUpdate

string value: <disabled/>

Forcing extension updates: ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~extensions/ExtensionUpdate

string value: <enabled/>

Not sure why they'd be failing to deploy.

more options

So if you search on intune here:

https://github.com/mozilla/policy-templates/blob/intune/README.md

You'll see a few of the oma values I've started putting together.

I'm betting your extensionSettings problem is related to the double quotes? I'll try to get some testing done on this.