Jamf Nation Community

Except the folder inside the Profiles directory that you mention: "a4bzd5bm.default"
thats a salted name that is randomly generated. It will be different in each users home directory, unless you are pushing it out via the system user template.

I looked in the CCK2, I don't think you can set those settings there, that would be the place to do it though. But perhaps you manually update the autoconfig files after creating them with the CCK and then deploy it that way.

@cervegnano What you need to do is the following.

Step 1) Open up applications folder and go to the Firefox.app and right click "show contents'
Step 2) create the file: /Applications/Firefox.app/Contents/Resources/defaults/pref/all.js
Step 3) inside of the folder you want add the following:

// MyOrganization additions
pref("general.config.obscure_value", 0);
pref("general.config.filename", "firefox.cfg");

Step 4) Inside of /Applications/Firefox.app/Contents/Resources/ create firefox.cfg or whatever you named the file in the all.js you created.

Step 5) Inside of the firefox.cfg file, you will want to create a structure simpler to the following:(*Note: I have chose to use lockpref as it will lock the preference from the user being able to change it in about:config, if you do not use lock in front of pref, the user can still change it)

// This file sets some lockPrefs for use at MyOrganization
// and locks down some other lockPrefs.
// set proxy config
pref("network.proxy.autoconfig_url", "http://www.myorg.org/auto.proxy");
pref("network.proxy.type", 2);
// disable application updates
lockPref("app.update.enabled", false);
lockPref("app.update.autoUpdateEnabled", false);
lockPref("extensions.update.enabled", false);
lockPref("extensions.update.autoUpdate", false);
lockPref("browser.search.update", false);
// disable default browser check
lockPref("browser.shell.checkDefaultBrowser", false);
lockPref("accessibility.typeaheadfind.flashBar", 0);
lockPref("app.update.auto", false);
lockPref("app.update.enabled", false);
lockPref("app.update.lastUpdateTime.addon-background-update-timer", 1398797123);
lockPref("app.update.lastUpdateTime.background-update-timer", 1398862645);
lockPref("app.update.lastUpdateTime.blocklist-background-update-timer", 1398797243);
lockPref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1398862395);
lockPref("app.update.lastUpdateTime.datareporting-healthreport-lastDailyCollection", 0);
lockPref("app.update.lastUpdateTime.search-engine-update-timer", 1398862525);
lockPref("browser.bookmarks.restore_default_bookmarks", false);
lockPref("browser.cache.disk.capacity", 358400);
lockPref("browser.cache.disk.smart_size.first_run", false);
lockPref("browser.cache.disk.smart_size.use_old_max", false);
lockPref("browser.cache.disk.smart_size_cached_value", 358400);
lockPref("browser.download.importedFromSqlite", true);
lockPref("browser.migration.version", 22);
lockPref("browser.newtabpage.storageVersion", 1);
lockPref("browser.pagethumbnails.storage_version", 3);
lockPref("browser.places.smartBookmarksVersion", 6);
lockPref("browser.lockPreferences.advanced.selectedTabIndex", 4);
lockPref("browser.rights.3.shown", true);
lockPref("browser.sessionstore.upgradeBackup.latestBuildID", "20140421221237");
lockPref("browser.shell.checkDefaultBrowser", false);
lockPref("browser.slowStartup.averageTime", 1417);
lockPref("browser.slowStartup.samples", 4);
lockPref("browser.startup.homepage_override.buildID", "20140421221237");
lockPref("browser.startup.homepage_override.mstone", "ignore");
lockPref("browser.uitour.whitelist.add.260", "");
lockPref("dom.mozApps.used", true);
lockPref("extensions.blocklist.pingCountTotal", 2);
lockPref("extensions.blocklist.pingCountVersion", -1);
lockPref("extensions.bootstrappedAddons", "{}");
lockPref("extensions.databaseSchema", 16);
lockPref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0");
lockPref("extensions.getAddons.databaseSchema", 5);
lockPref("extensions.hotfix.lastVersion", "20140319.01");
lockPref("extensions.installCache", "[{"name":"app-global","addons":{"{972ce4c6-7e08-4474-a285-3208198ce6fd}":{"descriptor":"/Applications/Firefox.app/Contents/MacOS/browser/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}","mtime":1398978259000,"rdfTime":1398148430000}}}]");
lockPref("extensions.lastAppVersion", "29.0");
lockPref("extensions.lastPlatformVersion", "29.0");
lockPref("extensions.pendingOperations", false);
lockPref("extensions.shownSelectionUI", true);
lockPref("gecko.buildID", "20140421221237");
lockPref("gecko.mstone", "29.0");
lockPref("idle.lastDailyNotification", 1398800539);
lockPref("intl.charsetmenu.browser.cache", "windows-1252, UTF-8");
lockPref("network.cookie.lockPrefsMigrated", true);
lockPref("pdfjs.migrationVersion", 1);
lockPref("pdfjs.previousHandler.alwaysAskBeforeHandling", true);
lockPref("pdfjs.previousHandler.lockPreferredAction", 4);
lockPref("places.database.lastMaintenance", 1398698965);
lockPref("places.history.expiration.transient_current_max_pages", 104858);
lockPref("plugin.disable_full_page_plugin_for_types", "application/pdf");
lockPref("plugin.importedState", true);
lockPref("privacy.sanitize.migrateFx3lockPrefs", true);
lockPref("security.OCSP.enabled", 2);
lockPref("security.OCSP.require", true);
lockPref("services.sync.clients.lastSync", "0");
lockPref("services.sync.clients.lastSyncLocal", "0");
lockPref("services.sync.declinedEngines", "");
lockPref("services.sync.globalScore", 0);
lockPref("services.sync.lastversion", "1.29.0");
lockPref("services.sync.migrated", true);
lockPref("services.sync.nextSync", 0);
lockPref("services.sync.tabs.lastSync", "0");

All settings that are about:config can be managed in here. If you want to make sure the user cannot change the settings, just change the permissions on the file.

Another option that builds on what @GaToRAiD has posted above is to use the CCK 2 tool, developed to help customise Firefox (ideally for education / enterprise environments).

Developer's site: http://mike.kaply.com
Blog Post I've written on using it: http://www.amsys.co.uk/2015/blog/changes-cck-2-usage-firefox-35/#.VON05UK2_fY

Hope that helps!

Darren

@GaToRAiD

Thanks for this. For deployment, did you repackage FF? or where did you place these files?

@daz_wallace For deployment, did you repackage FF? or where did you place these files? for the CCK2, does it cover all settings? I am looking to deploy network.negotiate-auth.allow-non-fqdn

Hey @wmateo

I used @gregneagle's awesome AutoPKG recipe.

Check out some more info here

Hope that helps!

Darren

I scripted the entire process. I ran into an issue where updating it while Firefox was open caused the setting not to save. (although Firefox's text file says it'll be updated the next time the app is closed and restarted.) To get around this, I utilized the jamfhelper pop-up to notify users they need to click "Update" to close Firefox to make the change.

Alternatively, you can have it deploy at login/logoff if you don't want to disrupt the user.

This script will also import the settings into the default Firefox profile so if a new profile is created, the settings will carry over.

#!/bin/bash

## Variables
currentuser=`stat -f "%Su" /dev/console`

## Modify Firefox template so if a new Firefox profile loads, the settings will carry over

if [ ! -e /Applications/Firefox.app ]; then
    echo "Firefox Not Installed"; else
echo "pref("general.config.filename", "firefox.cfg");" >> /Applications/Firefox.app/Contents/Resources/defaults/pref/all.js
echo "pref("general.config.obscure_value", 0);" >> /Applications/Firefox.app/Contents/Resources/defaults/pref/all.js

echo pref("network.automatic-ntlm-auth.trusted-uris", "*TrustedSite.com"); >> /Applications/Firefox.app/Contents/Resources/firefox.cfg
echo pref("network.negotiate-auth.trusted-uris", "*TrustedSite.com"); >> /Applications/Firefox.app/Contents/Resources/firefox.cfg

fi

## Modify Firefox settings 
## Firefox needs to be closed to make the changes

PROCESS=Firefox
number=$(ps aux | grep $PROCESS | wc -l)

if [ $number -ge 2 ]
    then
        echo "Firefox Running. Prompt user to close Firefox to Continue"
        # Prompt to close FireFox

TITLE="Firefox Update Required"
MSG="Click Update button to close Firefox. Update takes 15 seconds and will not restart your computer"

POPUP=`/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -title "$TITLE" -description "$MSG" -button1 "Update" -icon /Library/LC/Logo.icns` 
    if [ "$POPUP" == "0" ]; then
        # CLOSE FIREFOX
        killall "firefox"
        # Update configuration file
echo user_pref("network.automatic-ntlm-auth.trusted-uris", "*TrustedSite.com"); >> /Users/$currentuser/Library/Application Support/Firefox/Profiles/*.default*/prefs.js
echo user_pref("network.negotiate-auth.trusted-uris", "*TrustedSite.com"); >> /Users/$currentuser/Library/Application Support/Firefox/Profiles/*.default*/prefs.js
        # Relaunch Firefox
        open -a Firefox.app
     fi
fi

if [ $number == 1 ]; then
        #Firefox not open. Update configuration file    
echo user_pref("network.automatic-ntlm-auth.trusted-uris", "*TrustedSite.com"); >> /Users/$currentuser/Library/Application Support/Firefox/Profiles/*.default*/prefs.js
echo user_pref("network.negotiate-auth.trusted-uris", "*TrustedSite.com"); >> /Users/$currentuser/Library/Application Support/Firefox/Profiles/*.default*/prefs.js


fi

exit 0