![]() Next, close and re-open Firefox for the settings to take effect. You should see registry keys created under HKLM/Software/Policies/Mozilla Enable Authentication/NTLM and Authentication/SPNEGO (-uris) and add the following URLs to both settings:Īpply the GPO and run gpupdate. Specops Authentication leverages NTLM and Kerberos. Specops uResetĮnable Authentication/NTLM and add to the URL list. ![]() If you are using a certificate issued by an internal CA, you can also enable the Certificates/Import Enterprise Roots setting (security.enterprise_roots.enabled) so Firefox will automatically use the Trusted Root Certificates from Windows. Specops Password ResetĮnable /Authentication/NTLM and add the address used by your users to access your internal SPR server (this corresponds to the -uris setting in Firefox). ![]() Now you can add settings that will enable Windows integrated authentication. You should now have a Mozilla/Firefox folder in your group policy editor under Computer Configuration/Administrative templates: Unzip the policy-templates.zip file from GitHub and copy the ADMX and ADML files to the appropriate location: If you have a central store, then copy the files to \\domain\sysvol\\policies\policydefinitions, otherwise copy the %windir%\policydefinitions on the machine where you’ll be editing your Firefox GPOs. The Group Policy ADMX templates are available to download from Mozilla’s GitHub page (get at least version 1.0): You will need to install the ESR (Extended Support Release) version of Firefox 60 in order to get full support for GPO settings, as the main release channel of Firefox ignores many of the settings. For customers using Specops uReset, Specops Authentication, or Specops Password Reset, this means you can now set up your Firefox users to take full advantage of integrated Windows authentication in these solutions. Mozilla recently launched Firefox 60, which now includes official support for configuration via Active Directory Group Policies.
0 Comments
Leave a Reply. |