Търсене в помощните статии

Избягвайте измамите при поддръжката. Никога няма да ви помолим да се обадите или изпратите SMS на телефонен номер или да споделите лична информация. Моля, докладвайте подозрителна активност на "Докладване за злоупотреба".

Научете повече

Group Policy Block Extensions

  • 1 отговор
  • 0 имат този проблем
  • 12 изгледи
  • Последен отговор от Mike Kaply

more options

Hello. I have trying to test a GPO this week that will lock down the use of extensions. In summary we are shifting to a complete "deny all/allow by exception format".

As a reference I have been using the below article as my source on how to set this up. https://github.com/mozilla/policy-templates#extensionsettings

After reading through the article the base example they have works flawlessly. I have put this base example below.


{

 "*": {
   "blocked_install_message": "Custom error message.",
   "install_sources": ["https://yourwebsite.com/*"],
   "installation_mode": "blocked",
   "allowed_types": ["extension"]
 },
 "uBlock0@raymondhill.net": {
   "installation_mode": "force_installed",
   "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"
 },
 "https-everywhere@eff.org": {
   "installation_mode": "allowed"
 }

}


The minute I try to change it though the whole thing breaks. For context, I have tried adding 1 password as a forced installed add in, and also try placing it below under allowed. See my example below of the one where I am putting it is allowed. Any idea of what I am doing wrong?


{

 "*": {
   "blocked_install_message": "Custom error message.",
   "install_sources": ["https://yourwebsite.com/*"],
   "installation_mode": "blocked",
   "allowed_types": ["extension"]
 },
 "uBlock0@raymondhill.net": {
   "installation_mode": "force_installed",
   "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"
 },
 "*": {
   "installation_mode": "force_installed",
   "install_url": "https://addons.mozilla.org/firefox/downloads/latest/1password-x-password-manager/latest.xpi"
 }

}

Hello. I have trying to test a GPO this week that will lock down the use of extensions. In summary we are shifting to a complete "deny all/allow by exception format". As a reference I have been using the below article as my source on how to set this up. https://github.com/mozilla/policy-templates#extensionsettings After reading through the article the base example they have works flawlessly. I have put this base example below. { "*": { "blocked_install_message": "Custom error message.", "install_sources": ["https://yourwebsite.com/*"], "installation_mode": "blocked", "allowed_types": ["extension"] }, "uBlock0@raymondhill.net": { "installation_mode": "force_installed", "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi" }, "https-everywhere@eff.org": { "installation_mode": "allowed" } } The minute I try to change it though the whole thing breaks. For context, I have tried adding 1 password as a forced installed add in, and also try placing it below under allowed. See my example below of the one where I am putting it is allowed. Any idea of what I am doing wrong? { "*": { "blocked_install_message": "Custom error message.", "install_sources": ["https://yourwebsite.com/*"], "installation_mode": "blocked", "allowed_types": ["extension"] }, "uBlock0@raymondhill.net": { "installation_mode": "force_installed", "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi" }, "*": { "installation_mode": "force_installed", "install_url": "https://addons.mozilla.org/firefox/downloads/latest/1password-x-password-manager/latest.xpi" } }

Всички отговори (1)

more options

You have two instances of "*". For the second instance, you need to know the ID of that addon.

It's {d634138d-c276-4fc8-924b-40a0ea21d284}

I was able to get that using an addon I built to query IDs:

https://github.com/mkaply/queryamoid/releases

In your "*" section, you can remove install_sources and allowed_types.

install_sources is only needed if you want to allow extensions from another locations. and allowed_types is only needed if you aren't blocking addons and want to allow other things.