Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

DisableAppUpdate in policies.json doesn't work

  • 4
  • 1 nwere nsogbu anwere nsogbu a
  • 5 views
  • Nzaghachi ikpeazụ nke KRDibble

more options

I am trying to implement a policies.json file in 32-bit Firefox 78.6.1 ESR on Windows 10 Pro 64-bit. With Firefox not running, I have created a distribution folder as follows:

C:\Program Files(x86)\Mozilla Firefox\distribution

The folder contains a policies.json file with the following script:

{

 "policies": {
 "DisableAppUpdate": true
 }

}

There are no Registry settings concerning this on my computer. Although the computer is joined to a domain, there are no Firefox GPOs in place.

When I run Firefox I do not get any error messages. about:support indicates that the Enterprise policies are active. about:policies only lists a certificate policy; DisableAppUpdate does not appear there. in the Options menu I see "Your browser is being managed by your organization" at the top, but in the Firefox Updates section I still have the two items:

Automatically install updates (recommended) Check for updates but let you choose to install them

The second option is checked.

After creating the policies.json file I expected to see nothing in the Firefox Updates section except a message stating updates have been disabled, and I expected to see DisableAppUpdates listed in about:policies.

What am I doing wrong?

Thanks.

I am trying to implement a policies.json file in 32-bit Firefox 78.6.1 ESR on Windows 10 Pro 64-bit. With Firefox not running, I have created a distribution folder as follows: C:\Program Files(x86)\Mozilla Firefox\distribution The folder contains a policies.json file with the following script: { "policies": { "DisableAppUpdate": true } } There are no Registry settings concerning this on my computer. Although the computer is joined to a domain, there are no Firefox GPOs in place. When I run Firefox I do not get any error messages. about:support indicates that the Enterprise policies are active. about:policies only lists a certificate policy; DisableAppUpdate does not appear there. in the Options menu I see "Your browser is being managed by your organization" at the top, but in the Firefox Updates section I still have the two items: Automatically install updates (recommended) Check for updates but let you choose to install them The second option is checked. After creating the policies.json file I expected to see nothing in the Firefox Updates section except a message stating updates have been disabled, and I expected to see DisableAppUpdates listed in about:policies. What am I doing wrong? Thanks.

All Replies (4)

more options

If there is a certificate policy listed, but nothing is present in policies.json then it is likely that there are still GPO rules active.

Did you check GPO on bot HKLM and HKCU ?

You can inspect the Mozilla and Firefox keys with the Windows Registry Editor in HKEY_LOCAL_MACHINE and in HKEY_CURRENT_USER with the Windows Registry Editor to see whether GPO policy rules are active.

  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox\
  • HKEY_CURRENT_USER\SOFTWARE\Policies\Mozilla\Firefox\

Note that the mere presence of the "Mozilla\Firefox\" key is sufficient to make Firefox display this notification, so if you have the Firefox key then remove it and only leave the Mozilla key or remove this key as well if it is empty.

  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox\ =>
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\
more options

Thank you.

HKCU\Software\Policies contains no Mozilla node so we're good there.

HKLM\Software\Policies\Mozilla\Firefox\ contains an \Extensions node and a \NativeMessagingHosts node. The latter is essentially empty but the former contains entries for Foxit PhantomPDF. I am concerned about deleting nodes that contain keys. What happens to those extensions if I remove \Firefox\Extensions? (I also have the New Tab Homepage extension but it doesn't seem to have registry key in that location. I don't know what other users for whom I want to implement this may have installed however.)

more options

You can leave that node.

I'm curious where that certificate policy is coming from if it doesn't come from the registry and your policies.json file doesn't contain it.

You did make sure that policies.json doesn't have a hidden .txt file extension (policies.json.txt) ?

more options

The policy in about:policies is:

Certificates ImportEnterpriseRoots true

I thought that was something that came with setting Enterprise Polices to Active (which I did not do; it was already set that way) and was required in order for the policies.json file to work. It's not in my policies.json file.

I don't see any GPOs referencing Mozilla or Firefox on the domain controller--and I didn't expect to because I have never installed an admx for Firefox there.

What else can I try?

Thanks.