I published mozilla on CTX and have no issues when using the default config. As I need to lockdown the config for the end-users, I created an autoconfig.js file and a mozilla.cfg file. The cfg file or the autoconfig.js does not seem to load. Firefox Home Content These settings allow you to hide or display features of the default Firefox homepage or New Tab page, including Web Search, Top Sites, Recommended by Pocket, Snippets from Mozilla and Highlights. For more information about these features, see About the New Tab page and Customize the New Tab page. GPO - Mozilla Firefox configuration Would you like to learn how to use a group policy to configure the Mozilla Firefox browser? In this tutorial, we will show you how to create a group policy to manage the Mozilla Firefox configuration automatically on all computers in the domain. Mozilla Configuration Modern Services with clients that support TLS 1.3 and don't need backward compatibility Intermediate General-purpose servers with a variety of clients, recommended for almost all systems Old Compatible with a number of very old clients, and should be used only as a last resort.

Mozilla Autoconfig (aka. Mission Control) allows administratorsto centralize configuration and management of Mozilla Firefox. Settings specified via autoconfig can be changed at any time and areautomatically applied when Mozilla Firefox starts up.

Autoconfig configuration files are Javascript files(aka ECMAScript). The file(s) are executed on Firefox startup, and any preferences they specify are applied toFirefox. Autoconfig provides a set of Pref APIcalls to manage preferences. In addition, most standard Javascriptlanguage features are supported, excluding DOM items. Furthermore, many MozillaXPCOM componentsand interfaces can be used in config files.

Prefs API

Autoconfig provides a set of javascript Pref APIsto help manage preferences. The following functions are available:

functiongetPrefBranch()

Gets the root of the preferences tree.

functionpref(prefName, value)

Sets the currentvalue of the preference to the specified value.

functiondefaultPref(prefName, value)

Makes the specified value the default value for a preference.

functionlockPref(prefName, value)

Locks a preference to the specified value. Users cannot change locked preferences.

functionunlockPref(prefName)

Unlocks a preference that was previously locked.

functiongetPref(prefName)

Gets the value of the specified preference.

functionsetLDAPVersion(version)

Sets the LDAP version used by the server. (Requires LDAP support)

functiongetLDAPAttributes(host, base, filter, attribs)

Gets LDAP attributes from the given server. (Requires LDAP support)

functiongetLDAPValue(str, key)

Gets the LDAP value for a given string, filtered by the key. (Requires LDAP support)

functiondisplayError(funcname, message)

Pops up a dialog box containing an error message when Firefox is started.

functiongetenv(name)

Gets the value of the specified environment variable from the user's environment.

XPCOM API

You can also manipulate prefs using MozillaXPCOM. In particular, thensIPrefandnsIPrefBranchinterfaces provide a variety of methods for manipulating preferences. You cancall any of the listed functions from Javascript, provided that it's definitionis not preceeded by the [noscript] tag. To createan interface object in Javascript, use the following code:

You can then call functions provided by that interface:

Note that XPCOM isn't limited to prefs manipulation. XPCOM provides access tomost of Firefox's functionality, including most of the internal C functions.

Administrative Preferences

Several preferences control the behavior of Mozilla Autoconfig. For a complete list, check the Admin Section of the Mozilla Preferences Manual.

The following procedure can be used to setup Autoconfig:

1. Ensure Autoconfig is Enabled

For autoconfig to work, autoconfig support must be enabledduring the build process. The current official Firefoxbuilds have it enabled by default, so you shouldn't need tobuild Firefox yourself in most cases.

If you are building Firefox yourself, you'll need toensure that autoconfig is enabled. autoconfig codeis part of the prefextension. So you will have to add the option:

To your .mozconfig file. To check whether a given Firefoxbinary includes the pref extension, go to theabout:buildconfig page in thebrowser. If you see pref in the list of enabled extensions,you're all set.

If you plan on using LDAPas part of your configuration process, you will need to use a build that has LDAP support compiled in. LDAP support is enabled by default in thecurrent official Firefox builds.

If you are building Firefoxyourself, you should ensure that the

option is not present in the .mozconfig file youuse to build Firefox.

NOTE: the getLDAP*() functions will fail if LDAP support isnot compiled into your build.

For informantion on how to build Firefox, check out theMozilla Build documentationand the Firefox Build Documentation. The Mozilla Build Configuratorcan help generate the .mozconfig file for your build.

2. Edit all.js

The greprefs/all.js file contains preferences that control the behavior and configuration of the Gecko Runtime Environment (GRE). For the purposes of autoconfig, there are two preferences that must be set inall.js --general.config.filenameand general.config.obscure_value.

Mozilla Config Settings

The general.config.filename preferencespecifies the filename of the Mission Control configuration file. (For example: firefox.cfg). This file mustbe located in the root of the Mozilla Firefox binary directory (i.e. the samedirectory as firefox-bin on UNIX or firefox.exe on Windows).

The general.config.obscure_value preference specifieshow the configuration file is obscured. Firefox expects that each byte in thefile will be rotated by the specified value. The default value is 13.If this value is left unchanged, then the configuration file must be encoded as ROT13. Autoconfig will fail ifthe cfg file is not encoded as specified by this preference. A value of 0indicates that the file is unencoded-- i.e. it is unobscuredplain text. It is recommended that you set this value to 0. (This will allowyou to skip the encoding step in part 3.)

Entries in this file are applied in order. If a preference is set multipletimes, the last instance takes precedence. Here are a couple of sample entriesthat can be added to the end of all.js:

3. Create the .cfg File

On startup, Firefox will automatically read administrative settings from the cfgfile. If you wish, you can handle all of Firefox's configurationin this file. However, a more flexible setup is to use this file as a callfile.

When used as a callfile, the .cfg file directsFirefox to load it's configuration from another location,such as a public website. This allows one to centralize configuration acrossmultiple installations. You can retrieve the file using any of the protocolssupported by Firefox. A sample callfile is shown below:

The first line directs Firefox to load the javascript file from the specified address. The second line tells Firefox not to append the user's emailaddress to the request. If you want to dynamically generate the configurationfile for each user, you will likely want to set this preference to true.

If you set the general.config.obscure_value in all.js to any value other than zero, youwill need to encode your finished callfile before placing it in the Firefox binarydirectory. You can use the moz-byteshift.plscript to do so. For example, if you wanted to encode the file firefox.js to firefox.cfg using ROT13,you would use the command:

4. Create the Configuration File

On startup, Firefox will automatically fetch the configuration filefrom the server and execute it. You should place all of your configurationsettings in this file. Here's a short example:

Firefox supports GSSAPI, so you can use additional authentication methodsagainst your mail server, aside from the ones built-into Firefox. For example, you can set up Firefoxfor single sign-on usingKerberos,and use Autoconfig to configure the GSSAPI preferencesfor your environment.

Debugging autoconfig is sometimes tricky. You set the following environement variables to provide some assistance.

These commands will enable logging in the MCD module. Thiswill cause Firefox to note when it reads the autoadmin.js file, and where itreads it from.

The pref API also has a function to help debugging: displayError().This function should popup a message on Firefox startup. Unfortunately it seemsto be broken in the current version of Firefox.

You can check the status of preferences by looking at theabout:config page in Firefox. All of the set preferences are listed,as well as their status.

Note: configuration files must be readable by all users for autoconfig to work.Make sure your file permissions are set properly.

Autoconfig Guides

Mozilla Bugs

• #222973- Documentation needed for Mozilla Autoconfig.

Note

This page applies to the .exe full installer. If you want to run or deploy the MSI package, refer to the instructions on the support web page for it instead; the command-line options documented here won’t work.

Command-line Options¶

The full installer provides a number of options that can be used either from the GUI or from the command line. The following command line options are accepted. The list is valid for Firefox 62 and later. Prior to Firefox 62, only /S and /INI are accepted, and /StartMenuShortcut is not available in INI files, only the plural /StartMenuShortcuts works (even though only one shortcut is created).

The presence of any command-line option implicitly enables silent mode (see the /S option).

Each option must start with a / as shown, - or -- are not supported. Short names for the options are not provided; all names must be spelled out.

For options that accept true or false, =true can be left off to get the same effect. That is, /DesktopShortcut and /DesktopShortcut=true both enable the desktop shortcut.

/S

Silent installation. This option doesn’t open the GUI, instead running the installation in the background using all the default settings. It’s useful as part of a script for configuring a new system, for example.

For backwards compatibility, this option can also be spelled -ms.

/InstallDirectoryPath=[path]

Mozilla Config Url

Absolute path specifying the complete install location. This directory does not need to exist already (but it can).

If InstallDirectoryName is set, then this setting will be ignored.

/InstallDirectoryName=[name]

Name of the installation directory to create within Program Files. For example, if InstallDirectoryName is set to FirefoxRelease, then the installation path will be something like C:ProgramFilesFirefoxRelease. The Program Files path used will be the correct one for the architecture of the application being installed and the locale/configuration of the machine; this setting is mainly useful to keep you from having to worry about those differences.

If this is set, then InstallDirectoryPath will be ignored.

/TaskbarShortcut={true,false}

Set to false to disable pinning a shortcut to the taskbar. true by default. This feature only works on Windows 7 and 8; it isn’t possible to create taskbar pins from the installer on later Windows versions.

/DesktopShortcut={true,false}

Set to false to disable creating a shortcut on the desktop. true by default.

/StartMenuShortcut={true,false}

Set to false to disable creating a Start menu shortcut. true by default.

For backwards compatibility, this option can also be spelled /StartMenuShortcuts (plural), however only one shortcut is ever created in the Start menu per installation.

/MaintenanceService={true,false}

Set to false to disable installing the Mozilla Maintenance Service. This will effectively prevent users from installing Firefox updates if they do not have write permissions to the installation directory. true by default.

/RemoveDistributionDir={true,false}

Set to false to disable removing the distribution directory from an existing installation that’s being paved over. By default this is true and the directory is removed.

/PreventRebootRequired={true,false}

Set to true to keep the installer from taking actions that would require rebooting the machine to complete, normally because files are in use. This should not be needed under normal circumstances because no such actions should be required unless you’re paving over a copy of Firefox that was running while the installer was trying to run, and setting this option in that case may result in an incomplete installation. false by default.

Mozilla Config Generator

/OptionalExtensions={true,false}

Set to false to disable installing any bundled extensions that are present. Normally none of these exist, except in special distributions of Firefox such as the one produced by Mozilla China or by other partner organizations. true by default.

Mozilla Firefox About Config Settings

/RegisterDefaultAgent={true,false}

Set to false to disable creating a recurring scheduled task to run the default browser agent. There are other ways (a policy and a pref) to disable the actions that the agent takes; this option is provided for tightly-controlled environments where even ascheduled task that simply exits immediately is undesirable.

/INI=[absolutepathto.inifile]

Read configuration from an .ini file. All settings should be placed into one section, called [Install], and use the standard INI syntax. All settings are optional; they can be included or left out in any combination. Order does not matter.

The available settings in the .ini file are the same as the command line options, except for /S and /INI (of course). They should be set with the same syntax described above for command line use.

For any option provided both in an .ini file and on the command line, the value found on the command line will be used. This allows command line options to override .ini settings.

Here’s an example of a valid .ini file for use with this option:

Mozilla Configuration Error

/ExtractDir=[directory]

Mozilla Configurator

Extract the application files to the given directory and exit, without actually running the installer. No other options may be supplied along with ExtractDir, and ExtractDir is not available for use in .ini files.