Enable NTLM SSO in Firefox via Group Policy
Start with the Enterprise deployment article.
First write the following to \Program Files\Mozilla Firefox\defaults\prefs\autoconfig.js
:
pref("general.config.filename", "mozilla.cfg.js");
pref("general.config.obscure_value", 0);
Then put your actual settings in \Program Files\Mozilla Firefox\mozilla.cfg.js
:
// the first line must be a comment
pref("network.negotiate-auth.trusted-uris", "domain.test");
pref("network.automatic-ntlm-auth.trusted-uris", "domain.test");
In the second file you can use defaultPref(key, value)
, clearPref(key)
, pref(key, value)
, or lockPref(key, value)
; the last three will override user settings.
It's possible to make Firefox download the configuration over HTTPS, but this doesn't give many advantages over plain Group Policy; it can be useful though where AD is not available:
lockPref("autoadmin.global_config_url", "https://example.com/firefox/lockdown.js");
The 3rd-level .js file works the same way as the 2nd-level one.
Related videos on Youtube
user2284685
Updated on September 18, 2022Comments
-
user2284685 almost 2 years
I would like to enable NTLM for a specific intranet site. For that I need to configure the following parameter:
network.automatic-ntlm-auth.trusted-uris
to addx.xyz.com
How can I achieve this via group policy for Firefox Users?
I've come across this script (below) but unsure if this is the best solution
https://www.felixrr.pro/wp-content/uploads/2012/05/FirefoxSSO.txt
-
Corey Ogburn over 7 yearsTo be picky, the path should be
\Program Files\Mozilla Firefox\defaults\pref\autoconfig.js
. Specificallyprefs
should bepref
-
eel ghEEz about 7 yearsQuoting "Integrated Authentication" in MDN developer.mozilla.org/en-US/docs/Mozilla/… , "site-list is a comma-separated list of URL prefixes or domains of the form: site-list = "mydomain.com, myotherdomain.com". Wildcards did not work for me but domains without schemas did.