-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 My organization is (still) in the process of preparing to migrate from an older Firefox ESR to the current ESR, and is planning to migrate from 32-bit Firefox to 64-bit Firefox in the process. This latter means that we're hitting the "profile per install" transition which comes along with the install-location change inherent to Windows' install-location handling. (We are not going to override that and install the 64-bit program under the 32-bit path.) We therefore need to tell Firefox to not use profile-per-install, and continue with legacy profiles.
As I understand matters, the policy settings for disabling profile-per-install in favor of legacy profiles do not work when specified in policies.json; they only work when specified via Group Policy or via the launch-time MOZ_LEGACY_PROFILES environment variable. (At least on Windows, I haven't investigated other platforms recently enough to recall.) For reasons which don't bear going into, I would prefer to handle as much policy configuration as possible via policies.json, rather than via Group Policy. I did all of my initial profiles- and policies-related testing with the environment variable, for convenience, and got to a point where things were working fine. I then switched to testing with the Registry entry which corresponds to the Group Policy setting [1], and rather to my surprise, all of the policy settings which I had been configuring through policies.json were suddenly being ignored. After a bit of searching, I found [2], which points out that - as I had just run into - when the Registry key where the Group Policies are to be specified exists, policies.json is ignored. I don't recall seeing that documented anywhere, but it's possible I just missed noticing it. This seems to mean we can't use a combination of these approaches; it's either all policies.json or all Group Policy. Unfortunately, that in turn seems to mean that we have to A: find a way to deploy that environment variable so that it's reliably in effect before the new Firefox version gets launched, B: abandon the use of policies.json entirely in favor of Group Policy, or C: abandon our hopes of retaining our users' existing Firefox profiles. A would be relatively impractical, given the limitations of the various methods (that I know of) for automatically deploying environment-variable settings - most prominently, that none of them seem to take effect before the next Windows logon, so we couldn't just push out the environment variable alongside the Firefox install. The same point would make it equally difficult to revert the setting later on. B would be undesirable for internal reasons, which - as I said - don't bear going into (although I can summarize them if needed). C would be problematic; it's unlikely that the existing Firefox users would be OK with their profiles disappearing from under their feet. Any suggestions for a way out of this tangle? The ideal solution would of course be to dodge around the issue, by avoiding the need for us to disable profile-per-install at all. I have a few possible design arrangements in mind that would probably make that viable, but lack the spoons to push for them in a filed bug unless I could be confident that doing so would bear fruit, and in any case they wouldn't make it into an ESR release in time for me to meet my deployment time-frames. The next best solution would be for the "legacy profiles" policy setting to work when specified via policies.json. However, if doing that were an option, it would clearly have been done that way to begin with; since it wasn't, I mention it only to be comprehensive. The third-best solution would probably be for it to be possible to mix-and-match policies.json with Group Policy configuration. However, given that it wasn't done that way to start out with, I rather doubt that's going to happen at this point - and even if it does happen at some point, the same "probably won't make it into the ESR in time" applies. If anyone can suggest any other solutions, I'd be glad to hear them. [1] HKLM\SOFTWARE\Policies\Mozilla\Firefox\LegacyProfiles REG_DWORD:1 [2] https://community.spiceworks.com/topic/2247157-firefox-ignoring-policies-json-when-registry-path-is-created - -- Andrew J. Buehler -----BEGIN PGP SIGNATURE----- iQJJBAEBCgAzFiEEJCOqsZEc2qVC44pUBKk1jTQoMmsFAmAJ3pAVHHdhbmRlcmVy QGZhc3RtYWlsLmZtAAoJEASpNY00KDJrEhEP/3yZODmmNkAIuYPqBodFsCxGngtb Xv++JhqgctO8WuJ1XBT2j3IsWaTSYbHx05EIo6wSNTQaMJICE7TISh1Cw9xU/YXf lShbyDLj3pLnQhnUg1lmQKkbMN4aCD18w9EwuqKkx9eGwrZ4DYNDpU5HLUjZ+ms+ ICBpTfCTnNbCAsosUuy+lBEhyEageju6a4KDzhgCieTB3slf5bzryaqtQ9hcjW/W 0Vz+wePs1uZEyPEpDYxI0vMtkTJliAGY0Bz1fkcxZ6IXsMPu01eXd55qwfuz8mNM eJWo5a84gsBofdNeN0LwoxF5Af6Fs8cakyheQD25Ejiv98HKGnmZHbFbHDwj0y9h H5Qcud+rLA9EQPbryEOqB658vhzLOtrd/MHILcrmHbD/4rFjeTddErThKk7mGMa6 SoqJulmpjrGrumT+m4TKoiLJaa1kQvGhk5LzAD0bSHbiW/SmZ4XFUrmqnTO7+SlS 1E/N8mh25WNOUH+MrfCzQ3z1LCZBinAHb42z0rfqhkAErSzZS0C9UP0q8SMJ9e0a wMQ1v0idv4J+Sqp7lD/dJZ1GCsBvSU8xh0iDdWDKzL/kDTNaUSzgtlRaqg1OuLMB oTTXxEX2nOsQYZYvbGByr7Qn+/jEh+tlqiRWf+jkGPD4yXa7ytAsu7SxKjM4wmCG dYG1EAi+76/gq6He =6Z4T -----END PGP SIGNATURE----- _______________________________________________ Enterprise mailing list [email protected] https://mail.mozilla.org/listinfo/enterprise To unsubscribe from this list, please visit https://mail.mozilla.org/listinfo/enterprise or send an email to [email protected] with a subject of "unsubscribe"
