Sunday, December 8, 2024
Intune

Enable Firefox Windows SSO using Intune

G’day, a short and sweet post on how to enable Windows SSO for Mozilla Firefox using a custom Configuration Profile deployed via Microsoft Intune.

Prerequisites

  • Administrator rights within Intune
  • Test User with licence
  • Mozilla Firefox 91+ installed on test device

Obtain Firefox ADMX

We’ll need to download the latest Mozilla Firefox ADMX templates from here.

Create Custom Configuration Profile

Log into MEMAC portal, go to Devices, Configuration Profiles and then click Create Profile:

Creating the configuration profile to enable SSO within Firefox via Intune.

Now select Windows 10 and later platform, Templates for Profile type and then Custom:

Give your profile an appropriate Name and Description:

On the Configuration settings page, click Add, which will bring up a new OMA-URI settings page, type in the following:

SettingValue
Name Ingest Firefox ADMX
Description Ingests the Firefox ADMX
OMA-URI./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/Firefox/Policy/Firefox
Data typeString
Value<Copy and paste in the entire Firefox.admx contents into here, use NotePad++>

It should look something like this (optionally add the version of the ADMX file to the name \ description):

Now Add another OMA-URI to the same profile with the following settings:

SettingValue
Name Windows SSO
Description If this policy is enabled, Firefox will use credentials stored in Windows to sign in to Microsoft, work, and school accounts.If this policy is disabled or not configured, credentials must be entered manually.
OMA-URI./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/WindowsSSO
Data typeString
Value<enabled />

like so:

Now save the profile and deploy it to your test device.

Trust but Verify

On your test device, open Firefox and ensure that the following setting has taken effect:

And try to browse to Office 365 with no need to login (You may need to MFA):

Happy Intuning and SSO’ing!

One thought on “Enable Firefox Windows SSO using Intune

Comments are closed.