Enable Firefox Windows SSO using Intune
G’day, a short and sweet post on how to enable Windows SSO for Mozilla Firefox using a custom Configuration Profile deployed via Microsoft Intune.
Prerequisites
- Administrator rights within Intune
- Test User with licence
- Mozilla Firefox 91+ installed on test device
Obtain Firefox ADMX
We’ll need to download the latest Mozilla Firefox ADMX templates from here.
Create Custom Configuration Profile
Log into MEMAC portal, go to Devices, Configuration Profiles and then click Create Profile:
Now select Windows 10 and later platform, Templates for Profile type and then Custom:
Give your profile an appropriate Name and Description:
On the Configuration settings page, click Add, which will bring up a new OMA-URI settings page, type in the following:
Setting | Value |
---|---|
Name | Ingest Firefox ADMX |
Description | Ingests the Firefox ADMX |
OMA-URI | ./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/Firefox/Policy/Firefox |
Data type | String |
Value | <Copy and paste in the entire Firefox.admx contents into here, use NotePad++> |
It should look something like this (optionally add the version of the ADMX file to the name \ description):
Now Add another OMA-URI to the same profile with the following settings:
Setting | Value |
---|---|
Name | Windows SSO |
Description | If this policy is enabled, Firefox will use credentials stored in Windows to sign in to Microsoft, work, and school accounts.If this policy is disabled or not configured, credentials must be entered manually. |
OMA-URI | ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/WindowsSSO |
Data type | String |
Value | <enabled /> |
like so:
Now save the profile and deploy it to your test device.
Trust but Verify
On your test device, open Firefox and ensure that the following setting has taken effect:
And try to browse to Office 365 with no need to login (You may need to MFA):
Happy Intuning and SSO’ing!
Pingback: Deploy Firefox Bookmarks using MSIntune - Let's ConfigMgr!