Deploying Firefox has never been very difficult
Firefox Setup 31.0esr.exe -ms would do the trick.
However, when you want to install a customized version of Firefox, things can get a little bit more difficult.
It just takes a couple of minutes browsing the internet in order to find various sources explaining which files to edit in order to change this or that setting.
As new versions get released, the information you find might be obsolete for the version you are trying to deploy.
A major change was introduced in Firefox 21, which now uses different paths for the configuration files:
defaults/preferences -> browser/defaults/preferences
defaults/profile -> browser/defaults/profile
extensions -> browser/extensions
searchplugins -> browser/searchplugins
plugins -> browser/plugins
(see Link for source)
This basically means that guidelines previous to may 2013 are now potentially wrong if not updated.
So, how do I customize Firefox ?
One side note here. There are basically two ESR packages available. One from Mozilla, one, repackaged as an MSI from FrontMotion (they also created an add-on that allows to use GPOs for management).
I use here the default Mozilla package, but used FrontMotion’s Msi and Adminstudio in the past for different customers and the principle is the same at the end…
1. Extract the files from the installer. (I used 7zip to do so)
This file contains settings linked to the installation itself.
Create the file and put it at the root, at the same level as the setup.exe and the Core folder
The settings are self explanatory, this is where you can disable installation of the Maintenance Service.
This file forces Filezilla to look for configuration settings in the Mozilla.cfg file.
Create the file and put it under core\browser\defaults\preferences (create missing folders if they do not exist)
This is the main config file.
Here you define your proxy settings, autoupdate options, etc.
Basically the settings that you can define here are a little bit like Policies and Preferences in Group Policies.
lockPref(“toolkit.telemetry.enabled”, false); will disable the telemetry, without letting the user change it back.
pref(“browser.startup.homepage”,”http://www.google.com/”); will set the default, allowing the user to change it.
All settings are visible if you type About:config in the browser url window (this is also how you can check what settings have been set by your custom file).
Create the file and put it directly in the core folder
This is where you can disable crash reporter and Profile Migrator (at first launch)
Create the file and put it under Core/Browser folder
* Note that version 31.4 does not seem to support the Crash Reporter Override file anymore, but this can be set via the registry.
One last thing I did was customize the default Certificate Trust Authorities list to add our Proxy Certificate.
In order to do this, create a new Firefox profile (by connecting with a new user or cleaning your appdata firefox files).
Import the certificates that you need. Do not forget to set the Trust level (see below, for an internal proxy, only check “This certificate can Identify websites.”)
The changes will be stored into the cert8.db file under the user profile (C:\Users\%username%\AppData\Roaming\Mozilla\Firefox\Profiles\mozillaprofileID.default
Copy the file in the Core/browser/defaults/profile folder and it will be used as default for all subsequent profile creations.
7. Deploy the application with the path to the INI file
The path to the configuration.ini file must be a full path, not relative.
In order to do so I choose to create a batch file that uses the %~dp0 variable.
One advantage of this way of working is that you don’t need to install Firefox, then copy files to different directories: customized files are used directly. Also, you don’t have to uninstall the Maintenance Service, as it’s simply not installed at all.
Nothing more ? CCK2 to the rescue
For configuring those settings and more, you can also use the tool from Mike Kaply, CCK2. http://mike.kaply.com/
The site is also a very good source of information about the new features of Firefox.
The tool is an Add-On to Firefox that allows you to fully configure Firefox and deploy the resulting config as an extension or an Autoconfig file.
The simple feature to be able to import and integrate certificates into your deployment is worth the download. If you need to go beyond basic config, this is the tool that you need. The tool itself is free, and you can buy support if your company does not like unsupported free tools.