Moving user profile with GPO from local path onto folder redirected user document path
730 views
Skip to first unread message
khchan 3501
Mar 1, 2022, 7:30:34 AM3/1/22
to enter...@mozilla.org
Hey all the experts
Backgroup:
- I'm from a mid size corp environment with majority of users login on roaming profile (AD)
- All the profile (browser saved passwords and bookmarks) are stored inside the local %APPDATA%, we want to remove the roaming profile from AD to free up resources and improve user login onto the PCs
- User's Documents and Desktop folders are redirected onto the server
What I want to achieve:
Setup GPO, to move existing Firefox profile (from %APPDATA%) onto the server storage, like each user's own Documents folder but hidden, so user won't accidentally delete it, then set Firefox to look at that new path permantly
Issues:
So, I have been looking on the net, but I have only found bits and pieces, like manually moving the Firefox profile from %APPDATA% to the new device's local path, GPO to adjust Firefox config but not copying the profile, no variable syntax I can find to point the new path onto the server directory like how Google Chrome can do it, i.e. ${documents}
Therefore, I would like to ask all your experts here if you can provide me with a step by step guide on how I could do it, as I'm quite new to GPO. As I have worked in an investment bank previously that they managed to get this setup on all browsers.
Hope to hear your good news, if this has been done, please give me a link to it, so I can look it up myself.
Really appreciated.
Backgroup:
- I'm from a mid size corp environment with majority of users login on roaming profile (AD)
- All the profile (browser saved passwords and bookmarks) are stored inside the local %APPDATA%, we want to remove the roaming profile from AD to free up resources and improve user login onto the PCs
- User's Documents and Desktop folders are redirected onto the server
What I want to achieve:
Setup GPO, to move existing Firefox profile (from %APPDATA%) onto the server storage, like each user's own Documents folder but hidden, so user won't accidentally delete it, then set Firefox to look at that new path permantly
Issues:
- Once we removed the roaming profile on AD, when user logs in on another PC, all their bookmarks and saved passwords no longer sync across automatically
- There are more than 1000 of PCs and users that we need this changed, which we can't manually copying and pasting the Firefox directory
- We have multiple replicated VMs to store the user data i.e. Desktop and Documents
So, I have been looking on the net, but I have only found bits and pieces, like manually moving the Firefox profile from %APPDATA% to the new device's local path, GPO to adjust Firefox config but not copying the profile, no variable syntax I can find to point the new path onto the server directory like how Google Chrome can do it, i.e. ${documents}
Therefore, I would like to ask all your experts here if you can provide me with a step by step guide on how I could do it, as I'm quite new to GPO. As I have worked in an investment bank previously that they managed to get this setup on all browsers.
Hope to hear your good news, if this has been done, please give me a link to it, so I can look it up myself.
Really appreciated.
Maxime Accadia
Mar 2, 2022, 3:17:00 AM3/2/22
to khchan 3501, enterprise
Hi,
I am also intrested in this topic (older discussion here : https://groups.google.com/a/mozilla.org/g/enterprise/c/gibY1ipRnjw/m/eBMWJMwkBAAJ).
I looked into Chrome and as you pointed out ; there are indeed policies for roaming profiles :
AFAIK there is no way to change the Romaning Profile Location on Firefox. We are currently using local profiles only due to this limitation.
--
Maxime Accadia
Université Grenoble Alpes
De: "khchan 3501" <khcha...@gmail.com>
À: "enterprise" <enter...@mozilla.org>
Envoyé: Mardi 1 Mars 2022 13:30:33
Objet: [Mozilla Enterprise] Moving user profile with GPO from local path onto folder redirected user document path
À: "enterprise" <enter...@mozilla.org>
Envoyé: Mardi 1 Mars 2022 13:30:33
Objet: [Mozilla Enterprise] Moving user profile with GPO from local path onto folder redirected user document path
--
You received this message because you are subscribed to the Google Groups "enter...@mozilla.org" group.
To unsubscribe from this group and stop receiving emails from it, send an email to enterprise+...@mozilla.org.
To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/enterprise/26ba5c24-ea14-4242-8681-1f5cc6176f60n%40mozilla.org.
You received this message because you are subscribed to the Google Groups "enter...@mozilla.org" group.
To unsubscribe from this group and stop receiving emails from it, send an email to enterprise+...@mozilla.org.
To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/enterprise/26ba5c24-ea14-4242-8681-1f5cc6176f60n%40mozilla.org.
Message has been deleted
Maxime Accadia
Mar 8, 2022, 3:44:01 AM3/8/22
to enterprise, khchan 3501, Jim Weill
Firefox Sync is a solution but it relies on an external service and needs an Firefox account ; using a Roaming Profile leverage existing infrastructure (AD).
There is a way to run your own Firefox Sync server though : https://mozilla-services.readthedocs.io/en/latest/howtos/run-sync-1.5.html.
Does anyone here tried to self host Firefox Sync ?
De: "Jim Weill" <moo...@icsi.berkeley.edu>
À: "khchan 3501" <khcha...@gmail.com>
Cc: "enterprise" <enter...@mozilla.org>, "MAXIME ACCADIA" <maxime....@univ-grenoble-alpes.fr>
Envoyé: Vendredi 4 Mars 2022 19:04:07
Objet: Re: [Mozilla Enterprise] Moving user profile with GPO from local path onto folder redirected user document path
À: "khchan 3501" <khcha...@gmail.com>
Cc: "enterprise" <enter...@mozilla.org>, "MAXIME ACCADIA" <maxime....@univ-grenoble-alpes.fr>
Envoyé: Vendredi 4 Mars 2022 19:04:07
Objet: Re: [Mozilla Enterprise] Moving user profile with GPO from local path onto folder redirected user document path
Isn't what you want more like Firefox Sync, which does transfer bookmarks and logins across browser installations? That seems a simpler solution than a GPO, which probably won't affect the local profile.
jim
Hi Maxime,Appreciated for your links, that's exactly what I have been looking at, and exactly what I would like to achieve.I have also been through the FF GPO template, and there are no options to do the same job, so I hope Mozilla can implement the same functionality that Google Chrome is capable of since ages ago.Because I have already had few users complained that their bookmarks and saved passwords were missing, and my colleagues have not backed them up before removing their roaming profiles, sigh...Thanks
To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/enterprise/2c4c2a51-6e68-4a33-a654-0e5b2d4dd797n%40mozilla.org.
Jim Weill
Mar 8, 2022, 11:29:05 AM3/8/22
to khcha...@gmail.com, enter...@mozilla.org, Maxime Accadia
Isn't what you want more like Firefox Sync, which does transfer bookmarks and logins across browser installations? That seems a simpler solution than a GPO, which probably won't affect the local profile.
jim
Hi Maxime,Appreciated for your links, that's exactly what I have been looking at, and exactly what I would like to achieve.I have also been through the FF GPO template, and there are no options to do the same job, so I hope Mozilla can implement the same functionality that Google Chrome is capable of since ages ago.Because I have already had few users complained that their bookmarks and saved passwords were missing, and my colleagues have not backed them up before removing their roaming profiles, sigh...Thanks
On Wednesday, 2 March 2022 at 08:17:00 UTC Maxime Accadia wrote:
To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/enterprise/2c4c2a51-6e68-4a33-a654-0e5b2d4dd797n%40mozilla.org.
Fjoerfoks
Mar 8, 2022, 11:29:05 AM3/8/22
to enterprise
Hi all,
As far as I know, you can put your Firefox-profile anywhere you want. Just put it in the shortcut you are providing to the users by using the parameter -profile,
for example: -profile %APPDATA%\Mozilla\Firefox\Profiles\Firefox, or in your case -profile \\servername\Mozilla\Firefox\Profiles\FirefoxBI. If it doesn't exist, it will be created automatically. If you want certain presets, you can create a ‘standard’ profile and copy this to the desired location before starting Firefox (not recommended). You can also use GPO to control the behavior of Firefox.
It all depends on the systems you are using to control user behavior, AD and workspace mangement.
Wim
Op di 8 mrt. 2022 om 09:43 schreef Maxime Accadia <maxime....@univ-grenoble-alpes.fr>:
To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/enterprise/554642210.12322906.1646729032644.JavaMail.zimbra%40univ-grenoble-alpes.fr.
The Wanderer
Mar 11, 2022, 7:12:29 PM3/11/22
to enter...@mozilla.org
On 2022-03-08 at 04:54, Fjoerfoks wrote:
> Hi all,
>
> As far as I know, you can put your Firefox-profile anywhere you want.
> Just put it in the shortcut you are providing to the users by using
> the parameter -profile, for example: -profile
> %APPDATA%\Mozilla\Firefox\Profiles\Firefox, or in your case -profile
> \\servername\Mozilla\Firefox\Profiles\FirefoxBI. If it doesn't exist,
> it will be created automatically.
What about when Firefox is launched from some other location than that
> Hi all,
>
> As far as I know, you can put your Firefox-profile anywhere you want.
> Just put it in the shortcut you are providing to the users by using
> the parameter -profile, for example: -profile
> %APPDATA%\Mozilla\Firefox\Profiles\Firefox, or in your case -profile
> \\servername\Mozilla\Firefox\Profiles\FirefoxBI. If it doesn't exist,
> it will be created automatically.
shortcut - for example, because of being set as the default for .html
files or for the HTTP protocol? At my workplace, we ran into a similar
issue when we were specifying Chrome behavior via launch-time options,
before we (quite recently) adopted the GPO-based configuration.
I imagine you could probably adjust the Registry entries which control
file associations, so that they likewise include this parameter - but
then you might run up against the arguably-overzealous file-association
protections that Microsoft has built in to Windows, and there might be
other issues to consider as well.
And of course, there's always the possibility that people could launch
Firefox by simply typing 'firefox' into a suitable prompt window - or
even by specifying the full path to the EXE. Either of which would
bypass any and all such pre-added parameters.
As far as I understand, there is simply no way to catch all possible
cases without having Firefox itself handle the redirecting of the
profile-folder location, and Firefox does not appear to support doing
any such thing.
The only way that I'm aware of to store the Firefox profile on a network
server, rather than under %USERNAME%\AppData\Roaming\, is to use
Windows' folder-redirection feature to redirect the entire Roaming
directory to be stored on the server. We do that in my workplace, or we
used to, and while there were some hiccups and some teething troubles
with getting it working I think it mostly worked pretty well.
--
The Wanderer
The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all
progress depends on the unreasonable man. -- George Bernard Shaw
Maxime Accadia
Mar 15, 2022, 5:58:50 AM3/15/22
to enterprise
Hi,
I have filed a feature request : https://bugzilla.mozilla.org/show_bug.cgi?id=1759673.
Feel free to add comments.
Regards,
--
Maxime Accadia
Université Grenoble Aples
De: "The Wanderer" <wand...@fastmail.fm>
À: "enterprise" <enter...@mozilla.org>
Envoyé: Samedi 12 Mars 2022 01:12:14
À: "enterprise" <enter...@mozilla.org>
Envoyé: Samedi 12 Mars 2022 01:12:14
Objet: Re: [Mozilla Enterprise] Moving user profile with GPO from local path onto folder redirected user document path
--
You received this message because you are subscribed to the Google Groups "enter...@mozilla.org" group.
To unsubscribe from this group and stop receiving emails from it, send an email to enterprise+...@mozilla.org.
You received this message because you are subscribed to the Google Groups "enter...@mozilla.org" group.
To unsubscribe from this group and stop receiving emails from it, send an email to enterprise+...@mozilla.org.
To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/enterprise/622BE55E.6080103%40fastmail.fm.
Sebastian
Mar 29, 2024, 6:59:33 AMMar 29
to enter...@mozilla.org, The Wanderer
Welcome,
I am currently implementing the redirection of the appdata folder.
From what you wrote you were able to do it, but had some problems with appdata\Firefix.
We are currently having issues with conflicts and errors when syncing the Firefox profile. Have you had similar problems?
I am currently implementing the redirection of the appdata folder.
From what you wrote you were able to do it, but had some problems with appdata\Firefix.
We are currently having issues with conflicts and errors when syncing the Firefox profile. Have you had similar problems?
Florent Lagoda
Mar 29, 2024, 7:10:15 AMMar 29
to Sebastian, enter...@mozilla.org
Firefox Sync is better suitable for this.
For the past we use this kind of redirection and Firefox very slow and same problem of sync.
But a good feature one day maybe Firefox Sync special for enterprise, linked with AD users
For the past we use this kind of redirection and Firefox very slow and same problem of sync.
But a good feature one day maybe Firefox Sync special for enterprise, linked with AD users
--
You received this message because you are subscribed to the Google Groups "enter...@mozilla.org" group.
To unsubscribe from this group and stop receiving emails from it, send an email to enterprise+...@mozilla.org.
To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/enterprise/c3d29430-0397-463d-aa48-0bf9ef274e40n%40mozilla.org.
Message has been deleted
Paul Kosinski
Mar 29, 2024, 11:23:01 AMMar 29
to enter...@mozilla.org, Florent Lagoda
On Fri, 29 Mar 2024 12:10:03 +0100
Florent Lagoda <florent...@univ-rennes2.fr> wrote:
> Firefox Sync is better suitable for this.
> For the past we use this kind of redirection and Firefox very slow and
> same problem of sync.
> But a good feature one day maybe Firefox Sync special for enterprise,
> linked with AD users
Doesn't Firefox Sync currently store the information in the "Cloud"? I would think that some organizations would not want this, as it is a bit of a security exposure.
Florent Lagoda <florent...@univ-rennes2.fr> wrote:
> Firefox Sync is better suitable for this.
> For the past we use this kind of redirection and Firefox very slow and
> same problem of sync.
> But a good feature one day maybe Firefox Sync special for enterprise,
> linked with AD users
Chris Puttick
Mar 29, 2024, 12:35:02 PMMar 29
to enterprise
I'd imagine no reason why the sync server URL couldn't be a config setting (may already be?), so would just need either some sort of API doc to create the org's sync service or Mozilla provide the code for the existing one for private installs.
--
You received this message because you are subscribed to the Google Groups "enter...@mozilla.org" group.
To unsubscribe from this group and stop receiving emails from it, send an email to enterprise+...@mozilla.org.
To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/enterprise/20240329112252.63355887%40ime1.iment.local.
You received this message because you are subscribed to the Google Groups "enter...@mozilla.org" group.
To unsubscribe from this group and stop receiving emails from it, send an email to enterprise+...@mozilla.org.
Reply all
Reply to author
Forward
0 new messages