Creating Group Policy ADM for Firefox Extension

Active Directory, Firefox, Group Policy, Network, Windows Server No Responses »
Feb 022010

At the school that I work for we have been using the Group Policy enabled version of Mozilla Forefox from FrontMotion for some time now. We have discussed the idea on several occasions whether or not to allow staff to install extensions. I have decided to set an allowed location (locally hosted) in group policy where staff can find approved extensions to install.

However, we still required the ability to control some of the settings within these extensions. I was able to achieve this by creating Group Policy ADM templates for these extensions. The ADM templates are written to control the about:config settings of the extension which can be found by browsing to about:config in Firefox and filtering for the desired extension. The preferences are set at as a MACHINE CLASS (Computer Policy) and are locked preferences. Below is an example and explanation of a couple of settings of an ADM template for the IEView extension (comments in red): [Complete ADM example attached at the end of this post]

- Define the CLASS type
CLASS MACHINE

- Set the main category name (folder under Administrative Templates in Group Policy)
CATEGORY “Mozilla Advanced Options for Extensions”

- Set the preferences to be locked preferences
KEYNAME “Software\Policies\Mozilla\lockPref”

- Set the category/extension name (level under main category)
CATEGORY “IEView”

Boolean type preference for the Close Page on Reload setting (On or OFF)

- POLICY = Setting name
POLICY “Close Page on Reload”
- EXPLAIN = Explanation of what the setting does
EXPLAIN “Enables or disables the close page after reload option”
- VALUENAME = about:config Preference Name for the setting
VALUENAME “ieview.closeReloadPage”
- VALUEON = The value for the setting when enabled in Group Policy
VALUEON 1
- VALUEOFF = The value for the setting when disabled in Group Policy
VALUEOFF 0
- END POLICY = Ends the options for the current setting
END POLICY

String type preference for the Filter List setting (string of values)

- POLICY = Setting name
POLICY “Filter List”
- EXPLAIN = Explaination of what the setting does
EXPLAIN “Sets list of sites to always open in IE. Sites are separated by spaces. Use * for wildcard.”
- PART = “list” EDITTEXT, sets the values for the “list” part of the setting and edits the current vales
PART “List” EDITTEXT
- DEFAULT = When the setting is enabled in Group Policy, the DEFAULT string values will automatically be filled in
DEFAULT “file:///* http://*update.microsoft.com/ http://www.windowsupdate.com/”
- VALUENAME = about:config Preference Name for the setting
VALUENAME “ieview.forceielist”
- END PART = Ends the options for the current PART of the setting
END PART
- END POLICY = Ends the options for the current setting
END POLICY

- END CATEGORY = Ends the extension name category
END CATEGORY

- END CATEGORY = Ends the main category
END CATEGORY

IEView_ADM

I hope that made at least a little bit of sense.

Find a complete example here.
Download the RAR file here.

Posted by agreenlees at 10:30 pm Tagged with: , , , , , , , , , , , , , ,

Moodle-Google Intergration

Network, Open Source / Freeware, web 2.0 No Responses »
Dec 022009

The school I work at currently uses Moodle as our chosen LMS for students. Moodle is linked with our School Management system to sync courses, assignments and course enrollments among other things. This greatly assists in minimising administration work, but more on this at another time…

Our school also uses Google Apps Education Edition to provide our students with Email accounts and usage of the other Google Apps services. Google provides a great LDAP sync tool that can easily sync users and groups memberships but lacks a way to sync users passwords (not secure). For this to be possible a Single Sign On (SSO) system must come into the equation. These systems can cost thousands of dollars (depending on user numbers) from 3rd party developers or require a large amount of IT admin time and server resources to perfect a solid solution. I searched long and hard for a suitable tool for this job and tried a number of solutions but none worked well enough for my liking.

At the same time that I was searching for solutions for this issue I was also browsing around for some useful Moodle plugins. This is where I came across the Moodle-Google Intergration plugin that would solve all my issues. The plugin provides a SAML based authentication method to allow users to use their LDAP credentials (LDAP must be configured in Moodle) to log into their Google Apps account. This plugin talks with the SSO feature built into Google Apps via SAML 2.0 post and the use of the generated keys and certificates for security. Users then login to Moodle and from there can access their Google Apps account.

More to come on the configuration of this plugin. Stay tuned…

Narradan

Posted by agreenlees at 10:09 pm Tagged with: , , , , , , , , , , ,
© 2012 AG's Latest! Suffusion WordPress theme by Sayontan Sinha