Link to home
Start Free TrialLog in
Avatar of bereanbs
bereanbsFlag for United States of America

asked on

Pushing FireFox Browser Proxy Setting with ZenWorks

I need to be able to push a change to the FireFox browser proxy setting using ZenWorks. The setting is in a file called user.js, which FireFox reads and adds to prefs.js when FireFox starts. I can create the user.js file, but it needs to be copied to
C:\Documents and Settings\username\Application Data\Mozilla\Firefox\Profiles\xxxxxxxx.default , where "xxxxxxxx" appears to be a random series of characters chosen by FireFox when the FireFox profile is created (the one for my profile is "yo1j350j.default"). This is where I am having the problem.

Ok, I know that I can use %Appdata% to point to the user's application data directory. However, how do I address the "xxxxxxxx.default directory when it is different for each user? Is there some way to create a custom macro in ZenWorks that the Application Launcher can use?

We have a series of workstation changes that need to be rolled out to multiple locations - and this is the only one that I am having trouble automating. Any help would be appreciated!

Thanks,
Ted
Avatar of ShineOn
ShineOn
Flag of United States of America image

You could probably use a scripting language like AutoIt3 (see, billmercer, I remembered...) to create an executable that would enumerate the firefox profiles directory to find the actual name of the xxxxxxx.default directory and copy the user.js file to that directory.

I'm not aware of a capability in Zen to enumerate a directory to find directory names, parse the names found to create variable values, and use those variables to specify the target path.  I could be wrong.
Since I already own WinBatch +Compiler, I'd write the script executable in that.  I'm told that AutoIt3 has many of the same capabilities, including a compiler, and is free.
Avatar of billmercer
billmercer

"I'm not aware of a capability in Zen to enumerate a directory to find directory names, parse the names found to create variable values, and use those variables to specify the target path.  I could be wrong."
There might be some way to kludge this with just ZenWorks, but it's very easy to do with AutoIt 3.
Here's an example.
;===========================================
; AutoIt Version: 3.1.1
; Language:       English
; Platform:       WinXP
; Author:         Bill Mercer
;
; Script Function: deploy a user.js file to all profiles in current user's application data folder.
; compile to exe and deploy through zen, or even through login script if you want.
; Intended as proof of concept only. Use at your own risk.
; ===================================
; initialize stuff
$sourcepath = "C:\user.js"   ; Path to the file you want to deploy
$CowsComeHome = 0            ; loop variable

; grab a handle for all files matching the wildcard pattern (should only be directories)
$filehandle = FileFindFirstFile( @AppDataDir & "\Mozilla\Profiles\default\*.slt") ; This is how it is on my system

do
  $filename = FileFindNextFile ($filehandle) ; get the next directory that matches the wildcard
  if @error = 1 then exitloop                ; @error status of 1 = no more matches found, so exit loop
  $fullpath = @AppDataDir & "\Mozilla\Profiles\default\" & $filename  ; compute full path to this profile folder
  FileCopy($sourcepath, $fullpath )          ; copy the user.js to the current profile folder
 
until $CowsComeHome    ; Keep going until no more *.slt folders found

I looked and I looked and I see no scripting logic within ZEN itself.  It would have to be done with some sort of a script or program that would enumerate the directories, just like billmercer's AutoIt script (or WinBatch, or probably VBA/WSH).

WinBatch has constructs specifically for directory handling (rather than treating a directory as a file type), so it probably wouldn't be quite the same as the AutoIt script above, but would be at least as easy to do.
Way cool, Dark_King.  Anything with an ADM can be managed with ZEN.  Too bad the Sourceforge project doesn't mention that - it only mentions AD.
You can import ADM from ZenGP (Gpedit), remeber to set Gpedit to show not suported policy
Kewl!
I found this file http://mikeducharme.myknet.org/zenworks/firefox/

If you look inside zip for README.TXT you found this
"zENworks Distribution of Firefox with Locked Configuration and Extensions"
http://www.novell.com/coolsolutions/tools/14812.html


I have now tested this fire fox in our Network.

I did this to get profile to work, and I think all this is also possibly to do
from NAL.

H: is my students’ home folder.


1: I install FireFox to Network program share. (“g:\webb\firefox” in my example)

2: I copy “%APPDATA%\Mozilla\FireFox” to a new map under this
Network program share and call it “ParkProf”
And a copy also this firefox.lnk (shortcut to FF) to share folder.

3: I made a .bat file like this.

***********Script START**********
IF exist h:\firefox\chrome\userChrome.css GOTO Run
md h:\firefox
xcopy /s /e g:\webb\firefox\ParkProf\* h:\firefox

:Run
regedit /s g:\webb\firefox\java150.reg
IF exist h:\desktop\firefox.lnk GOTO OSCheck
copy g:\webb\firefox\firefox.lnk h:\desktop

:OSCheck
IF not "%OS%"=="Windows_NT" GOTO Win98
IF exist "%APPDATA%\Mozilla\FireFox\profiles.ini" GOTO XPRun
md "%APPDATA%\Mozilla"
md "%APPDATA%\Mozilla\FireFox"
copy g:\webb\firefox\profiles.ini "%APPDATA%\Mozilla\FireFox"

:XPRun
start /b g:\webb\firefox\firefox.exe
GOTO End

:Win98
IF exist "%windir%\Application Data\Mozilla\Firefox\profiles.ini" GOTO 98Run
md "%windir%\Application Data\Mozilla"
md "%windir%\Application Data\Mozilla\Firefox"
copy g:\webb\firefox\profiles.ini "%windir%\Application Data\mozilla\firefox"

:98Run
start g:\webb\firefox\firefox.exe

:End
************Script END***********

I modify “profiles.ini” in Network program share like this

***** profiles.ini START*****
[General]
StartWithLastProfile=0

[Profile0]
Name=ParkProf
IsRelative=0
Path=h:\Firefox
Default=1
***** profiles.ini END*****

To get the JAVA working a made this reg file.

*****java150.reg START****
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Plug-in\1.5.0]
"JavaHome"="G:\\java\\java150"
"UseJava2IExplorer"=dword:00000000
"HideSystemTrayIcon"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Runtime Environment]
"CurrentVersion"="1.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Runtime Environment\1.5]
"JavaHome"="G:\\java\\java150"
"RuntimeLib"="G:\\java\\java150\\bin\\client\\jvm.dll"
"MicroVersion"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0]
"JavaHome"="G:\\java\\java150"
"MicroVersion"="0"
"RuntimeLib"="G:\\java\\java150\\bin\\client\\jvm.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Update]

[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Update\Policy]
"EnableJavaUpdate"=dword:00000000
"EnableAutoUpdateCheck"=dword:00000000
"NotifyDownload"=dword:00000001
"NotifyInstall"=dword:00000001
"Frequency"=dword:010f0000
"UpdateSchedule"=dword:00000009
"LastUpdateBeginTime"=""
"LastUpdateFinishTime"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Web Start]
"CurrentVersion"="1.5.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Web Start\1.0.1]
"Home"="G:\\java\\java150\\bin"

[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Web Start\1.0.1_02]
"Home"="G:\\java\\java150\\bin"

[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Web Start\1.0.1_03]
"Home"="G:\\java\\java150\\bin"

[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Web Start\1.0.1_04]
"Home"="G:\\java\\java150\\bin"

[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Web Start\1.2]
"Home"="G:\\java\\java150\\bin"

[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Web Start\1.2.0_01]
"Home"="G:\\java\\java150\\bin"

[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Web Start\1.5.0]
"Home"="G:\\java\\java150\\bin"
*****java150.reg END****


User only runs this .bat file to start FireFox and it work.
Now I only need to update this one FireFox map to upgrade it.

I while look into secure setting of FireFox next time, the holyday is closing on me.
Forget one thing.

In my profile folder “ParkProf” under my program share I change a prefs.js setting.

user_pref("browser.bookmarks.file", "h:\\ffox_bookmarks.html");
To set users own bookmark setting.

You also have homepage and cache dir to change in there.
You can use profiles.ini to set same name on all computer for ProfileName

From Zen you can use NAL to change profiles.ini to have same name on all computer for ProfileName.
And set NAL to change folder name for that profile, then you can change files.

I have now try my exemple with FireFox on readonly share in network with 200 user at same time
and I think this is the best way to have Firefox, I remeber the OLD Netscape days it was super nice PG for network.

My first gole is runing apps from network and last runing lockal.
I think that's the answer, bereanbs.  Change how Firefox behaves, to make it easier to manage centrally.  Great job, Dark_King.

I guess the only drawback would be loss of any security that might be afforded by having the profile directory apparently randomly named.  However, that might be alleviated somewhat if it were possible to redirect the profile directory to a read-only network-housed directory, which would also make Firefox fail if you're not logged in.  
And now the security settings.

Let's say you are the administrator of one or more installations of Mozilla Firefox and you want
to lock certain settings/options, so users cannot edit them. For instance you may want to
prevent people from changing the proxy setting, the homepage, the ability to save passwords,
etc.

It is possible, but it's a little complicated.

First you need to find out what the names are of the preferences you wish to lock. The best
way to do this is by entering about:config in the Firefox location bar. Every preference that
has been used will appear in the resulting list. You can use the filter field to search for
preferences that contain certain words. For instance, if you're looking for the homepage URL
setting, just type homepage in the filter field. For more info on preference names, and
about:config see:

Next, create a file anywhere on your hard drive, called mozilla.txt. Open mozilla.txt in a text
editor (Notepad), and begin the first line with two forward slashes. The following lines will
contain the preferences you want to lock, and their values. They should be in the same form as
you see them in your profile's prefs.js file, with one exception: instead of using user_pref, use
lockPref. For instance, if you want to lock the proxy at "direct connection", and lock the
homepage at http://ilias.ca, the contents of your mozilla.txt file would look like this:
//
lockPref("network.proxy.type", 0);
lockPref("browser.startup.homepage", "http://ilias.ca/");

Here's where it gets tricky. The file must be encoded, and renamed. The encoding is a simple
"byte-shifting" with an offset of 13. You can download a program that will do this here
http://home.comcast.net/%7Edabbink/dabbink/ByteShifter.htm

The resulting file should be named mozilla.cfg. Save that in the same directory as firefox.exe.

Last step: In C:\Program Files\Mozilla Firefox\greprefs\ there's a file called all.js. Open all.js in a
text editor, and add the following line at the end of it:
pref("general.config.filename", "mozilla.cfg");

Save, close, and start Firefox to test it.
ASKER CERTIFIED SOLUTION
Avatar of Dark_King
Dark_King

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of bereanbs

ASKER

Thank you for your help on this!  As it turns out, we've been moving forward with the changes manually.  With the exception of FireFox all of our workstation changes have been accomplished "automagically" with ZenWorks.  As we have completed the majority of sites at this time, with two more slated for tonight and one tomorrow night, I'm just going to have our onsite techs complete the FireFox proxy change.  However, this is likely to come in handy down the road, so I'll just file it away and pull it out when that time comes!

Thanks again!

Ted
Thanks.