Posted on 08-08-2018 07:10 AM
Hey all,
So in setting up class link, I need to be able to push an extension to all managed computers in Safari, Firefox and Chrome. Chrome we can push it once they log in with their google account, but I'm not finding anything with Safari or Firefox that allows the installation of extensions remotely.
Anyone have any thoughts?
Gabe Shackney
Princeton Public Schools
Posted on 08-08-2018 12:16 PM
Posted on 08-08-2018 12:23 PM
@gshackney @bentoms definitely had/has something written up around Safari extensions and pushing those through Jamf, but if my memory serves me, this is no longer an option after Apple put the kibosh on that with new security restrictions. Safari extz can no longer be packaged up and deployed to clients. They have to come from and be installed from the approved Apple Safari extensions page now.
I can't help you with Firefox add-ons as I really don't use add ons with it.
Posted on 08-08-2018 01:23 PM
Thanks! I kinda figured as much. Since we are going to continue on 10.12.6 for this year I hoped that we could still bypass that security piece. I think I have Firefox worked out for computers getting re imaged, its just trying to push it to staff with existing preferences thats difficult. I guess I will make a self service piece.
Gabe Shackney
Princeton Public Schools
Posted on 01-24-2020 08:42 AM
@gshackney Was a solution ever found for this? Im trying to push a Firefox Extension.
Posted on 01-24-2020 10:01 AM
I bundled it up using composer for new users. Didn’t find a good way to deal with existing users though.
Gabe Shackney
Princeton Public Schools
Posted on 01-24-2020 10:28 AM
You want to install Chrome extensions using Chrome policies: https://cloud.google.com/docs/chrome-enterprise/policies/?policy=ExtensionInstallForcelist
For Firefox, you want to use the distribution directory described here https://support.mozilla.org/en-US/kb/deploying-firefox-with-extensions. Also see https://blog.mozilla.org/addons/2019/10/31/firefox-to-discontinue-sideloaded-extensions/
I gave up on trying with Safari's keychain.
Posted on 01-25-2020 09:13 AM
Yes, I would expect side loading of extensions, without some sort of default setting modification in the browser, to go away due to security risks in all major browsers over the next two years. It's an easy way to insert malware payloads. Also, some vendors are taking advantage of these extension loading loopholes as well:
These sort of abuses are why we can't have nice things.