Is the common use of 'Add-ons' (on Firefox) recommended for terminal server installs?

I don't have documentation or anything authoritative here, but in general I would approach the topic of FF add-ons with some measure of caution where a terminal server is concerned. They will be going from the environment they were primarily designed for (single home user on a single PC) to one that is probably completely alien to them (multiple simultaneous users on a server OS). Depending on how the add-on was originally designed, they may or may not play nice in such an environment.

One approach might be to fire up filemon/regmon/whatever and then install/configure/run the add-on in a test environment. Keep a very close eye on what it does and how it does it. Only if you're satisfied that it keeps within the bounds of the currently logged on user, should you then provisionally OK it.

I would also advise the users that a TS is a shared service, and as such it is possible for the actions of one user to compromise or otherwise affect availability of some or all of the services on it for some or all of the other users. (A specific relevant example would be an FF add-on that leaks memory over time - it might be small enough to not even get noticed on a single user PC that's rebooted regularly, but on a ~100 user TS that's being used constantly it will build up quite fast indeed. Similarly one that doesn't leak but does have high RAM requirements would be mostly fine on a PC, but multiply that RAM requirement by 100 and what have you got? Big ouchies.) As a consequence, anything that you do green-light is subject to be withdrawn again at minimal notice.

If you are running Firefox on a terminal server I believe it is important to use something like firefoxadm to prevent users from installing extensions.

After you have properly tested an extension and you are sure that the extension is safe, I would suggest you use the -install-global-extension method to install the plugin system wide.

Why are people using firefox or any browser from a terminal server? Unless it's to get to some sort of intranet there isn't really a reason to hit a TS to surf the web. So to my mind the biggest No-No is using a browser in a terminal session. After all if they can hit the terminal server from somewhere presumably they can hit the internet directly as well. Given the plugins desired it seems like people are doing general websurfing from a session on a terminal server. I just don't see the need for that at all. Maybe I'm missing the point, but it seems like a waste of centralized resources when any workstation could be used instead.

That said if the plugin is useful for some sort of internal intranet thing that everyone needs well then I'd say test it extensively. If it doesn't have any sort of negative effect, or data sharing issues then have an admin install it for all users. Benchmarking the memory usage of Firefox before and after the installation of each plugin, and over extended session usage would be a good place to start. I would not be at all comfortable with having users have the ability to install their own.

I do not see a problem with installing addons for users.

We use a TS in our company (a shared server for both all users, both clerical and sw development), which includes Firefox, and have not had any issues so far.

Note that FF can install addons locally (for one user), or globally (for all). Local installs can be done by individual users, and should affect only them, so should not be a concern.

Global installs will obviously affect everyone, but make rolling out addons to everyone easier.

So my recommendation:

• If some users are asking for certain addons, just tell them to install them themselves via the Tools/Addons (that will be a local installation). If you are worried about problems, tell them that only certain addons are supported.
• If you want to install addons for everyone, install them globally. That way you can easily remove/update them later.

See this MozillaZine article for details: http://kb.mozillazine.org/Installing_extensions