Skip to main content

I have just upgraded a clients casper to 8.7. Now none of the Macs will join the wireless.



We have system 802.11 Profile. Profile is populated with a default wireless account details, certificate and proxy.



I have tried to recreate the profile with a new version, but fails to deploy with error "Profile missing information". Created the profile with IPCU and works fine on a unmanaged machine. As soon as I install the profile on a managed machine I get the same error from the command line.



I have also tried enrolling machine in they're testing casper server which is still 8.64 and profiles work fine.



Anyone else seen this? Also is it possible to role back the JSS server?

Try pushing blank profile (I mean profile without any payloads). See this works.
If it doesn't then refresh the self signed TomCat Cert (I presume you are using this method)



Rolling back JSS is not recommended do not do it.

What security settings are you using for Wireless? TLS? Are you using a machine certificate for wireless obtained through Active Directory?

Cem, I have tried all those. Even with a manually created IPCU wireless profile it works fine, until I enroll the device. As soon as the mdm profile arrives the wireless stops working. However the same process on 8.64 and all still works.



Colonelpanic, We are using peap with a wildcard Cert.

Gotcha, no problem with profile reaching deployment then...
Perhaps the variable handling may have changed. Is there any variables you are using within profile's Wi-Fi payload (ie Username $COMPUTERNAME etc...)?
Another thing to look at is the certificates. Make sure you can see them in the Keychain.
Also check your RADIUS logs and local Mac logs to identify why the Authentication is failing.



BTW we are still using 8.64 so I didn't have a chance to test the 8.7 as yet.

I am glad I ran across this thread before I updated to 8.7. I spoke to JAMF and they are aware of this defect.
"Deploying 802.1x Wifi Configuration Profiles D-003930"

Cheers Andy for speaking with JAMF.



Being in Australia its always hard to log stuff and speak with JAMF. Time Zones and all that

thanks AndyBeaver... I will hold on to 8.64 till Casper9 I think :)

Is this fixed in 8.71 or 9.0 as we are on 8.7 and Im not sure if i have the same issue but my IPCU profile with customised XML to add in 



<key>SetupModes</key>

            <array>

                <string>System</string>

                <string>Loginwindow</string>

            </array>


Works fine but when I import it to casper 8.7 It strips the System bit out, My ACS Auth goes



Machine is in AD so auths and drops into one subnet,
User then can login at login window and if the user is a staff member the machine changes into another subnet, Student into another



The reason we do the machine first is beause BYOD, If you a
AD Joined machine with no user Subnet A
Staff + AD joined machine you get Subnet B
Student + AD joined machine you get Subnet C
Staff and students on their own machine Subnet D



The ACS is configured so that if your coming from a machine auth you get treated differently to a cold user join to the SSID

Terms & ConditionsCookie settings