Skip to main content
Question

Re-installing a 802.1x configuration profile

  • March 24, 2017
  • 6 replies
  • 31 views
Y
Forum|alt.badge.img+5

Hello,

I am looking for help on re-installing a single wifi config profile using bash. This is what I have currently. It works fine but at the beginning I get this prompt, "Enter the profile removal password:". I just press 'Enter' since there is no password. Anyway of bypassing this or a way to script in the 'Enter' key ('expect' command possibly?) Ive tried re-installing the config profile by profile identifier and from the profile file. Same outcome. =/

#!/bin/bash

WIFI_PROFILES=$(sudo /usr/bin/profiles -P | grep -c 'WiFiv4')
GMID=$(sudo /usr/bin/profiles -Lv | awk '/attribute: name: / && /WiFiv4/,/attribute: profileIdentifier:/' | awk '/attribute: profileIdentifier:/ {print $4}')

if [[ $WIFI_PROFILES == "1" ]]; then
sudo profiles -R -p $GMID
sudo profiles -I -F /Library/Security/configuration_profiles/WiFiv4.mobileconfig
fi

6 replies

A
Forum|alt.badge.img+18
  • alexjdale
  • Contributor
  • March 24, 2017

Does the profile have a null password entry? Is " PayloadRemovalDisallowed" set to true? I can't think of any reason why it would need a password. You could try passing it "" as a password with the -z option.

mm2270
Forum|alt.badge.img+24
  • mm2270
  • Legendary Contributor
  • March 24, 2017

Yeah, like @alexjdale mentioned, unless there is a password for removal set or some other key in the config, it really shouldn't prompt for a password. I assume the script is being run as root or with sudo privs, right?
How was the profile installed by the way? From a script using a local .mobileconfig file, or was it pushed over MDM?

Y
Forum|alt.badge.img+5
  • yurypanasyuk
  • Author
  • Contributor
  • March 24, 2017

Im not an admin for JSS but im pretty sure the profiles are installed during our provisioning process. Installed from a folder not pushed over MDM. And yes running with sudo.

Still getting an error.

"profiles uninstall for identifier:'-z' and user:'root' returned -205 (Unable to locate configuration profile.)"

Command i changed: sudo /usr/bin/profiles -R -p -z "" $GMID

If i remove the -z flag then it prompts me for the password. Strange. =/

A
Forum|alt.badge.img+18
  • alexjdale
  • Contributor
  • March 24, 2017

You would need to put the -p right before the $GMID, you put the -z flag and password entries between them.

Y
Forum|alt.badge.img+5
  • yurypanasyuk
  • Author
  • Contributor
  • March 24, 2017

Still asks for removal password.

Y
Forum|alt.badge.img+5
  • yurypanasyuk
  • Author
  • Contributor
  • March 24, 2017

Figured it out! Instead of just doing double quotes for a blank password i put in random text and it just works! lol Not sure whats up but that does it.

Terms & ConditionsCookie settingsAccessibility statement