Remove Wireless Network (SSID)

I am attempting to remove our guest wireless network (SSID) using WPA2 personal from all machines in my environment. I have scoured through JAMF Nation, in search of posts looking to achieve the same. I was able to find a handful of useful discussions but none were fully applicable to my current requirement.

Some posts had suggested achieving this in a configuration profile and supplying a bogus password so the machine is never able to connect to the network. I would like to remove the guest wireless network from all machines rather than fully implementing an all out ban from ever connecting to it again. In short, I'd like to accomplish the following:

Create a smart computer group which inventories all machines with the guest network SSID. That is, all machines that have the guest network saved as a preferred network.

Remove the SSID from all machines in this smart computer group.

Please let me know what your thoughts are and if this is best approached with an extension attribute and/or script. Thanks!

Page 3 / 3

I’ve been using my script (posted above) to prune the list of remembered SSIDS in Ventura with no problems. The core commands should still work.

TY. Rereading this post and I'm thinking it's my fault. Really appreciate your reply.

@sepiemoini If you want to only scope the SSID removal to a Smart Group, then I suggest splitting the script up into 2 discrete scripts.
One would be the EA script, so its capturing the list of saved wireless entries:

#!/bin/sh



##Get the wireless port ID

WirelessPort=$(networksetup -listallhardwareports | awk '/Wi-Fi|AirPort/{getline; print $NF}')



##Collect new preferred wireless network inventory and send back to the JSS

PreferredNetworks=$(networksetup -listpreferredwirelessnetworks "$WirelessPort" | sed 's/^   //g')



echo "<result>$PreferredNetworks</result>"

Then create a Smart Group that would use a "Like" operator to gather any machines that have the specified SSID for removal in their results.
Create a policy that runs the following separate script on it:

#!/bin/sh



##Get the wireless port ID

WirelessPort=$(networksetup -listallhardwareports | awk '/Wi-Fi|AirPort/{getline; print $NF}')



##Run a SSID removal if its present

networksetup -removepreferredwirelessnetwork $WirelessPort <WirelessSSID> 2>/dev/null

And use the Smart Group you created before as its scope. Have it run on whatever frequency you want. Important to remember to gather new inventory after it all runs, so hopefully the preferred wireless list will no longer contain the offending SSID and the Mac will fall out of the Smart Group.

Hi is it possible for an SSID not to show even in my wifi list ?

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded