Jamf Nation Community

I just started using it yesterday from the new resource kit and it working for me. I am joining a WPA2 network

this looks like the thing. One question though... I want to make sure I am parsing this correctly.

usd500_wpa is the SSID of the network your joining correct?

I wrote it out as: /usr/sbin/networksetup -addpreferredwirelessnetworkatindex Airport TA_Faculty 0 WPA2 mypassword

thanks for the help :-)

the really odd thing is it looks like the resource kit script should work.... I wonder if adding the script to my configuration at time of imaging is the wrong approach.

............................................................
My life has no purpose, no direction, no aim, no meaning, and yet I'm happy. I can't figure it out. What am I doing right? --Charles M. Schulz (1922 - 2000)

Eric Young
eyoung at thayer.org

here's a pro tip. a wireless network has to actually be there for a script joining a machine to it to work.

Through a series of miscues with a vendor I was doing my re-imaging in a building that had not gone live yet :-

/////////////////////////////////////
Conscience is the inner voice which warns us that someone may be looking.
- H.L. Mencken

Eric Young
eyoung at thayer.org

Yeah it is, the SSID. I literally copy/pasted it from my script and changed the password only

Hi all,
Is there a way to add your 80211x profile info user name into this script? I currently have an exported config file (.networkconnect) from 10.6 with all the right settings for 80211x saved but it requires you to click on a few buttons to install properly. I had made an automator script to make it happen relatively easily by clicking and waiting for it to join then quit and throw itself away but I can't find an easy way to make it run during the imaging process.

Gabe Shackney
Instructional Technology Specialist
Princeton Regional Schools

Not sure if this will help you, but the method I used is outlined in this post:

https://jamfnation.jamfsoftware.com/discussion.html?id=2208

With that method once you login, or turn on wi-fi, you are prompted to enter your credentials. Not sure if that's what you are looking for or not.

Steve

I filed a bunch of bugs (and burned one of our engineering incidents) with Apple regarding regressions in 802.1x support in 10.6 that were not fixed until 10.7.

Be very careful esp. with Login Profiles.

What I ended up doing for 10.6 is effectively adding a user to AD whose only permission/right is authenticating to the 8021x network.

I created a System Profile with this user and exported that from the GUI including the cert. when prompted.

Then I copy that to the machine at imaging time and I have a script that merely does this...

networksetup -import8021xProfiles Airport "/Airport.networkConnect" && rm "/Airport.networkConnect"

For deployment to a machine that is already on a non 8021x SSID I came up with this. I would make some changes to it now that I have learned a bit more about scripting but it worked. ;)

#!/bin/bash

# I found a better way to do this with importing and exporting network settings in 10.6


# Set variable to the interface that 'AirPort' lives on
INTERFACE=`networksetup -listallhardwareports | grep -A 1 AirPort | grep Device | awk {'print $2'}`

# Turn AirPort card on if off
while [ `networksetup -getairportpower $INTERFACE | awk {'print $4'}` = "Off" ]; do
    networksetup -setairportpower $INTERFACE on
    sleep 5
done

NETWORK=`networksetup -getairportnetwork $INTERFACE | awk {'print $4'}`
ADDRESS=`ipconfig getifaddr $INTERFACE`

if [ -a /AirPort.networkConnect ]; then # Look for config file
    CONFIG_FILE=/AirPort.networkConnect
else
    echo -e "/Airport.networkConnect was not found"
    if [ "$NETWORK" = "GBHSD" ]; then   # Check if 802.1x is already setup
        if [ `echo "$ADDRESS"| grep -c 169.254.` -eq 0 ]; then
            if [ `echo "$ADDRESS"| grep -c failed` -eq 0 ]; then
                echo "802.1x looks like it is setup!"
                exit 0
            fi
        fi
    fi
    jamf policy -trigger 8021x
    sleep 10
    if [ -a /AirPort.networkConnect ]; then
        CONFIG_FILE=/AirPort.networkConnect
    else 
        echo "The config file did not come down from Casper in 10 seconds or less!"
        exit 3
    fi
fi

networksetup -removeallpreferredwirelessnetworks $INTERFACE

networksetup -import8021xProfiles AirPort $CONFIG_FILE

networksetup -setairportnetwork $INTERFACE GBHSD

rm "$CONFIG_FILE"

/usr/bin/osascript << EOF
tell application "Finder"
        activate
        display dialog "We have just set up a new wireless network for increased security. Please logout and login again at your earliest convenience to take advantage of this new service." & return & "x4555" buttons {"OK"} with icon caution
end tell
EOF

exit 0

EDIT: minor changes ---

replace all `` Command Substitutions with $()
make all variables lower case
fix the big pipeline for assigning $interface at beginning
switch from [ to [[ to clean up some then unneeded quoting