- Jamf Nation Community
- Products
- Jamf Pro
- Connect to Wifi using Identity via command line
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Connect to Wifi using Identity via command line
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-27-2014 01:03 PM
Hey JAMF Users,
We use EAP-TLS to connect to our corp wifi network. Im trying to figure out how to connect to it via command line.
MDM Wifi Certs - pushes the SCEP cert to the device to be set as the identity. This command will set the identity security set-identity-preference -c $user -s com.apple.network.eap.user.identity.wlan.ssid.Earth
Now how do I establish the connection using that identity. I've tried:
networksetup -setairportnetwork en0 Earth
But that doesn't work as expected.
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-27-2014 01:12 PM
I did something similar at my last job. I'm not sure if the -c is good for you, but in my case I used something like:
# Find installed certificates with the smime (digital signature) flag
cert=`security find-identity -p smime | sed '/Policy/,/Valid identities only/ d' | cut -d " " -f 4`
# Set the identity preference for the Earth wifi network:
echo "Setting identity preference for Earth"
security set-identity-preference -s com.apple.network.eap.user.identity.wlan.ssid.Earth -Z $certOptions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-27-2014 02:11 PM
That will set the identity, but how do you do the acutal connection. Like if you went to the GUI click Earth. Click EAP-TLS select the identity. and click connect. But through command line. Or maybe Im just not understanding lol
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-27-2014 03:53 PM
Oh sorry, I just power cycled the Wi-Fi interface.
wifi=`networksetup -listallhardwareports | awk '/Hardware Port: Wi-Fi/,/Ethernet/' | awk 'NR==2' | cut -d " " -f 2`
networksetup -setairportpower $wifi off
networksetup -setairportpower $wifi on
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-27-2014 03:56 PM
Pretty sure this can be done in a single profile (we do this for out computer cert wireless).
Basically, the profile includes BOTH the cert request & the wi-fi payloads.
In the Wi-Fi payload, set your auth type & you should have an option for an "identity" or "certificate"
You should then be able to select the cert in your Certificate payload.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-27-2014 05:47 PM
/url][/url">@bentoms][/url][/url, we have the same issue. I'm almost able to get it to work! Might need your assistance on it. Might post it to my "blog" *cough* [http://gatora1d.wordpress.com
I've been working on this one for a while, the issue is you can't do the identity through the payload. But for real guys, I'm almost able to get this to work, it's not something networksetup command line too is able to do. I'm having to use other means. Maybe and applescript to toggle the options, but I'm close.
*Edit: Almost done, having to write it in applescript so I can toggle the menu's accordingly....Should be done in the am.
