Help

Delay Policy Success Reporting

johnnasset
Contributor

Posted on ‎12-08-2014 01:41 PM

We have a number of clients who are connecting to our guest network while logged in to an AD account and as a result, can not log back in to the machine until it is plugged into an ethernet port. Here is the script I'm using to clean up the preferred network list and require admin privs to change networks:

#!/bin/sh

#Determines Wi-Fi Interface, clears out all preferred networks and re-add's hsd2

wifi=`/usr/sbin/networksetup -listallhardwareports | grep -A 1 Wi-Fi | grep Device | awk '{print $2}'`

networksetup -removeallpreferredwirelessnetworks $wifi

networksetup -setairportpower $wifi off

networksetup -setairportpower $wifi on

networksetup -addpreferredwirelessnetworkatindex $wifi hsd2 0 WPA2 somepasswordhere

networksetup -setairportnetwork $wifi hsd2 

sleep 20

/usr/libexec/airportd prefs RequireAdminNetworkChange=YES

sleep 20

This is placed at /Library/Application Support/JAMF/bin and then executed with an sh command within the policy. The script is executing perfectly for those devices on the guest network. They will drop all preferred networks and reconnect back to the hsd2 network, however the JSS is reporting the script as failed, which I'm guessing is due to the network connection being severed while the policy is running. Here is a sample error log:

Executing Policy Wi-Fi Cleanup...
Downloading https://xxx.xxx.org/CasperShare/Packages/WiFiCleanup.dmg...
Error: Could not connect to the HTTP server to download WiFiCleanup.dmg
Retrying using distribution point Minixserver...
Downloading https://xxy.xxy.org/CasperShare/Packages/WiFiCleanup.dmg...
Verifying DMG...
Verifying package integrity...
Installing WiFiCleanup.dmg...
Closing package...
Running command sh /Library/Application Support/JAMF/bin/WiFiCleanup.sh...
Result of command:
Removed the preferred networks list for en1
Security type is set to: WPA2 Personal
Added hsd2 to preferred networks list
Failed to join network hsd2.
Error: -3905 The operation couldn’t be completed. (com.apple.wifi.apple80211API.error error -3905.)Failed to join network hsd2.
Error: -3905 The operation couldn’t be completed. (com.apple.wifi.apple80211API.error error -3905.)Failed to join network hsd2.
Error: -3905 The operation couldn’t be completed. (com.apple.wifi.apple80211API.error error -3905.)
The results of this policy were not logged at the time of execution.
The actual execution time was Mon Dec 8 11:16:50 MST 2014.

Is there any way other than the sleep command to delay the reporting back to the JSS so I don't get these erroneous failure logs?

Thanks,
John

0 Kudos
Reply
1 REPLY 1

davidacland
Honored Contributor II

Posted on ‎12-08-2014 02:05 PM

The only alternative I can think of is to only have the policy deliver the script, but not actually run it. A LaunchDaemon could be watching the folder and when the script appears, automatically run it. The downside is that its getting around the reporting issue by not reporting.

I would go with a sleep delay and see if that works better.

0 Kudos
Reply