Our school uses MAC filter to assign SSID's to iPads (and to block unknown devices from wifi, etc.). iOS 14 wifi per default uses Private Address, which causes problems on new devices and devices which just have been wiped (updates devices seem to work fine), because since they use private address, our MAC filter doesn't recognise them anymore (until you manually disable private address). Request: disable private address. Thnx!
check out this thread...it's an Apple feature. Short version: Jamf implemented what Apple put in the MDM spec...Apple's checkbox disables MAC address randomization, but doesn't make the switch in Settings immutable...Apple is the one who needs to fix it. I feel your pain because we are in the same boat: https://www.jamf.com/jamf-nation/feature-requests/9733/change-private-address-setting-via-profile-on-ios-14
@blackholemac While I have seen the setting in Intune (server-side), I haven't seen how it looks once applied on a production iOS 14 device yet. Didn't realize that an end-user could still toggle it manually (I assumed the setting would be greyed-out/immutable).
Update: I am seeing the same behavior as you are. Users can toggle the 'Private Address' setting if they want (Assuming the drill deep enough into the wi-fi network settings.)
From Apple: iOS 14.2 beta 4 has it set so an end user cannot modify this in the GUI when set. My recent observations: Unfortunately, I tried to set the setting through Jamf profiles while the device was still on iOS 13.x. When the device was upgraded, it did NOT take. HOWEVER, when wiped and on iOS 14.2 beta 4 natively, it worked.
@blackholemac I'm seeing the same thing. I have 200+ iOS devices on iOS 13 (in Intune and Jamf - long story) that are getting updated to iOS 14 at the user's discretion (IT doesn't currently enforce an OS policy) and NONE of them appear to be honoring the profile setting after the update.
I see only 4 options for us:
-New devices iOS 14 will be managed correctly. Example: new iPhone 12s that are getting ordered/deployed (with iOS 14).
-IT staff sets the Private Address manually for the end-users (or trains users how to do it via a KB article etc).
-IT wipes all managed devices and installs iOS 14 clean then re-enrolls into MDM. Nope!
-Scope the profile to only iOS devices running iOS 14? This wont work for me in Intune due to the way our wi-fi profiles are configured.
COVID-19 makes this situation worse. IT has no idea what users will be on-site (and need wi-fi) and who doesn't.
This is gonna be ugly.
I guess I am missing something. Where is this setting found? I am running 14.2 and have Disable MAC Address Randomization checked but the end user can still turn it back on. It there a restriction I need to set somewhere to make it immutable?