Hi,
I am still battling to automate EAP-TLS 802.1x for mac OS 10.6. Initially
I wanted to implement this zero user interaction. But broken command line
(confirmed by Apple this command doesn't work after 10.6.4)"networksetup
-settlsidentityonsystemprofile" (sample as below) is a show stopper.
networksetup -settlsidentityonsystemprofile AirPort
/$computername.yourcompany.com.pfx somepassword
BTW I have got it working User level 802.1x user profile and all seems to
work rather smooth. But we have experienced unstable connection and
requires users to click connect very now and then (not ideal user
experience). So we went back to drawing board again to use system level
(802.1x System Profile).
This is where I have stuck:
I want to automate pfx (same as p.12) formatted computer cert to be
assigned to 802.1x system profile. It only works in GUI. Her are the
buttons I have click to get this to work:
Open Network Preferences => Airport => Advanced => 802.1x => Select System
Profile => Select TLS => click to "Configure..." radio button
After clicking "Configure..." radio button it prompts for admin username
and password. Then all works.
I have tried Apple Script but only get it to work to open 802.1x Tab.
tell application "System Preferences"
activate
set the current pane to pane id "com.apple.preference.network"
get the name of every anchor of pane id "com.apple.preference.network"
reveal anchor "Advanced Airport" of pane id "com.apple.preference.network"
tell application "System Events"
tell application process "System Preferences"
click radio button 5 of tab group 1 of sheet 1 of window "Network"
end tell
end tell
end tell
I can't get these lines to work for click "Configure..." button to select
the cert.
select text field 1 of row 2 of outline 1 of scroll area 1 of tab group 1
of sheet 1 of window "Network"
select text field 1 of row 1 of table 1 of scroll area 1 of group 1 of
tab group 1 of sheet 1 of window "Network"
click button "ConfigureŠ" of group 1 of tab group 1 of sheet 1 of
window "Network"
Is there a more elegant way to get this automated? Including without admin
credentials pop up window.
Thanks for looking.
Cem
