Posted on 09-19-2017 02:38 PM
We currently deploy a wifi network to our school iPads via a configuration profile. It's a network with wpa2 encryption, but the password is pushed in the profile so users do not know the password.
In iOS 11, with Wifi sharing, if a user has access to a wifi network they can add that network to other devices without having to enter the password.
Does anyone know a way we can restrict wifi sharing - so users cannot put their own personal devices on the main wifi network?
Posted on 09-20-2017 02:29 PM
Our devices are all supervised. We haven't been able actually make the feature work. We are wondering if this feature doesn't work on devices that are either supervised or just enrolled in an MDM system. We haven't tested on an enrolled but unsupervised device yet.
There is also another posting about this as well as a feature request.
Posted on 09-26-2017 03:52 PM
In case anyone else is interested I got a reply back from @iPad_Sheriff on the feature request posting saying that it will work on supervised devices. In order for the feature to work, both devices need to be the same Bluetooth level, both devices need to have BT turned on, and the sending device needs to have the contact (Apple ID, phone number, etc.) of the receiving device in its Contacts list. The device already connected to the network has all the control in the situation; it will only be prompted to add another device to the network if you’re in the devices’s contacts. What I still don't know is if it will share a wifi password that has been placed on the device via a configuration profile.
Posted on 09-26-2017 06:47 PM
I tested it out today with a supervised DEP enrolled iPad and it successfully worked. The wireless (like yours) @avibloomsar is synced down via a profile.
It makes no difference whether the password was synced down via a profile. This is a big issue -- it is only inevitable that someone syncs it to their phone and then uses Keychain on a Mac to get the password.
The only way I have found to successfully stop this is to disable Airdrop on the devices.
Posted on 11-28-2017 09:34 PM
Hi,
I´ve got the same "problem" in all of our schools. The don´t want this new feature but must use AirDrop. The students are now able to connect their private devices to the schools Wi-Fi without knowing the password.
That´s not a feature for them :(
Would be great to have the option to disable this function on supervised devices.
Best Regards,
Christian
Posted on 12-15-2017 12:30 PM
We were never able to get it to replicate either but we have been banning hundreds of devices a week over the last few weeks is there a certain version of the OS that we know this works on versus doesn't work on. Our SE told us 10.1 or below but since I can't even get this to replicate on 11.0.1 devices I can't be certain. I have also been told it doesn't work on Supervised devices but then I see its working in our environment not sure what is right. Either way this just feels like another huge oversight by Apple in regards to Enterprise/Schools letting managed devices share a wifi password in either of those environments is just ridiculous.