Issue with auto-joining a hidden Wi-Fi network from Config Profile

clint_arndt
New Contributor II

Hello,

We are opening a new HQ office space and are using this as an opportunity to launch a new hidden corporate network (our executives won't budge on the network being hidden) with a new password that isn't shared with employees. The idea is that the only way to connect to the network is with the Profile we created in Jamf. I have already pushed this profile to all of our managed clients and today when an employee came to the space to see how the move progress was going I noticed that their machine did not automatically join the network. I'm a bit confused by this because our profile payload is set for this network to auto join. What's even more odd is after excluding this employee's machine from the profile and then redistributing to them, their machine connected as expected. Am I missing something with this profile payload? Does the profile only auto join the network if the network is present at the time the profile is installed?

7 REPLIES 7

larry_barrett
Valued Contributor

What kind of device?

clint_arndt
New Contributor II

This specific instance was with a 15in MacBook Pro but the profile is being deployed to all of our managed Macs.

larry_barrett
Valued Contributor

Is it possible the computer in question was on a guest network (or any other network at the original site) without access to your JAMF instance when you pushed out the profile? Just because you pushed it doesn't mean it was received and installed.

clint_arndt
New Contributor II

No when I noticed that they were not connected to the network I confirmed that the network payload was in System Preferences > Profiles. It's almost as if the network is not present at the time the profile is not installed, then macOS doesn't know what to do with it. I was able to get the machine to connect to the network in question by doing the following:

  • manually connected them to a temp network
  • removed the profile
  • re-added the profile

sdagley
Honored Contributor II

@clint.arndt You are correct, if the SSID your profile is trying to connect to isn't available when the profile is download it won't install the configuration for it.

clint_arndt
New Contributor II

@sdagley That's unfortunate, how would you work around this?

sdagley
Honored Contributor II

@clint.arndt It's kind of convoluted but you could have a script that is run by a Policy that’s triggered if the profile isn’t installed on a target machine that uses the airport tool to check for the presence of the SSID you’re looking for. If it’s present the script uses the Jamf Pro API to add the Mac to a Static Group that’s the target scope of your Wi-Fi Configuration Profile.

This of course requires the Mac have some network connectivity in the 1st place so it can communicate with your JSS.