Help

Keychain addition during imaging

jstrauss
Contributor

Posted on ‎01-26-2009 08:31 AM

Hey all,

Is there a way to add an entry to the Keychain during imaging with a script? Basically, I'd like to use one base image, but insert one of a few scripts somewhere that will add the client to a specified wireless SSID. Possible, or does the SSID have to be added to the keychain before taking a base image?

Thanks,

Jeffrey A. Strauss
Department of Educational Technology
Systems Administrator
Loyola High School of Los Angeles
1901 Venice Blvd.
Los Angeles, Ca 90006
(213) 381-5121 x265

Please consider the environment before printing this e-mail.

0 Kudos
4 REPLIES 4

tlarkin
Honored Contributor

Posted on ‎01-26-2009 08:43 AM

I have Apple Enterprise support and I tried doing this exact same thing. This is what I was told by Apple engineers in a nutshell. Using the
networksetup binary along with the security binary fill in fact add the
SSID you want and it will create a keychain, however there is no way to
input any kind of encryption key due to it's limitation. I was told by
them to just replace the whole system keychain, which can be packaged
with Composer and installed as a post image package.

here is the down side, it will over write any existing keychain thus
destroying anything the user has in place with their keychain. If you
sync user keychains I am not sure what would happen. I asked them to
forward it to development as a feature request.

If you can actually make it work I would love to know I came up with
dead ends and ended up creating a new package via Composer.


Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
blackberry: 913-449-7589
office: 913-627-0351

0 Kudos

milesleacy
Valued Contributor

Posted on ‎01-26-2009 08:52 AM

How secure does it have to be?
The following, as an "at reboot" script should do the trick.

networksetup -setairportnetwork <network> <password>

Of course, that means putting a password in a script, which shouldn't be
done lightly.

----------
Miles A. Leacy IV

? Certified System Administrator 10.4
? Certified Technical Coordinator 10.5
? Certified Trainer
Certified Casper Administrator
----------
voice: 1-347-277-7321
miles.leacy at themacadmin.com
www.themacadmin.com

0 Kudos

Bukira
Contributor

Posted on ‎01-26-2009 08:53 AM

So u want to add a wireless ssid to a computer with a password that the client doesn't have?

Rather than get each client to login to the ssid?

Is that right? So when they login the mac connects to the ssid with an existing password

Criss

0 Kudos

tlarkin
Honored Contributor

Posted on ‎01-26-2009 10:57 AM

That will not add in the encryption key into the keychain though, that
is the whole snag


Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
blackberry: 913-449-7589
office: 913-627-0351

0 Kudos