Jamf Nation Community

Yeah I think writes the hostname in here
/Library/Preferences/SystemConfiguration/preferences.plist
PlistBuddy should do it. I am trying to figure it out. As its quite a long
text file.

Definitely nothing to do with the trust bit though.

I think I needed to add Airport off and on flags for the script to work.

But still puzzled about
/Library/Preferences/SystemConfiguration/preferences.plist file
manipulation. I have managed to add the UserName as below. But I don’t
know what this number is AEB3DFF3-3BB6-4D24-9A9F-33001ADEBAA4 (some UUID I
believe)

/usr/libexec/PlistBuddy
/Library/Preferences/SystemConfiguration/preferences.plist -c "delete
Sets:AEB3DFF3-3BB6-4D24-9A9F-33001ADEBAA4:Network:Interface:en1:EAPOL:UserN
ame string "host/networksetup -getcomputername.mycompany.com""

Regards

Cem

TYPO Suppose to be *add flag not *delete

Well I have now decided to print
/Library/Preferences/SystemConfiguration/preferences.plist as txt. Then
grab the info.
/usr/libexec/PlistBuddy
/Library/Preferences/SystemConfiguration/preferences.plist -c "print Sets"

/private/tmp/copy.preferences.plist.txt

And first few lines reads like this.

Dict { AEB3DFF3-3BB6-4D24-9A9F-33001ADEBAA4 = Dict { Network = Dict { Service = Dict {

I now want to grab the Unique ID: "AEB3DFF3-3BB6-4D24-9A9F-33001ADEBAA4"
on the second line which also has 4 spaces in front.
How can I achieve this by using grep or sed? Or maybe some other method?

Thanks

Cem

Cem

Try this

defaults read /Library/Preferences/SystemConfiguration/preferences | grep -A 1 "^ {4}Sets" | tail -1 | cut -d """ -f 2

Sean

Mate you are a star :)
Works perfectly
Thanks!

Hmmm. I would think that should have worked.
This is my postflight script with companyWifi.networkConnect package.
Only issue I am having is the ${UID} still not working. Creates 0 under
Sets instead of putting the info under the UID

/usr/libexec/PlistBuddy
/Library/Preferences/SystemConfiguration/preferences.plist -c "add
Sets:${UID}:Network:Interface:en1:EAPOL:UserName string
"host/${computername}.mycompany.com""

Any ideas?

Also the reason I am using `networksetup -getcomputername` is `hostname`
returns with .local prefix.

Here is the full script

#!/bin/sh
## postflight

pathToScript=$0
pathToPackage=$1
targetLocation=$2
targetVolume=$3

computername=networksetup -getcomputername
UID:`defaults read /Library/Preferences/SystemConfiguration/preferences |
grep -A 1 "^ {4}Sets" | tail -1 | cut -d """ -f 2`

networksetup -import8021xProfiles AirPort
/private/tmp/companyWifi.networkConnect

/bin/sleep 3 #allow some time

networksetup -enablesystemprofile AirPort companyWifi

/bin/sleep 3 #allow some time

cp /Library/Preferences/SystemConfiguration/preferences.plist
/Library/Preferences/SystemConfiguration/preferences.plist_original_`date
+%M-%H-%m-%d-%y`

/usr/libexec/PlistBuddy
/Library/Preferences/SystemConfiguration/preferences.plist -c "add
Sets:${UID}:Network:Interface:en1:EAPOL:UserName string
"host/${computername}.mycompany.com""

networksetup -settlsidentityonsystemprofile AirPort
/${computername}.mycompany.com.pfx mypassword

/bin/sleep 3 #allow some time

exit 0 ## Success
exit 1 ## Failure

Cem

Basically all I am trying to achieve is to put the host/fqdn in to 802.1x
System Profile as attached screen grab
Is there smarter way of doing it? I want to do this without user
interaction.


scripting the creation of a per-client 'companyWifi.networkConnect' file
maybe the way to go?
Any suggestions regards command lines on how to add the host/fqdn into
UserName area while creating this?

You have two quotes after mycompany.com and a quotes before add and a quote before host! Is this right?

Sean

yes

ok I think I will be changing the strategy how to approach this. I think
manipulating the preferences.plist could be fatal. So I will edit the
'companyWifi.networkConnect' file instead. I will need to add the
following info into 'companyWifi.networkConnect' xml file. Line numbers
are 375 and 376. Also 5 tab keys or 20 space keys in front of each line.

<key>UserName</key> <string>host/fqdn</string>

you think this is doable?

or shall I look in to exporting the .networkConnect file individually per
Mac then import it back?

Promise I will share the outcome :)

Its all about using EAP-TLS & ACS and AD using Casper to set it up without
user interaction.

Cem

I've never used plistbuddy, but I don't believe this can be right.

Broken down, you have two quoted sections.

First:

"add
Sets:${UID}:Network:Interface:en1:EAPOL:UserName string
"

Second:

""

and in between these you have the following section not in quotes

host/${computername}.mycompany.com

I'm going to guess you were hoping that you had:

"host/${computername}.mycompany.com"

inside the other quotes, but you don't, it doesn't work like that! I'd try removing the quotes around the host line:

/usr/libexec/PlistBuddy
/Library/Preferences/SystemConfiguration/preferences.plist -c "add
Sets:${UID}:Network:Interface:en1:EAPOL:UserName string
host/${computername}.mycompany.com"

Sean

What is your goal with this script?

I have a script that sets a lot of those settings. It sets up a profile for a Login Window to use with wireless AD authentication. I'm including my script for reference. I know changes will need to be made, but hopefully it can guide you well enough.

----------------------------------
#!/bin/sh

# Define the plist files for easier reference...
EAPLoginWindow=/Library/Preferences/SystemConfiguration/preferences.plist

# Set up some variables...
wireless="WVU.Encrypted"
uuid=uuidgen
netuuid=uuidgen
setuuid=cat /Library/Preferences/SystemConfiguration/preferences.plist | grep /Sets/ | cut -c 16-51

# Delete the old settings
/usr/libexec/PlistBuddy -c "Delete :Sets:$setuuid:Network:Interface:en1:Airport" $EAPLoginWindow
/usr/libexec/PlistBuddy -c "Delete :Sets:$setuuid:Network:Interface:en1:EAPOL.LoginWindow" $EAPLoginWindow

# Configuring the Login Window settings...
/usr/libexec/PlistBuddy -c "Add :Sets:$setuuid:Network:Interface:en1:Airport dict" $EAPLoginWindow
/usr/libexec/PlistBuddy -c "Add :Sets:$setuuid:Network:Interface:en1:Airport:PowerEnabled bool true" $EAPLoginWindow /usr/libexec/PlistBuddy -c "Add :Sets:$setuuid:Network:Interface:en1:Airport:PreferredNetworks array" $EAPLoginWindow
/usr/libexec/PlistBuddy -c "Add :Sets:$setuuid:Network:Interface:en1:Airport:PreferredNetworks:0 dict" $EAPLoginWindow
/usr/libexec/PlistBuddy -c "Add :Sets:$setuuid:Network:Interface:en1:Airport:PreferredNetworks:0:SSID_STR string $wireless" $EAPLoginWindow
/usr/libexec/PlistBuddy -c "Add :Sets:$setuuid:Network:Interface:en1:Airport:PreferredNetworks:0:SecurityType string WPA2 Enterprise" $EAPLoginWindow
/usr/libexec/PlistBuddy -c "Add :Sets:$setuuid:Network:Interface:en1:Airport:PreferredNetworks:0:Unique Network ID string $netuuid" $EAPLoginWindow
/usr/libexec/PlistBuddy -c "Add :Sets:$setuuid:Network:Interface:en1:EAPOL.LoginWindow dict" $EAPLoginWindow
/usr/libexec/PlistBuddy -c "Add :Sets:$setuuid:Network:Interface:en1:EAPOL.LoginWindow:$uuid dict" $EAPLoginWindow
/usr/libexec/PlistBuddy -c "Add :Sets:$setuuid:Network:Interface:en1:EAPOL.LoginWindow:$uuid:EAPClientConfiguration dict" $EAPLoginWindow
/usr/libexec/PlistBuddy -c "Add :Sets:$setuuid:Network:Interface:en1:EAPOL.LoginWindow:$uuid:EAPClientConfiguration:AcceptEAPTypes array" $EAPLoginWindow
/usr/libexec/PlistBuddy -c "Add :Sets:$setuuid:Network:Interface:en1:EAPOL.LoginWindow:$uuid:EAPClientConfiguration:AcceptEAPTypes:0 integer 25" $EAPLoginWindow
/usr/libexec/PlistBuddy -c "Add :Sets:$setuuid:Network:Interface:en1:EAPOL.LoginWindow:$uuid:UniqueIdentifier string $uuid" $EAPLoginWindow
/usr/libexec/PlistBuddy -c "Add :Sets:$setuuid:Network:Interface:en1:EAPOL.LoginWindow:$uuid:UserDefinedName string $wireless" $EAPLoginWindow
/usr/libexec/PlistBuddy -c "Add :Sets:$setuuid:Network:Interface:en1:EAPOL.LoginWindow:$uuid:Wireless Network string $wireless" $EAPLoginWindow
/usr/libexec/PlistBuddy -c "Add :Sets:$setuuid:Network:Interface:en1:EAPOL.LoginWindow:$uuid:Wireless Security string WPA2 Enterprise" $EAPLoginWindow

/usr/libexec/airportd en1 prefs DisconnectOnLogout=Yes JoinMode=Automatic JoinModeFallback=Prompt RememberRecentNetworks=Yes RequireAdmin=Yes RequireAdminIBSS=Yes RequireAdminNetworkChange=No RequireAdminPowerToggle=Yes

/usr/sbin/networksetup -setairportpower airport on

# Add certificate to trusted list
security add-trusted-cert -d -r trustRoot -p eap -k "/Library/Keychains/System.keychain" "/private/var/tmp/cert.WVU.Encrypted.pem"

exit 0
----------------------------------

I can explain further if needed,
Scott

for Lion
https://jamfnation.jamfsoftware.com/discussion.html?id=4050