Hello Jacob,

many thanks for your fast reply! I will try it right away, and will keep you informed!

Best regards,
Kevin

Hello Jacob,

in general, a script with all the adapters in the list, did run through successfully. Unfortunately, we can't tell which adapters our users might have. Is there a way to just order a few of the network adapters(our standards) and leave the rest in a random order?

Thanks and best regards,
Kevin

I believe you need to enter all of the services in the command or it errors out. You could, however, use the -listnetworkserviceorder option and store them in variables. From there, you could put them in the order you want. As long as you have at least one model of each type of device, you can find the possible service names and incorporate them into your script.

You will probably need to do some work parsing the output down to what you want, but it could look something like this:

ethernetService=$(networksetup -listnetworkserviceorder | grep "Ethernet")
wirelessService=$(networksetup -listnetworkserviceorder | grep "Wi-Fi")
networksetup -ordernetworkservices "$ethernetService" "$wirelessService"

Hello Jacob,

it did indeed give me an error,which was sorted out by adding all my current adapters:

Script result: An asterisk (*) denotes that a network service is disabled. (1) BearingPoint Office Access (Hardware Port: IPSec, Device: ) (2) BearingPoint Office Access Tunnel All (Hardware Port: IPSec, Device: ) (3) Wi-Fi (Hardware Port: Wi-Fi, Device: en0) (4) Thunderbolt Ethernet (Hardware Port: Thunderbolt Ethernet, Device: en2) (5) Thunderbolt Bridge (Hardware Port: Thunderbolt Bridge, Device: bridge0) (6) Bluetooth PAN (Hardware Port: Bluetooth PAN, Device: en3) (7) iPhone USB (Hardware Port: iPhone USB, Device: en4) (8) Infonova Office (Hardware Port: IPSec, Device: ) (9) Bluetooth DUN (Hardware Port: Bluetooth DUN, Device: Bluetooth-Modem)

I will try to follow your advice and keep you updated!

Many thanks!

Hello Jacob,

do you have any idea, where I can find out the service names of certain adapters? Wifi and Ethernet is clear for me, but do you know how to classify VPN Adapters and the other standard devices?

Thanks!

Jacob, you can view the man page for networksetup by entering

man networksetup

It contains a full list of flags & descriptions of what is available. The flag that will show you everything available on a given machine is -listallnetworkservices

Yes, the -listallnetworkservices will give you their names. If you want to see just the names, instead of the numbers, ports, device names, etc. Try this:

networksetup -listnetworkserviceorder | cut -d')' -f2 | sed '/^$/d' | sed '1d'

This will show just the names of the services for that computer.

Hello Chris, Jacob,

again, many thanks for your help. I've come so far by now:

Services=$(networksetup -listnetworkserviceorder | cut -d ')' -f2 | sed '/^$/d' | grep -viE '|Wi-Fi|Thunderbolt' | sed '1d' | sed 's/^.//' |sed 's/$/"/' | sed 's/^/"/' | tr " " " ")
networksetup -ordernetworkservices " Wi-Fi "Thunderbolt Ethernet" "Thunderbolt Bridge" "$Services"

Unfortunately it still gives me this error:

Executing Policy Change Network Service Order...
[STEP 1 of 1]
Running script Change Network Service Order...
Script exit code: 4
Script result: Wrong number of network services... No changes have been made. Note: Quotes must be used around service names which contain spaces (ie. "Built-in Ethernet"). ** Error: The parameters were not valid.

Do you have any idea, what might be wrong here?

Thanks!

Passing "$Services" will cause the list to expand to include everything on that machine - which you've already stated. Here's what I get after running the first part of your script:

Kemp-Mac-pro:~ ckemp$ echo $Services
"Ethernet 1" "Ethernet 2" "Bluetooth DUN" "FireWire" "Bluetooth PAN"

So the command, if I set it up like you have, would expand $Services to look like this:

networksetup -ordernetworkservices "BearingPoint Office Access" "BearingPoint Office Access Tunnel All" Wi-Fi "Thunderbolt Ethernet" "Thunderbolt Bridge" "Ethernet 1" "Ethernet 2" "Bluetooth DUN" "FireWire" "Bluetooth PAN"

A total of 10 network services - where the first part of the script shows that my machine only has 5.

If you're certain that the named network services all exist on your machines, then try removing $Services from the command.

Warning: TMI Ahead!

A more intricate approach would be: 1. Create the network services individually for each machine type;
1. Remove the existing ones (These steps are necessary because I found that you can't remove the last network service from the machine);
1. Set the order according to your script above.

I've done this on some of our Mac Pros here, where we want them to only have wired Ethernet access, disable everything else, and to set the order of interfaces according to which network stack we want them to use. It takes a bit of futzing around to get things sorted, but once it is there it works great, so long as you account for every network device.

Hello Chris,

thanks for the update. Unfortunately, as we have currently 1000 active MacBook Airs, the solution of removing existing network services and replacing them in the correct order, won't be applicable, as there might be users who already added client VPNs etc.

We are working on a different solution at the moment, and will keep you informed.

Thanks for your help!

It's a bit messy, but you could try something like this:

# Find out how many services are on the device
numberOfServices=$(networksetup -listnetworkserviceorder | cut -d')' -f2 | sed '/^$/d' | sed '1d' | sed -e 's/^[ 	]*//' | wc -l)
echo $numberOfServices

# Save each service into a variable
serviceOne=$(networksetup -listnetworkserviceorder | cut -d')' -f2 | sed '/^$/d' | sed '1d' | sed -e 's/^[ 	]*//' | awk NR==1)
serviceTwo=$(networksetup -listnetworkserviceorder | cut -d')' -f2 | sed '/^$/d' | sed '1d' | sed -e 's/^[ 	]*//' | awk NR==2)
serviceThree=$(networksetup -listnetworkserviceorder | cut -d')' -f2 | sed '/^$/d' | sed '1d' | sed -e 's/^[ 	]*//' | awk NR==3)

# Add quotes to each service
serviceOneInQuotes=$(echo ""$serviceOne"")
serviceTwoInQuotes=$(echo ""$serviceTwo"")
serviceThreeInQuotes=$(echo ""$serviceThree"")

# Use the quoted one in the command
echo $serviceOneInQuotes
echo $serviceTwoInQuotes
echo $serviceThreeInQuotes

networksetup -ordernetworkservices $serviceTwoInQuotes $$serviceThreeInQuotes

I haven't tested it or anything, but maybe it could give you some more ideas...

@Kevin.mueller][/url, the method I described is best done when a system is newly set up, or at least when the interfaces are predictable.

Good that you found a solution though!

Hi there,
Hope you're all fine and safe. From my company we're trying as well to correctly manage our network service order interface, within a solution similar than @Kevin.mueller][/url was mentioned was working for him but unfortunately we're continuously getting the error above reported on this same thread, regarding to Wrong number of network services... No changes have been made.
Note: Quotes must be used around service names which contain spaces (ie. "Built-in Ethernet").
Error: The parameters were not valid.
exit 0
Note: Quotes must be used around service names which contain spaces (ie. "Built-in Ethernet").
Error: The parameters were not valid.
exit 0
I was wondering if any of you guys, could you guide me about how to get this issue sorted out. So basically below is my current code and the output we're getting once executed the sh.
set -x

this is the list of networks that are , in order, going to be forced to be on top of the list of the service order.

declare -a preordered=(""LEWIS VPN – EU - Antwerp"" ""LEWIS VPN – EU – Barcelona"" ""LEWIS VPN – EU – Dusseldorf"" ""LEWIS VPN – EU – Eindhoven"" ""LEWIS VPN – UK – London"" ""LEWIS VPN – EU – Madrid"" ""LEWIS VPN – EU – Milan"" ""LEWIS VPN – EU – Paris"" ""LEWIS VPN – US – Boston"" ""LEWIS VPN – US – San Diego"" ""LEWIS VPN - US - San Francisco"")

this is gathering the list of existing network services, excluding the ones above , preserving the order

declare -a existingservices=($(networksetup -listnetworkserviceorder|grep ') '|grep -v asterisk|grep -v "LEWIS VPN"|grep -v "Wi-Fi"|sed -e 's/[(][0-9][)] //' | xargs -I{} echo "{}" ))

combining the two lists , preserving the order

declare -a new=("${preordered[@]}" "${existingservices[@]}")

creating a script to enforce the new order of services

echo networksetup -ordernetworkservices "${new[@]}" Wi-Fi | bash

exit 0

EnforceNetworkOrder1703.sh

LEWIS VPN – EU – Antwerp

LEWIS VPN – EU – Barcelona

LEWIS VPN – EU – Dusseldorf

LEWIS VPN – EU – Eindhoven

LEWIS VPN – EU – Madrid

LEWIS VPN – EU – Milano

LEWIS VPN – EU – Munich

LEWIS VPN – US – San Diego

LEWIS VPN – US – San Francisco

LEWIS VPN – UK – London

LEWIS VPN – US – Boston

Updated by Iñaky Martinez Goyanes on 18/03/2020.

---

lewis@MADLPT-SPARE001 ~ % sh ~/Desktop/EnforceNetworkOrder1703.sh
preordered=(""LEWIS VPN – EU - Antwerp"" ""LEWIS VPN – EU – Barcelona"" ""LEWIS VPN – EU – Dusseldorf"" ""LEWIS VPN – EU – Eindhoven"" ""LEWIS VPN – UK – London"" ""LEWIS VPN – EU – Madrid"" ""LEWIS VPN – EU – Milan"" ""LEWIS VPN – EU – Paris"" ""LEWIS VPN – US – Boston"" ""LEWIS VPN – US – San Diego"" ""LEWIS VPN - US - San Francisco"")
declare -a preordered
existingservices=($(networksetup -listnetworkserviceorder|grep ') '|grep -v asterisk|grep -v "LEWIS VPN"|grep -v "Wi-Fi"|sed -e 's/[(][0-9][)] //' | xargs -I{} echo "{}" ))
networksetup -listnetworkserviceorder
grep ') '
grep -v asterisk
grep -v 'LEWIS VPN'
grep -v Wi-Fi
sed -e 's/[(][0-9][)] //'
xargs '-I{}' echo '"{}" '
declare -a existingservices
new=("${preordered[@]}" "${existingservices[@]}")
declare -a new
echo networksetup -ordernetworkservices '"LEWIS VPN – EU - Antwerp"' '"LEWIS VPN – EU – Barcelona"' '"LEWIS VPN – EU – Dusseldorf"' '"LEWIS VPN – EU – Eindhoven"' '"LEWIS VPN – UK – London"' '"LEWIS VPN – EU – Madrid"' '"LEWIS VPN – EU – Milan"' '"LEWIS VPN – EU – Paris"' '"LEWIS VPN – US – Boston"' '"LEWIS VPN – US – San Diego"' '"LEWIS VPN - US - San Francisco"' '"Thunderbolt' 'Ethernet"' '"Bluetooth' 'PAN"' '"Thunderbolt' 'Bridge"' Wi-Fi
bash
Wrong number of network services... No changes have been made.
Note: Quotes must be used around service names which contain spaces (ie. "Built-in Ethernet").
** Error: The parameters were not valid.
+ exit 0

My suspect is something involved with simple quotes that are being added as part of my $existingservices variable, but not sure, and starting to feel lost with this workaround, any comment or guidance would be really appreciated.

Cheers,
Iñaky