Push Configuration Profile to OSX w/ limitation

New Contributor III

Hello, I need to push out a new WiFi configuration to OSX hosts. It has a some certificates generated from an internal host, so this policy can only be deployed when machines are on our internal office network. If these are deployed when the systems are at home, they fail and it causes a mess.

My thought was to scope the configuration profile to a pre-defined group of users. I would then add a network segment as a limitation, so it would only be installed while machines are on our internal network. This worked fine, until the machine traveled outside of that scoped network segment. The machine then falls out of scope, and is removed. Ugh.

Has anyone suggestions on getting around this?