Help

Re-installing a 802.1x configuration profile

yurypanasyuk
New Contributor III

Posted on ‎03-23-2017 09:34 PM

Hello,

I am looking for help on re-installing a single wifi config profile using bash. This is what I have currently. It works fine but at the beginning I get this prompt, "Enter the profile removal password:". I just press 'Enter' since there is no password. Anyway of bypassing this or a way to script in the 'Enter' key ('expect' command possibly?) Ive tried re-installing the config profile by profile identifier and from the profile file. Same outcome. =/

#!/bin/bash

WIFI_PROFILES=$(sudo /usr/bin/profiles -P | grep -c 'WiFiv4')
GMID=$(sudo /usr/bin/profiles -Lv | awk '/attribute: name: / && /WiFiv4/,/attribute: profileIdentifier:/' | awk '/attribute: profileIdentifier:/ {print $4}')

if [[ $WIFI_PROFILES == "1" ]]; then
sudo profiles -R -p $GMID
sudo profiles -I -F /Library/Security/configuration_profiles/WiFiv4.mobileconfig
fi
0 Kudos
6 REPLIES 6

alexjdale
Valued Contributor III

Posted on ‎03-24-2017 09:53 AM

Does the profile have a null password entry? Is " PayloadRemovalDisallowed" set to true? I can't think of any reason why it would need a password. You could try passing it "" as a password with the -z option.

0 Kudos

mm2270
Legendary Contributor III

Posted on ‎03-24-2017 09:57 AM

Yeah, like @alexjdale mentioned, unless there is a password for removal set or some other key in the config, it really shouldn't prompt for a password. I assume the script is being run as root or with sudo privs, right?
How was the profile installed by the way? From a script using a local .mobileconfig file, or was it pushed over MDM?

0 Kudos

yurypanasyuk
New Contributor III

Posted on ‎03-24-2017 01:34 PM

Im not an admin for JSS but im pretty sure the profiles are installed during our provisioning process. Installed from a folder not pushed over MDM. And yes running with sudo.

Still getting an error.

"profiles uninstall for identifier:'-z' and user:'root' returned -205 (Unable to locate configuration profile.)"

Command i changed: sudo /usr/bin/profiles -R -p -z "" $GMID

If i remove the -z flag then it prompts me for the password. Strange. =/

0 Kudos

alexjdale
Valued Contributor III

Posted on ‎03-24-2017 01:51 PM

You would need to put the -p right before the $GMID, you put the -z flag and password entries between them.

0 Kudos

yurypanasyuk
New Contributor III

Posted on ‎03-24-2017 02:16 PM

Still asks for removal password.

0 Kudos

yurypanasyuk
New Contributor III

Posted on ‎03-24-2017 02:22 PM

Figured it out! Instead of just doing double quotes for a blank password i put in random text and it just works! lol Not sure whats up but that does it.

0 Kudos