Posted on 09-28-2022 10:00 AM
Hi all,
I'm having two challenges and I need to find a solution. I would like this solution to be native. That is, I know there is a solution that uses the macadmin-python. I'd like to avoid that if possible and find a solution within Jamf Pro or the scripting framework built into macOS 12.3. Here's my challenges:
1. when I add an 802.1x network profile using the Configuration profiles in Jamf Pro, it places the network at the BOTTOM of the list of preferred networks.
2. I have not been able to find a scripting solution other than the macadmin-python script in many other Jamf nation posts about this topic.
Does anyone have any other solutions? This really is challenging because our users are not connecting to the proper Wi-Fi network (Employee 802.1x) and employees are so insistent on adding the Guest and BYOD to their school laptop.
Posted on 09-28-2022 10:24 AM
@ralvarezOES I don't know of any mechanism that allows calling Objective-C code from a sh/bash/zsh script as can be done via Python. If you need to re-order Wi-Fi configurations and preserve any existing 802.1x configurations then the Python based scripts are the only ones that currently exist.
Posted on 09-28-2022 10:48 AM
Thanks for the quick reply. Ok, that's fine. This is pretty important unless I want to redesign our Wi-Fi to only have one SSID (Which I would love to, lol.)
So if I install macadmin-python on the employee MacBooks, do you have any pointers? Should I plan on an update schedule? Any options in the installer that are helpful?
09-28-2022 11:22 AM - edited 09-28-2022 11:22 AM
You actually ought to keep a second SSID or BSSID available, it's a great fallback if your authentication on your preferred wireless ever fails (certificate errors, etc).
Get your Wi-Fi interface:
wifi=$(networksetup -listallhardwareports | awk '/Wi-Fi/{getline; print $2 }')
Forget the network:
networksetup -removepreferredwirelessnetwork $wifi "$SSID"
Then re-add it at index 0:
networksetup -addpreferredwirelessnetworkatindex $wifi "$SSID" 0 $Security_Type [password]
Iterate for multiple SSIDs, etc.
Based on usage and OS versions, you might consider also toggling Wi-Fi to force the changes.
Posted on 09-28-2022 11:42 AM
@pete_c Your method will break any 802.1x configuration associated with a SSID that's "moved"