Self Service Mavericks upgrade forgets WPA2 Password

appleconvert
New Contributor III

We are starting a Self Service based upgrade from OSX 10.8 to 10.9 on our fleet of macs. Using the latest 10.9.4 installer I have created a policy to cache it to the mac then the user can initiate the upgrade to Mavericks from the cached package.
The upgrade works well except the macs are no longer connected to our WPA2 Wi-Fi network.
If they select the company network the mac will prompt for the Wi-Fi password that the mac remembered pre-upgrade. This seems to be an issue with the Wi-Fi details not being moved correctly to the new Local Items Keychain. Does anyone have a work around to this issue?
Thanks in advance!

1 ACCEPTED SOLUTION

dmohs
Contributor

I encountered something similar when upgrading from 10.8.5 to 10.9.3. The attributes of WiFi passwords in the Keychain seems to have changed.

If you manually connect one of your 10.9.4 computers to WiFi, look in the Keychain Utility. I suspect you'll find two Keychain entries for the WiFi network. One is the old, the other new.

Here is how I solved it: Prior to upgrading to 10.9 (Mavericks), I used the following command in a policy for all 10.8 clients. This created the new Keychain item that is Mavericks compatible.

sudo security add-generic-password -a "MySchoolNetworkName" -D "AirPort network password" -G "Generic" -l "MySchoolNetworkName" -s "AirPort" -w "MySchoolNetworkPassword" -T "/usr/libexec/airportd" /Library/Keychains/System.keychain

After upgrading to 10.9 (Mavericks), I also implemented this command in a policy to delete the unnecessary old Keychain item.

sudo security delete-generic-password -l "MySchoolNetworkName" -a "AirPort" /Library/Keychains/System.keychain

This only solves the situation if your school has a generic password for the WiFi network. It only solves it for that one network. End users still need to re-enter passwords for all other networks.

View solution in original post

2 REPLIES 2

dmohs
Contributor

I encountered something similar when upgrading from 10.8.5 to 10.9.3. The attributes of WiFi passwords in the Keychain seems to have changed.

If you manually connect one of your 10.9.4 computers to WiFi, look in the Keychain Utility. I suspect you'll find two Keychain entries for the WiFi network. One is the old, the other new.

Here is how I solved it: Prior to upgrading to 10.9 (Mavericks), I used the following command in a policy for all 10.8 clients. This created the new Keychain item that is Mavericks compatible.

sudo security add-generic-password -a "MySchoolNetworkName" -D "AirPort network password" -G "Generic" -l "MySchoolNetworkName" -s "AirPort" -w "MySchoolNetworkPassword" -T "/usr/libexec/airportd" /Library/Keychains/System.keychain

After upgrading to 10.9 (Mavericks), I also implemented this command in a policy to delete the unnecessary old Keychain item.

sudo security delete-generic-password -l "MySchoolNetworkName" -a "AirPort" /Library/Keychains/System.keychain

This only solves the situation if your school has a generic password for the WiFi network. It only solves it for that one network. End users still need to re-enter passwords for all other networks.

appleconvert
New Contributor III

David you are a legend. That is exactly what was required! Thanks