Jamf Nation Community

Every user has access to the system keychain by default don’t they? Its in my keychain and I have never specifically added it.
So putting wifi keys in system keychain seems like the thing to do.
We put the vpn secret passphrases in the system keychain on 10.6 and the users had access to them when they log in. doesn’t seem to work the same on 10.7 though.
--
Todd Ness
Technology Consultant/Non-Windows Services
Americas Regional Delivery Engineering
HP Enterprise Services

According to Apple Enterprise Support once a user logs in, their
~/Library/Keychains/login.keychain takes over, and if they manually
disconnect from a wifi network or try to connect to another they cannot
connect back. I have a plethora of logs proving that when this happens
the keychain magically loses the wifi passkey.

This is what I am trying to do according to their support and man this
is what drives me crazy about apple is that the documentation sucks. First off their enterprise support tech sent me a command that had a
syntax error in it, so I had to fix it, and it isn't really documented,
though this seems to work

sudo security add-generic-password -a usd500_wpa -s Airport -D "AirPort
Network Password" -l usd500_wpa -w my_wifi_passkey -A
~/Library/Keychains/login.keychain

Though the -A switch allows all applications access to this
keychain...I think I may want to restrict it to the service that needs
it. Though I don't get how a login.keychain in a user's folder can mess
with a system keychain....

-Tom