I'm looking for the best way to prevent all Mac users with local admin privileges from removing a wireless/wired profile and SSID configuration for a specific wireless/wired network.
The goal is to ensure that the wireless network settings are enforced and cannot be modified or removed by the end-users, even if they have admin access on their Macs.
Is this possible?
Best answer by mm2270
I don't think there's a way to do that. Even using the
/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport prefs commands I don't think that button can be locked down. And even if you could, those prefs are only to prevent non-admins from adjusting any of the settings in Wi-Fi, and since you mentioned these are admin level users... honestly you're really looking at removing admin rights from users to prevent this. I know that's much easier said than done, but I suspect there won't be any other way.
+16Deploy a computer-level configuration profile with a Wi-Fi payload. Test first and don’t delete the payload without adjusting scope to None first, as always.
Tried this, pushed a computer level configuration profile with a Wi-Fi payload. Removing it is prevented UNLESS the user is connected to it, then they can click "Forget this Network" and have it removed.
+24I don't think there's a way to do that. Even using the
/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport prefs commands I don't think that button can be locked down. And even if you could, those prefs are only to prevent non-admins from adjusting any of the settings in Wi-Fi, and since you mentioned these are admin level users... honestly you're really looking at removing admin rights from users to prevent this. I know that's much easier said than done, but I suspect there won't be any other way.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
