Jamf Nation Community

mramola · ‎03-19-2024

Our students have discovered the password to our "vendor" network, which is unfiltered, and have been putting both their personal devices and their school devices on this network. We are working on dumping all connections and changing the password, but I am wondering if there is a way for me to block this network from being joined on our student devices? I had thought initially that I could push this network out to all devices with the wrong password associated with it. This does work but it also is interfering with our student network and causing an error with not being able to join that network either. Thoughts? Suggestions? TIA

A_Collins · ‎03-19-2024

Easiest way is to create a launchdaemon to disconnects from the wifi when it connects. I am using this method to block students from hotspotting.

foobarfoo · ‎03-19-2024

If I'm not mistaken there's an option to allow the device to only connect to networks that are provisioned by the MDM. But that would prevent users from connecting to other networks, such as their home network. If that is undesirable, I suggest the password is changed on the "vendor" network instead of attempting hacks on the client devices. If the main challenge is that the network traffic is unfiltered, then I suggest that filtering is done on the client device itself, as devices tend to move between various networks these days. Or that a global proxy is enforced via MDM settings instead to achieve similar results.

mainelysteve · ‎03-20-2024

Your method of creating a config profile with the wrong password should have worked. Same vendor SSID, wrong password and auto join turned off. If your student SSID is being affected then you're toggling a setting on that shouldn't be on or something else is going on.

mramola · ‎03-20-2024

That is what I thought. I'll run some additional tests and see what I can
figure out.

Megan Ramola
Technology Assistant
Becker Public Schools
763-261-4501 ext 3153

Jamf Nation Community

Invalid WiFi password