Geek Answers Handbook

EAP-TLS os x terminal Wi-Fi network connection

I am currently working as a school specialist, and I am writing a shell script that automatically configures the school wireless network on a Mac to automate this process for several BYOD and Mac personal computers that I will configure. This includes

  • Import security certificates into a keychain

  • Paste the following settings into this dialog box here to connect to the network

  • Create a new network location called "school"

  • Configure the proxy server through the wpad file in the "Automatically configure the proxy server" section

  • If this is the teacher’s laptop and they request it, create a new place called "YouTube" and set the proxy settings that allow access to YouTube in the "Web proxy" section

The first approach I took was to import the security certificates (root certification authority and intermediate certification authority) using the security command. However, I realized that it would not be possible to configure a pop-up window that allows you to configure WiFi settings the first time you connect to it (choosing EAP-TLS as the connection mode, certificate and username insertion), And using

networksetup -setairportnetwork en1 eduSTAR

to try to open the dialog box failed. I know hidden well

 airport

but there is no visible ability to connect to a Wi-Fi network through this command. The only other way I can think of is to use a graphical interface using AppleScript, and I'm trying to avoid this method, as changing the user interface between OS versions would make the script unusable.

Today I found that I can import the .mobileconfig file into Network Settings via the network settings graphical interface, and this will take care of everything (including the wdap proxy configuration), and I also found that before that the networksetup command was able to import the 802.1x profile.

 networksetup -import8021xProfiles [service path]

The import option in the network settings did not allow me to import the .mobileconfig file directly, but I could import the settings by double-clicking the file. It turns out that the file itself is a .networkconnect file, but the dot is not controversial, since, apparently, starting from 10.7, the command is no longer supported

 Use a configuration profile to install 802.1X profiles on the system. ** Error: This command is no longer supported.

So now my questions are as follows:

  • How to import a .networkconnect / .mobileconfig file into network settings through an OS X terminal 10.7 or higher without using a graphical interface?

  • How to connect to the network after import through the terminal?

+4
source share
1 answer

To import the .mobileconfig command, use the / usr / bin / profiles command. networksetup is only used to import system profiles for 10.6 and earlier.

-I -F filename.mobileconfig

When a mobileconfig is imported, it automatically tries to connect, but AFAIK profiles (unlike the networksetup) cannot change the order of priority of the SSID.

This is not what you are here, but if you have Macs that are members of your AD domain and you have an integrated CA with AD, you can use the mactls script shell to automate the issuance of certificates as well as connection profiles. It can also be a useful comparison of how different approaches to the system profile are between 10.6 and 10.7.

http://sourceforge.net/p/mactls/

+2
source

More articles:


All Articles