iPad MDM WiFi profile settings for WPA/WPA2 PSK (Personal)

  • 1
  • Question
  • Updated 2 years ago
I'm looking for a quick solution to connect 30 or so managed iPads to a temporary SSID for a few days. All of the iPads are managed by our MDM solution (Casper Suite). I thought I could just set up the SSID, and deploy a profile with those settings. What's happening is after the profile has been deployed to the iPad, I click on the SSID and I'm asked for the password! FAIL. Can anyone see what I am doing wrong? Thanks

Photo of James Watson

James Watson

  • 70 Posts
  • 8 Reply Likes

Posted 2 years ago

  • 1
Photo of wijnaldumwilliam

wijnaldumwilliam

  • 1 Post
  • 0 Reply Likes
• Launch the Create Wi-Fi Profile Wizard from the Configuration Manager 2012 R2 console.
• On the Wi-Fi Profile screen, enter the Network Name (friendly name) and SSID of the Wi-Fi network. Select the option to connect automatically if desired and choose whether to connect when the network is not broadcasting if required. To ensure compatibility across platforms, the network name and SSID should match and be aware that they are both case-sensitive.
• Select the security type “WPA2-Enterprise” and the appropriate encryption. Some networks provide encryption for the initial authentication process using a trusted server name and a root certificate for server validation. If that is the case, enter those values on the Security Configuration screen. If a trust is not already configured the end user will be prompted to trust connection/server. Select “PEAP” or “Smart Card or other certificate” for EAP Type.
• Next, click “Select” to select a client certificate for client authentication to the network. From the list of configured SCEP profiles, select the appropriate client authentication certificate profile and click “OK”.
• (For PEAP EAP Type Only) PEAP and EAP-TTLS are special in that they allow “inner auth methods”. Click Configure to specify options for the selected authentication type. Uncheck the “Verify the server’s identity by validating the certificate” option.  For password-based authentication, select “Secured password (EAP-MSCHAP v2)”. For certificate-based authentication, select “Smart Card or other certificate”.
• (For Cert-Based PEAP Authentication Method Only) Click “Configure” to specify settings for certificate selection for authentication. Select the option to “Use a certificate on this computer”. Uncheck the “Verify the server’s identity by validating the certificate” option. Click “OK”. Click “OK” to close the Protected EAP Properties screen.
• (For Smart Card or Certificate EAP Type Only) Click “Configure” to specify settings for certificate selection for authentication. Select the option to “Use a certificate on this computer”. Uncheck the “Verify the server’s identity by validating the certificate” option. Click “OK”. Click “OK” to close the Smart Card or other Certificate Properties screen.
• Click “Next”.
• On the Advanced Settings screen, select “User authentication” as the authentication mode. Click “Next”.
• Configure connection-specific proxy settings if desired. Click “Next”.
• Select iPhone and/or iPad on the Supported Platforms screen. Click “Next”.
• Click "Next" on the Summary screen, then "Close" to close the Wi-Fi Profile Wizard.
Photo of Brian Powers

Brian Powers, Champ

  • 396 Posts
  • 92 Reply Likes
I actually spent some time with a customer and Apple yesterday on a similar issue.  What we determined was when the profile was pushed from JAMF (and was seemingly correct), the device would not associate to the SSID.  It only effected iPad Minis oddly enough.  As their MacBook Pros, AppleTVs and iPad Airs worked fine getting the same profile push from JAMF (Casper Suites).

So you may not be doing a thing wrong.  We had to remove the push of the WLAN profile to the iPads via the MDM and sadly connect to the SSID manually.  Once we did that the devices worked as expected with no change being made to the WLAN infrastructure side.