Prevent students from changing existing Wi-Fi network

expand collapsive

Hey guys, our institution has purchased around 130 MacBook Air laptops and plan to make it available for student usage while they are inside the institution.

There is a chance that the students may try to change the network from the institution’s Wi-Fi and connect to their personal ones or sometimes even turn it off.

So, we want to ensure that the devices will connect only to the Wi-Fi that we approve and have set up. Can you provide any suggestions on this?

All Replies

  • Participant

    Erin Scott

    Participant

    Yeah, tried the Wi-Fi policy, though it gets automatically connected to the configured network, we are able to change the network…

    Saw an option called “permit Wi-Fi connections to MDM connected wi-fi network only” but that was for iOS. Didn’t see anything similar for Mac.

  • Hexnode

    Archer Woods

    Moderator

    Hey @erin-scott,
    Thanks for reaching out.

    Please follow the instructions to fulfill your requirement:

    First, create a macOS Wi-Fi configuration policy so that your macOS devices will get connected to the institution’s Wi-Fi network automatically.

    To ensure that the users do not change the Wi-Fi network or turn it OFF, you must get some additional settings configured.

    You can get it done with the help of the Execute Custom Script action, where you embed the necessary settings as Terminal commands on a script and then execute it from the UEM console.

    Here, the values of RequireAdminNetworkChanges and RequireAdminPowerToggle are set to YES. This implies that whenever a non-admin user tries to change the Wi-Fi network or turn Wi-Fi ON or OFF, the system prompts for authentication with the Admin credentials. Unless the user is an Admin, you can rest assured that they do not connect to a different network or turn Wi-Fi off.

    If you wish to add more parameters to the existing script, you are free to do it as well.
    It is always recommended that you verify how these commands work on a single device before executing them in bulk. Also, the device model and the OS version solely determine how these commands are executed. Therefore, we cannot be responsible if the device behaves indifferently after executing the scripts.

    Please feel to reach out for further queries.

    Cheers!
    Archer Woods
    Hexnode UEM