Deploying WPA-2 personal WIFI profiles using ConfigMgr & Intune

For hybrid environments (that being ConfigMgr integrated with Microsoft Intune), it’s not possible to deploy a WIFI profile using a pre-shared secret in the UI. This will however not prevent you from creating and deploying WPA-2 Personal security WIFI profiles in the console. You will just be deploying the WIFI profile without the WIFI password. 

image

Windows Phone 8.1 will re-apply the same profile over and over again

When users receive the WIFI profile all they have to do is add the password and they will have WIFI connection. This works great for Android and iOS, but not for Windows Phone 8.1. For Windows Phone 8.1, the password will be wiped every time the device is synchronizing with Windows Intune (due to the fact that the Windows Phone is non-compliant with the new password).

To fix the Windows Phone 8.1 issue, you need to create an XML file with the settings (can be exported from an existing Windows 8.1 machine). In this example, I will create a new WIFI profile named WIFI corp and import all the settings including the pre-shared secret from a XML file.

  1. From Assets and Compliance, Compliance Settings, Company Resource Access, select WI-FI Profiles and create a new profile. Name the profile, enable Import an existing WI-FI profile item from a file and click Next.

    image
  2. Import your XML file from a network share location.

    image

  3. This is the XML file that I imported. A few things to notice is the password, SSID and connectionMode. In this example connectionMode is manual, most admins might want to chance that to auto if you want the device to automatically reconnect to the WIFI after a restart.

    image

  4. All left to do, is deploy the profile to all Users and select Windows Phone 8.1 as a requirement.

One thing to keep in mind is that Windows Phones do not support all WIFI XML formats that Windows PCs do.

By | 2015-01-28T14:28:20+00:00 January 28th, 2015|Configuration Manager (SCCM)|4 Comments

About the Author:

Kent Agerlund

Microsoft Regional Director, Enterprise Mobility MVP. Microsoft Certified Trainer and Principal consultant. I have been working with Enterprise client management since 1992. Co-founder of System Center User Group Denmark in 2009.

Certified MCITP: Enterprise Administrator, MCSA+Messaing, and much more.

Member of: Microsoft Denmark System Center Partner Expert Team The Danish Technet Influencers program System Center Influencers Program.

4 Comments

  1. Adam January 30, 2015 at 18:12 - Reply

    What command was run on the windows 8.1 system to generate the .xml file?

    • Darek September 2, 2015 at 14:11 - Reply

      use “Netsh wlan export profile %SSIDName% folder=c:temp” to get .xml file

  2. Magnus May 6, 2015 at 10:58 - Reply

    Will this work to push passwords to IOS devices?
    We have a corp “mobile WIFI” that we dont want anyone knowing the password for. And pushing out the profile would be nice since we have offices around europe with the same wifi as the head office.

  3. orange pre paid phone gprs July 21, 2016 at 9:05 - Reply

    This webѕite dеfinitely has all the information and
    fɑcts I needed about this subject and didn’t know who to ask.

Leave A Comment