Configuring Wi-Fi for Mobile Devices

Jamf Pro Documentation 11.16.0
Solution
Application
Content Type
Technical Documentation
Utilities & Services
version
11.16.0
ft:locale
en-US
vrm_version
11.16.0

You can create a configuration profile to deploy Wi-Fi settings to iOS, iPadOS, tvOS, and visionOS devices.

Note:

These instructions are for environments that use a network with a personal security type encryption, such as WPA2 Personal. If your environment requires an enterprise security type with an 802.1x RADIUS server, see the Implementing 802.1X Authentication Using Jamf Pro technical paper for instructions instead.

  1. In Jamf Pro, click Devices in the sidebar.
  2. Click Configuration Profiles in the sidebar.
  3. Click New .
  4. In the General payload, enter a name for the profile and configure other settings on the pane as needed.
  5. Click the Wi-Fi payload.
  6. Click Configure.
  7. In the Service Set Identifier (SSID) field, enter your SSID.
  8. Select the Auto Join checkbox.
  9. In the Security Type menu, select the wireless network encryption to use when connecting.
  10. Click the Scope tab, and then configure the target devices or device groups.
  11. Click Save .
The profile is distributed to the devices in the scope.
Best Practice:

Updating a Wi-Fi network password

To avoid disrupting device connectivity when updating the password on an existing Wi-Fi network, Jamf recommends creating and deploying a secondary Wi-Fi configuration profile that devices can connect to during the transition to the new password. After you perform the following steps, devices will transition to the new Wi-Fi network password without losing connectivity.
Note:

Perform these steps before changing the Wi-Fi password.

  1. Create a secondary Wi-Fi network that devices can temporarily connect to while the primary network's password is updated. You can also use an existing, available secondary network, such as a guest network.

  2. Create a secondary configuration profile for the secondary Wi-Fi network, and deploy it to all devices.

  3. Create smart groups to identify devices that do not yet have the secondary Wi-Fi configuration profile installed.

  4. Change the scope of the original Wi-Fi configuration profile to include only the smart groups you created for the secondary Wi-Fi configuration profile.

    This ensures that devices will keep the original Wi-Fi configuration profile only if they do not yet have the secondary Wi-Fi configuration profile installed.

    Note:

    Devices that have the secondary Wi-Fi configuration profile will be automatically removed from the scope of the original Wi-Fi profile.

  5. After all devices have connected to the secondary Wi-Fi configuration profile and no longer have the original profile, update the Wi-Fi password in the original Wi-Fi configuration profile.

  6. Revert the scope of the original Wi-Fi configuration profile to include its initial smart group (e.g., "All Devices" or the specific smart group used previously).

    This will redeploy the original Wi-Fi configuration profile that now has the new Wi-Fi network password.

  7. Create smart groups that target the devices that still require the updated original Wi-Fi configuration profile.

  8. Change the scope of the secondary Wi-Fi configuration profile to the smart groups you created in the previous step.

    This configuration ensures that devices retain the secondary Wi-Fi network until they receive the updated original Wi-Fi configuration profile that has the new Wi-Fi network password.