802.1x loginwindow profiles and moving between SSIDs on macOS 10.12
| Originator: | jandrewartha | ||
| Number: | rdar://28403128 | Date Originated: | September 21 2016 |
| Status: | Closed | Resolved: | May 26 2017 |
| Product: | macOS + SDK | Product Version: | Sierra |
| Classification: | Reproducible: | Yes |
Summary: On a laptop with a Configuration Profile installed with a Network (wifi) payload configured with 'Use as a login window configuration' ticked and a fixed Username and Password entered. Moving between two locations that have different wireless SSIDs visible causes the laptop to not auto connect to the wifi. Steps to Reproduce: 1. Setup two different wireless networks in different physical locations with different SSIDs, one with 802.1x authentication (work), one without (home), they should not be visible to each other 2. Create a Configuration Profile with a Network (wifi) payload setup for one of the SSIDs 'Use as a login window configuration' ticked and a fixed Username and Password entered 3. Install the Configuration Profile onto a laptop. Login to the laptop with a mobile account 4. Connect the laptop to the Home SSID and save it as a preferred network 5. Connect the laptop to the Work SSID and save it as a preferred network 6. Connect the laptop to the Home SSID and close the lid to put it to sleep 7. Move the laptop to the Work SSID location, make sure it cannot see the Home SSID 8. Open the laptop lid Expected Results: The wifi should automatically reconnect to any known wifi network Actual Results: When moving between the different SSIDs, the laptop does not auto connect to the wifi network. Version: macOS Sierra 10.12 (16A323) Notes: It appears as though something is causing the eapolclient to crash when the laptop sleeps or roams between SSIDs Apple Response: May 26 2017, 10:53 PM This issue behaves as intended based on the following: When we are logged in via LoginWindow mode 802.1X we currently only ever auto-join the current LoginWindow profile network. Also, we never start EAPOL for LoginWindow 802.1X, that is handled at the login window, we simply restore the 802.11 association, relying on LW mode 802.1X to already be running. In general changing networks while in LW mode, is not supported, and never has been. This is behaving correctly based on the current design. We are now closing this bug report. If you have questions about the resolution, or if this is still a critical issue for you, then please update your bug report with that information. Please be sure to regularly check new Apple releases for any updates that might affect this issue.
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!