SOTI Pulse Logo

Updating WiFi Password on Enterprise Enrolled Android Devices

Solved
CS
Cameron Schroder

Hello SOTI and Friends,

   My question is in regard to updating the WiFi password.

Our devices are enrolled into MobiControl using a QR code generated from our Enrollment Policy. The QR code sets up the device's network connection and other MobiControl configurations.

To change the Wi-Fi password, do I need to create a new Work Managed Profile with the new SSID and password? If I apply this profile to all devices, will it permanently override the existing Wi-Fi settings, even after a device restart?

a year ago
Android
ANSWERS
RS
Rafael Schäfer
a year ago

First of all, yes even after a restart those settings will stay unless they are not changed from the user afterwards.

You can update the Wifi password using the Wifi profile which you mentioned already or using a javascript.

If you use the profile, be aware that if you revoke this profile, the Wifi provided by this profile will be forgotten by the devices (you can see this as a benefit or problem depending on your perspective on it).

If you want to update it via JS, you can do it this way:

//var SSID = mobicontrol.agent.getCustomAttribute("CASSIDName"); //grab values from custom attribute
//var Pass = mobicontrol.agent.getCustomAttribute("CAPasswordName"); //grab values from custom attribute
var SSID = 'your_SSID'; //enter values directly
var Pass = 'your_password'; //enter values directly
var wifiConfig = mobicontrol.wifi.createWifiConfiguration(SSID).withWpaSecurity(Pass);
 
mobicontrol.wifi.install(wifiConfig);
mobicontrol.agent.checkIn();
Solution
CS
Cameron Schroder
a year ago

Rafael,

Thank you very much for confirming that:


Profile can be applied to update Wi-Fi credentials.
Changes will persist after restart unless manually changed.
Profile can be removed to return to previous state.

Very helpful for me to know!

All the best,
Cameron

MD
Matt Dermody Diamond Contributor
a year ago

One clarification on the last point. Removal of the Profile containing WiFi settings will not remove the configuration to the previously used password applied during initial staging and enrollment. This process will remove the WiFi configuration for that SSID entirely and not revert it back to an old password. 

CS
Cameron Schroder
a year ago

Thank you, Matt, for catching that.

One quick follow-up:

If we remove an updated Wi-Fi profile and it does not revert back to the password used during staging. What does happen? If the device is not on-site and managed remotely, does the device need to be factory reset and re-enrolled at that point? 

I have bricked devices in the past. They were somehow set to only wake up on Wi-Fi and if fed the wrong Wi-Fi credentials as well as have hard reset disabled inside Samsung Knox/ bootloader. Required Samsung to perform a factory reset.

Would I at the very least, with device in my hands, be able to enter admin mode and manually update the Wi-Fi should the profile be removed?

Any settings I should be aware about inside Mobi (besides all of them ;) to avoid issues with Wi-Fi bricking / losing contact to agent?

Also, we don't allow users to configure Wi-Fi settings themselves.

  

Thank you for your time & attention!

Cameron

RS
Rafael Schäfer
a year ago

If we remove an updated Wi-Fi profile and it does not revert back to the password used during staging. What does happen?

The device forgets the entire wifi config for this SSID as i have written in my post as well. But if you use the script instead you can just reuse the script to change it back but i would recommend to use different SSID's so you have always a fallback.

If the device is not on-site and managed remotely, does the device need to be factory reset and re-enrolled at that point?

You need to provide any other data connection and then you can (still) remote control/manage it. This can be a different (fallback) Wifi or SIM card (mobile data).
Never used/tested on our end is usage of an ethernet adapter connected to the device and a local switch with access to mobicontrol server but could work as well depending on your device configuration.

And just from my own experiences, i prefer to not use the FRP but just because all our devices are using zero-touch so they will always end up in our environment.

Similar Discussions