Script “Restrict changing networks to administrators only” on macOS

There is an option to prevent non-admin users from switching wireless networks if you go to System Preferences > Wi-Fi > Advanced > Wi-Fi > Require administrator authorization to: > Change networks.

If you want to script that for multiple machines (instead of having to click through the GUI on each one), run this command:

sudo /usr/libexec/airportd prefs RequireAdminNetworkChange=YES


Posted

in

by

Tags:

Comments

One response to “Script “Restrict changing networks to administrators only” on macOS”

  1. Larry S Avatar
    Larry S

    Hey Alan,
    Timely as alsways
    In our Labs we also add the following in a first boot script to prevent non-admin users changing the wireless settings
    To keep non-admin users from turning off wireless:
    sudo /usr/libexec/airportd (en#) prefs RequireAdminPowerToggle=Yes

    To stop non-admin users from creating adhoc networks:
    sudo /usr/libexec/airportd (en#) prefs RequireAdminIBSS=YES

    So here is an example with logic:
    # Enable/Disable Wifi Based on Model Type
    MODEL=$(sysctl hw.model | cut -c11-20)
    if [ “$MODEL” == “MacBook7,1” ]; then
    networksetup -setairportpower en1 on;sleep 2;networksetup -setairportnetwork en1 somenetwork
    sudo /usr/libexec/airportd en1 prefs RequireAdminIBSS=YES
    sudo /usr/libexec/airportd en1 prefs RequireAdminNetworkChange=Yes
    sudo /usr/libexec/airportd en1 prefs RequireAdminPowerToggle=Yes

Leave a Reply

Your email address will not be published. Required fields are marked *