Subscribe to Help Center RSS FeedBy using this policy, you can remotely deploy WiFi settings to enrolled Windows devices and can push network names (SSIDs), security types (like WPA2-Personal or Enterprise), passwords, and auto-connect settings without user interaction.
Prerequisites:
- Devices must be enrolled in Windows MDM (Mobile Device Management).
- For WiFi networks configured with WPA2 Enterprise (for use with JumpCloud RADIUS, for example), see Configure your WiFi Clients to use RADIUS and Configure EAP-TTLS/PAP on Windows for RADIUS.
- Target devices must be running Windows 10 version 1511 (10.0.10586) or later. This policy is supported on the following Windows editions:
- Windows Pro
- Windows Enterprise
- Windows Education
- Windows SE
- IoT Enterprise
- IoT Enterprise LTSC
- For more information on device compatibility, see Agent Compatibility, System Requirements, and Impacts.
Considerations:
- No additional action is needed to activate the policy once it is applied to target devices.
To create a Windows WiFi Configuration policy:
- Log in to the JumpCloud Admin Portal.
- Go to DEVICE MANAGEMENT > Policy Management.
- In the All tab, click (+).
- On the New Policy panel, select the Windows tab.
- Select WiFi Configuration policy from the list, then click configure.
- In the Settings section, configure the following policy options:
- SSID: Name of the wireless network.
The maximum length of an SSID can be 32 characters. Spaces within the SSID are counted as three characters each. For example, an SSID like "My Network" would use 11 characters (8 for "MyNetwork" and 3 for the space - considering space as %20). - Auto-Join: This option enables the device to automatically connect to the Wi-Fi network when in range.
- Hidden Network: Enable this option to connect to a WiFi network with a hidden SSID.
- Security Type: Select the appropriate security protocol that matches your WiFi network's configuration. Additional options appear depending on your selection:
- Open: Selecting this option enables any device to join the WiFi network.
- WPA2-Personal AES: Selecting this option displays the Password field where you can enter the password (PSK) for the WiFi network.
- WPA2-Enterprise / WPA3-Enterprise / WPA3-Personal AES: Selecting any of these options enables the following additional security options:
- Authentication Mode: Specifies the type of credentials used for authentication:
- Machine: The device authenticates to the network.
- User: The user authenticates to the network.
- Machine or User: Use machine or user credentials. When a user is logged on, the user's credentials are used for authentication. When no user is logged on, machine credentials are used.
- CA Thumbprints: This is the root certificate thumbprint and it is a 20-byte SHA1 certificate hash in hexadecimal.
- Trusted Servers: List of client trusted servers separated by semicolons.
- Certificate Issuer: Enable this option to enter the root CA thumbprints for the certificates you want to allow on a client for authentication. When this option is selected, the following fields are displayed:
- Certificate Issuer CA Thumbprints: Provide the Issuer CA Thumbprint, which is the root certification authority that allows client authentication.
- Disable User Prompt for Server Validation: Enable this option to automatically trust the server certificate, which will prevent a security prompt.
- PMK Caching: Enable this option to have the client cache the Pairwise Master Key (PMK) for the network. Caching the PMK allows for faster reconnection to the same network. When this option is selected, the following fields are displayed:
- PMK Cache Time to Live: The lifetime of the PMK cache in minutes. Minimum 5mins and maximum 1440 mins are allowed.
- PMK Cache Size: Number of entries in PMK cache. Maximum 255 entries are allowed.
- Authentication Mode: Specifies the type of credentials used for authentication:
- SSID: Name of the wireless network.
- Click Save. If prompted, click Save again. No further action is needed for this policy to take effect.
Back to Top
Learn More