Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

BlackBerry® Enterprise Service 10

Reply
Contributor
morser
Posts: 23
Registered: ‎12-14-2008
My Device: Z10, 9900 & Playbook 64GB
My Carrier: Bell Mobility
Accepted Solution

WiFi Profile using AD Authentication. Cannot populate Username and password fields beforehand. Want user to be prompted.

Hello. I am trying to deploy a WiFi Profile to our bb10 devices.   Our company Wifi uses the User's Active Directory Credentials to log them into the WiFi.  The settings that I need to configure do show up when managing / editing the WiFi profile.  For example, i have set the following.
SSID: 1.618
LINK SECURITY: WPA2-EAP
EAP SECURITY: PEAP
Regarding the Username and Password fields,  I need to leave these blank and have it prompt the user for the credentials.   The user is not being prompted for the credentials.  Thus, the WiFi is not authenticated.  Also when I do leave the fields blank and try to edit the profile in the Saved Wifi Profile section of the device, the username and password fields are greyed out.  I notice when assigning this WiFi profile to a user that there are some WiFi User Specific Settings.   I can populate the User Name field, but obviously I cannot populate the Password field because it is only known by the User.  

Compare this behaviour with the VPN Profile.  We use Cisco ASA and require a username and Password.  When create a VPN profile and I leave the Username and Password fields blank and a user connects using the VPN profile, they are prompted for username and password on the BB10 device.   

Thanks in advance for help with the above.   I also wanted to ask if variables are allowed when configuring profiles.  For example if you look in the Devices>Wireless Activations section and review the activation emails, you can see that variables are used in the default text.  Are there variables allowed when configuring profiles?  If so, what variables are allowed and are they tied to what Active Directory Object Mappings one has additionally created in the AD Integration section?    Variable support when configuring profiles would go a long way to help populate some fields, such as username etc. 

Please use plain text.
Forums Advisor I
freakinvibe
Posts: 607
Registered: ‎08-29-2008
My Device: Q10
My Carrier: Swisscom

Re: WiFi Profile using AD Authentication. Cannot populate Username and password fields beforehand. Want user to be prompted.

There is a policy which allows users to modify certain parts of a pushed out Wifi profile. What have you set that to?
Please use plain text.
Contributor
morser
Posts: 23
Registered: ‎12-14-2008
My Device: Z10, 9900 & Playbook 64GB
My Carrier: Bell Mobility

Re: WiFi Profile using AD Authentication. Cannot populate Username and password fields beforehand. Want user to be prompted.

Thanks for the response.

After reading your response i scoured my IT Policy for the setting, but you meant it was in the actual Wi-Fi Profile. 

I have set that to Credentials only. 

 

Thanks much.    I was hoping my users would be prompted for credentials instead of going into the wifi saved profile area but this will do for now.

 

 

 

Please use plain text.
Contributor
morser
Posts: 23
Registered: ‎12-14-2008
My Device: Z10, 9900 & Playbook 64GB
My Carrier: Bell Mobility

Re: WiFi Profile using AD Authentication. Cannot populate Username and password fields beforehand. Want user to be prompted.

Actually it turns out that it is easier for me to no push out the WiFi Profile to my users. 

Since the SSID is not hidden, users can see it when looking for WiFi networks to connect to.  When they tap on our WiFi network, they get prompted.

 

When i Push out the WiFi profile with the setting to allow changes to the credentials, users need to navigate into the Saved WiFi networks to populate the fields. 

 

Variables should be allowed in many areas of BDS and BES10, to allow greater flexibility.  Also, an option to prompt the user for credentials would resolve this.

 

Please use plain text.