Enterprise Mobility and Security Blog

RSS

Windows Phone 8.1 provides a significant number of features, some of which cannot be configured directly from the Microsoft Intune administration console. To cover these scenarios, we have added a new Intune policy type called Windows Phone OMA-URI Policy which enables you to configure OMA-URI for Windows Phone 8.1. In this blog post, you will learn how to create custom Wi-Fi profiles for Windows Phone 8.1 using OMA-URI and Microsoft Intune.

From the Intune admin console

Let’s say you want to provision a Wi-Fi profile with a Pre-Shared Key (PSK) to all Windows Phone 8.1 users. To do so, you must first connect the desired Wi-Fi using your Windows device.

In the Intune administration console navigate to Policy > Add Policy

 

Create a new Windows Phone OMA-URI Policy:

 

Under OMA-URI Settings click Add.

Setting Name: Enter something short and easy to read – e.g., “my PSK Wi-Fi OMA-URI”

Setting Description: e.g., “Custom Wi-Fi profile to light up PSK for Wi-Fi profiles on Windows Phone 8.1”

Data Type: String (XML)

OMA-URI Location: ./Vendor/MSFT/WiFi/Profile/MYPSKWIFI/WlanXml

Data:

<?xml version=”1.0″?>

<WLANProfile xmlns=”http://www.microsoft.com/networking/WLAN/profile/v1“>

  <name>MYPSKWIFI</name>

  <SSIDConfig>

    <SSID>

      <hex>4D5950534B57494649</hex>

      <name>MYPSKWIFI</name>

    </SSID>

    <nonBroadcast>false</nonBroadcast>

  </SSIDConfig>

  <connectionType>ESS</connectionType>

  <connectionMode>auto</connectionMode>

  <autoSwitch>false</autoSwitch>

  <MSM>

    <security>

      <authEncryption>

        <authentication>WPA2PSK</authentication>

        <encryption>AES</encryption>

        <useOneX>false</useOneX>

      </authEncryption>

      <sharedKey>

        <keyType>passPhrase</keyType>

        <protected>false</protected>

        <keyMaterial>12345678</keyMaterial>

      </sharedKey>

    </security>

  </MSM>

</WLANProfile>

Note: the XML above is a sample OMA-URI. Please refer to “How to create an XML file from an existing Wi-Fi connection” section below to get your own customized XML.


Once you have filled in the appropriate fields, your screen should look like this: 

 

Click OK to save the policy, then deploy the policy to the required Intune groups.  

 NOTE: To configure Wi-Fi profiles using OMA-URI:

  • Data type must be String (XML)
  • The value for <name> must EXACTLY match the SSID you are connecting to (highlighted above)
  • The value for <hex> must be all uppercase – it is case sensitive (highlighted above) 

How to create an XML file from an existing Wi-Fi connection

  1. Use a Windows computer to manually connect to the desired wireless network.
  2. Once you have successfully connected, open the following folder: C:ProgramDataMicrosoftWlansvcProfilesInterfaces{SOME GUID}
  3. Here you will find an XML profile for each Wi-Fi endpoint you have connected to using this computer. You may have to dig through each XML file to locate the one with matching SSID.
  4. Once you have located the correct XML file, copy and paste this XML into the Data field of the OMA-URI settings page.

Other tips and tricks

  1. To convert a string to HEX use an online tool like this one.
  2. Make sure you capitalize all alphabetic characters in the <hex>

   4d5950534b57494649 -> 4d5950534b57494649

Additional resources

I hope you found this blog post helpful. If you are looking for more information about Windows OMA-URI policies in Microsoft Intune, see Use Windows Phone OMA-URI policies to manage device settings with Microsoft Intune in the Microsoft Intune Documentation Library. Also, if you’ve not yet tried out Intune, sign up for a free 30-day trial today.

– Karan Daftary, Program Manager