Forum Discussion
Wifi Profile Push Issues
We are using Intune to push our certs and wifi profiles out to our laptops. We recently upgraded our ADCS environment and updated it so we need to decom the old one and remove the old certs from the environment. I went in to the root cert and removed the all users group from that so it would not be pushed out to all of our laptops anymore. The root cert is called out in the wifi profile under the Root Certificate for server validation section of the profile. Even though I didn't change that wifi profile at all the change to root cert and the removal of the all users group that it was targeting seems to have forced a wifi change and push out to all of my laptops. Is this supposed to happen is this normal? Is there anything that I can do to not cause this type of mass push when making this type of change? The issues is that when the wifi profile pushed out to everyone that was on the corp wifi they were disconnected and could not get back on without assistance. Any ideas would be greatly appreciated.
1 Reply
Hy,
i am not able from your description to really understand you actually Infra., but yes this happens because the Wi-Fi profiles refer to the root certificate for server validation, so when the certificate’s targeting changes, Intune treats this as a configuration update requiring a push to all targeted devices
What can you do:
• Stage your certificate deployments and removals carefully. Instead of removing the root cert from “All Users,” create targeted groups and pilot the changes on a small subset of devices before broad rollout.• Update and deploy new Wi-Fi profiles referencing the new CA cert explicitly alongside retiring old profiles, rather than modifying the root certificate’s assignments alone; this may allow finer control of what pushes are triggered.Good luck!
