Some of the schools I work with have shared class sets of MacBooks. Their shared MacBooks are configured to connect to the school’s Wi-Fi (WPA2 enterprise network) at the login window. Sometimes the MacBooks are left in sleep mode for extended periods of time, causing the battery to deplete and the system clock to reset.

After the flat MacBooks are recharged and turned on, they fail to connect to Wi-Fi and this leads to users complaining that they cannot log in. This is due to the ‘Not Valid Before’ value of the Remote Authentication Dial-In User Service (RADIUS) certificate being ahead of the system clock.

Correcting this issue would require a user to first realise the time is incorrect and then connect the MacBook to the network with an Ethernet cable or more commonly bring the MacBook to an IT Administrator with access to a local administrator account.

With the number of users coming to see me with this issue, I started looking into ways I could give the user the ability to correct the system time themselves from the login window and without an Ethernet cable. My idea was to create an application that appears over the top of the login window if the system clock is set to a date before 2015.

I found making an application visible at the login window surprisingly difficult. It wasn’t until I came across Apple’s PreLoginAgents sample code that I was a big step closer. Not long after that I had a working app that prompted users to correct the date and time after a flat battery.

To use, simply download the package from here and deploy it to your clients.

9 Comments