Hello!

I'm replacing our Cisco Wi-Fi 2504 wireless controller and 2600 series APs with a Fortinet solution (431F & 433F APs paired with a FortiGate 600E internal wireless controller).

I am intending to use WPA3 with our WiFi6 compatible laptops and WPA2 with our WiFi5 laptops. The SSIDs are set to WAP3 SAE Transition.

The good news:

-Both WiFi6 & WiFi5 laptops are connecting with the intended authentication method and speed.

The question:

-How can I push the passphrase for a SSID to multiple laptops so that users will not need to enter the passphrase manually?

I did find an article that showed me how to use 'netsh' to export the SSID and passphrase to an XML file.  Then I created a batch file to use netsh to add the SSID to target computers.  It seemed to work, however, when the test user clicked on the SSID name in the Windows network list, the user was still asked to enter the passphrase.  Below are the basic commands.

-netsh wlan export profile key=clear folder="C:\stage\wifi6"

-netsh wlan add profile filename="C:/stage\wifi6\Wi-Fi-Corp.xml" user=current

I am guessing netsh was not the answer because the pre-shared key is not in the XML file?

I also tried to use group policy to push the SSID information, but WPA3 was not supported.

Just to see if it would work, I then tried to push the SSID configured with WPA2 authentication; however, I never came to a setting where I could enter the actual passphrase.

My next thought is to use PowerShell, but before spending time on that, I thought I might be wise to ask.  Has anyone found a method to pre-configure a SSID passphrase on a Windows 10 laptop?