UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36

Steps to reproduce the problem:
1. Create a wireless policy with the variables ${LOGIN_ID} and ${PASSWORD} and deploy it at the user level
2. Sign in with managed user on a non-managed Chromebook
3. Wireless profile will deploy, but will fail to connect

What is the expected behavior?
The expected behavior is that either the policy will be filtered from deploying to a non-managed device because it cannot function or the password will be correctly passed so the connection will succeed.

What went wrong?
Currently, since the password is not passed, the Chromebook ends up hammering the network defined in the profile with invalid connection attempts because the password is not correct.  This means the user has to manually connect to another SSID and they might get blacklisted from the network for too many invalid connection attempts.

Did this work before? No 

Chrome version: 66.0.3359.43  Channel: beta
OS Version: 66.0.3359.43
Flash Version: 

This issue is related to 386606, but is a new problem since 386606 has been implemented.  The decision was made to not allow credentials to pass on a non-managed Chromebook and the result is that unmanaged systems now fail to connect completely because they have an incorrect password.  Ideally, we should able to restrict this network from flowing to machines that are not managed by us.  From a security standpoint, machines that we do not own should never get policies that we enforce on machines that we do own.
 

Deleted: failure.png 33.5 KB

	failure.png 33.5 KB View Download