Whilst there is a setting in Group Policy Preferences to deploy WiFi settings, this does not include the WiFi Pre-Shared Key (PSK).
The following method will allow you to also push out the Pre-Shared Key:
From a PC that already has the WiFi profile installed, open command prompt (as admin) and run the following command:
netsh wlan show profiles
Make a note of the name of the profile you want to export – such as
Run the following command, replacing the profile name with the one you wish to export, and path to an existing folder where an XML file will be created
netsh wlan export profile name="MyWiFiSSID" folder=C:\WLAN key=clear
(Note that the key=clear is vital for this to work)
Copy that XML file to a network share that is accessible from the computer accounts. Do bear in mind the WiFi key is visible in plain text within this file, so consideration must be taken as where/how to store it.
The following command is used to install the profile:
netsh wlan add profile filename="\\servername\share\Wi-Fi-MyWiFiSSID.xml" user=all
… however, this will reinstall and reconnect the WiFi profile each time, causing a brief disconnect at startup.
From my experience, the best method is to create a Computer Startup .bat script GPO that will only run once. This one does the trick:
netsh wlan show profile MyWiFiSSID if %errorlevel%==0 goto end netsh wlan add profile filename="\\servername\share\Wi-Fi-MyWiFiSSID.xml" user=all :END
Many thanks to Ignacio for this more elegant deployment solution!