Solved

restrict SSIDs from showing up only under certain conditions

Posted on 2007-11-15
12
533 Views
Last Modified: 2012-06-21
We have some laptop PCs that are normally connected via CAT5 to our Active Directory network.  When they are connected in this manner, we would like to keep SSIDs from showing up.  I'd like some suggestions of how to do this.
0
Comment
Question by:verpit
12 Comments
 
LVL 32

Expert Comment

by:and235100
ID: 20292818
The code given by trosien here may be of use:
http://www.gpanswers.com/community/viewtopic.php?p=4447
0
 
LVL 32

Expert Comment

by:and235100
ID: 20292824
This disables the wireless nic when the wired one is connected - I do not think that you can actually hide the wireless SSID - or do I misunderstand the question?
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 20293390
unless you disable the wireless NIC, the SSID's will show - you can restrcit in AD which wireless networks they can connect too
0
 
LVL 32

Expert Comment

by:and235100
ID: 20293474
What I meant was - you cannot programatically hide the wireless SSID from the laptop - group policy can be used to restrict access to which wireless networks - but this would be pretty pointless for a few laptops.
0
 

Author Comment

by:verpit
ID: 20298387
and235100, Great answer...  I realize I'm showing my ignorance here but am wondering how I would implement this code you mentioned?
Const HKEY_LOCAL_MACHINE = &H80000002

Set objShell = CreateObject("WScript.Shell")
 

Set objWMIService_wmi = GetObject("winmgmts:\\.\root\wmi")

Set colMonitoredEvents = objWMIService_wmi.ExecNotificationQuery("Select * from MSNdis_StatusMediaConnect")

Do While True

    Set strLatestEvent = colMonitoredEvents.NextEvent

    Wscript.Echo "A network connection has been disconnected: " & strLatestEvent.InstanceName

    nicdesc = strLatestEvent.InstanceName

   Set objWMIService_cimv2 = GetObject("winmgmts:\\.\root\cimv2")

   Set colNics = objWMIService_cimv2.ExecQuery("Select * From Win32_NetworkAdapterConfiguration Where ipEnabled = True")
 

   'Determine nic which trggered the event

   For Each objItem in colNics

      If objItem.description = nicdesc & " - Packet Scheduler Miniport" then

         trig_macaddress = objItem.MacAddress

          trig_nicguid = objItem.SettingID

         trig_strKeyPath = "HKLM\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\" & trig_nicguid & "\Connection\MediaSubType"

         trig_subtype = objShell.RegRead(trig_strKeyPath)

         Exit For

      End If

   Next

   

   'If the nic was wired then find wireless nics and disable them

   If trig_subtype = 1 then

      For Each objItem in colNics

         nicguid = objItem.SettingID

         strKeyPath = "HKLM\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\" & nicguid & "\Connection\MediaSubType"

         subtype = ""

         on error resume next

         subtype = objShell.RegRead(strKeyPath)

         If err.number <> 0 then

            subtype = 0

            err.clear

            on error goto 0

         End If

         If (subtype = 2) then

            wireless_macaddress = objItem.MacAddress

            set colAdapters = objWMIService_cimv2.Execquery("Select * from Win32_NetworkAdapter where macaddress ='" & wireless_macaddress & "'")

            For Each Adapter in colAdapters

               constatus = Adapter.NetConnectionStatus

               If constatus <> "" then

                  wscript.echo SetConnState(Adapter.NetConnectionID,0)

                End If

            Next

         End If

      Next

   End If

Loop
 
 

Function SetConnState(strConn,constate)

Const CONTROL_PANEL = &H3&

Set objShell = CreateObject("Shell.Application")

Set objCP = objShell.Namespace(CONTROL_PANEL)
 

If connstate = 0 then connAction = "Disa&ble"

If connstate = 1 then connAction = "En&able"
 

Set colNetwork = Nothing

For Each clsConn in objCP.Items

   If clsConn.Name = "Network Connections" Then

      Set colNetwork = clsConn.getfolder

      Exit For

   End If

Next
 

If colNetwork is Nothing Then

   WScript.Echo "Network folder not found"

   SetConnState = False

   Exit Function

End If
 

Set clsLANConn = Nothing

For Each clsConn in colNetwork.Items

   If Instr(LCase(clsConn.name),LCase(strConn)) Then

      Set clsLANConn = clsConn

      Exit For

   End If

Next
 

If clsLANConn is Nothing Then

   WScript.Echo "Network Connection not found"

   SetConnState = False

   Exit Function

End If
 
 

bEnabled = True

Set objEnable = Nothing

Set objDisable = Nothing

For Each clsVerb in clsLANConn.verbs

   If clsVerb.name = connAction Then

      Set objAction = clsVerb

   End If

Next
 

wscript.echo REPLACE(connAction,"&","") & " " & strConn & "..."

objAction.DoIt

End Function
 
 

'The Control Panel automation derived from: http://mcpmag.com/columns/article.asp?EditorialsID=619

'NIC connect/disconnect trigger derived from: http://www.microsoft.com/technet/scriptcenter/resources/qanda/mar05/hey0321.mspx 

Open in new window

0
 
LVL 32

Accepted Solution

by:
and235100 earned 500 total points
ID: 20483567
My answer was fine. SHould be accepted.
I am sorry - I didn't know I had to tell someone that you would implement the code by using a logon script.
I thought that the necessary knowledge was rather basic. - and the Asker gave himself/herself as "Advanced" on this topic.
http://www.rlmueller.net/LogonScriptFAQ.htm
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 20483689
i agree with andy on this - just for the record
0
 
LVL 32

Expert Comment

by:and235100
ID: 20484542
I apologise that I expect too much from people - but what is the point of marking yourself as "Advanced" on the topic in question, if you cannot apply a script to a GPO - especially when the subject of the question implied some sort of script for a domain as a resolution.
(I know that my "answer" is not spot-on - but as I stated - you cannot programatically hide the SSID from a laptop, as far as my "ignorance" goes.)

>> since when do we accept everything the questioner fills out in the question form as completely accurate?

That is often all we have to go on! :) Very little additional information was given in this Q by the Asker.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 20488424
Thanks Lee
0
 
LVL 1

Expert Comment

by:Computer101
ID: 20521497
Forced accept.

Computer101
EE Admin
0

Join & Write a Comment

Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now