Solved

restrict SSIDs from showing up only under certain conditions

Posted on 2007-11-15
12
542 Views
Last Modified: 2012-06-21
We have some laptop PCs that are normally connected via CAT5 to our Active Directory network.  When they are connected in this manner, we would like to keep SSIDs from showing up.  I'd like some suggestions of how to do this.
0
Comment
Question by:verpit
12 Comments
 
LVL 32

Expert Comment

by:and235100
ID: 20292818
The code given by trosien here may be of use:
http://www.gpanswers.com/community/viewtopic.php?p=4447
0
 
LVL 32

Expert Comment

by:and235100
ID: 20292824
This disables the wireless nic when the wired one is connected - I do not think that you can actually hide the wireless SSID - or do I misunderstand the question?
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 20293390
unless you disable the wireless NIC, the SSID's will show - you can restrcit in AD which wireless networks they can connect too
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 32

Expert Comment

by:and235100
ID: 20293474
What I meant was - you cannot programatically hide the wireless SSID from the laptop - group policy can be used to restrict access to which wireless networks - but this would be pretty pointless for a few laptops.
0
 

Author Comment

by:verpit
ID: 20298387
and235100, Great answer...  I realize I'm showing my ignorance here but am wondering how I would implement this code you mentioned?
Const HKEY_LOCAL_MACHINE = &H80000002
Set objShell = CreateObject("WScript.Shell")
 
Set objWMIService_wmi = GetObject("winmgmts:\\.\root\wmi")
Set colMonitoredEvents = objWMIService_wmi.ExecNotificationQuery("Select * from MSNdis_StatusMediaConnect")
Do While True
    Set strLatestEvent = colMonitoredEvents.NextEvent
    Wscript.Echo "A network connection has been disconnected: " & strLatestEvent.InstanceName
    nicdesc = strLatestEvent.InstanceName
   Set objWMIService_cimv2 = GetObject("winmgmts:\\.\root\cimv2")
   Set colNics = objWMIService_cimv2.ExecQuery("Select * From Win32_NetworkAdapterConfiguration Where ipEnabled = True")
 
   'Determine nic which trggered the event
   For Each objItem in colNics
      If objItem.description = nicdesc & " - Packet Scheduler Miniport" then
         trig_macaddress = objItem.MacAddress
          trig_nicguid = objItem.SettingID
         trig_strKeyPath = "HKLM\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\" & trig_nicguid & "\Connection\MediaSubType"
         trig_subtype = objShell.RegRead(trig_strKeyPath)
         Exit For
      End If
   Next
   
   'If the nic was wired then find wireless nics and disable them
   If trig_subtype = 1 then
      For Each objItem in colNics
         nicguid = objItem.SettingID
         strKeyPath = "HKLM\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\" & nicguid & "\Connection\MediaSubType"
         subtype = ""
         on error resume next
         subtype = objShell.RegRead(strKeyPath)
         If err.number <> 0 then
            subtype = 0
            err.clear
            on error goto 0
         End If
         If (subtype = 2) then
            wireless_macaddress = objItem.MacAddress
            set colAdapters = objWMIService_cimv2.Execquery("Select * from Win32_NetworkAdapter where macaddress ='" & wireless_macaddress & "'")
            For Each Adapter in colAdapters
               constatus = Adapter.NetConnectionStatus
               If constatus <> "" then
                  wscript.echo SetConnState(Adapter.NetConnectionID,0)
                End If
            Next
         End If
      Next
   End If
Loop
 
 
Function SetConnState(strConn,constate)
Const CONTROL_PANEL = &H3&
Set objShell = CreateObject("Shell.Application")
Set objCP = objShell.Namespace(CONTROL_PANEL)
 
If connstate = 0 then connAction = "Disa&ble"
If connstate = 1 then connAction = "En&able"
 
Set colNetwork = Nothing
For Each clsConn in objCP.Items
   If clsConn.Name = "Network Connections" Then
      Set colNetwork = clsConn.getfolder
      Exit For
   End If
Next
 
If colNetwork is Nothing Then
   WScript.Echo "Network folder not found"
   SetConnState = False
   Exit Function
End If
 
Set clsLANConn = Nothing
For Each clsConn in colNetwork.Items
   If Instr(LCase(clsConn.name),LCase(strConn)) Then
      Set clsLANConn = clsConn
      Exit For
   End If
Next
 
If clsLANConn is Nothing Then
   WScript.Echo "Network Connection not found"
   SetConnState = False
   Exit Function
End If
 
 
bEnabled = True
Set objEnable = Nothing
Set objDisable = Nothing
For Each clsVerb in clsLANConn.verbs
   If clsVerb.name = connAction Then
      Set objAction = clsVerb
   End If
Next
 
wscript.echo REPLACE(connAction,"&","") & " " & strConn & "..."
objAction.DoIt
End Function
 
 
'The Control Panel automation derived from: http://mcpmag.com/columns/article.asp?EditorialsID=619
'NIC connect/disconnect trigger derived from: http://www.microsoft.com/technet/scriptcenter/resources/qanda/mar05/hey0321.mspx 

Open in new window

0
 
LVL 32

Accepted Solution

by:
and235100 earned 500 total points
ID: 20483567
My answer was fine. SHould be accepted.
I am sorry - I didn't know I had to tell someone that you would implement the code by using a logon script.
I thought that the necessary knowledge was rather basic. - and the Asker gave himself/herself as "Advanced" on this topic.
http://www.rlmueller.net/LogonScriptFAQ.htm
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 20483689
i agree with andy on this - just for the record
0
 
LVL 32

Expert Comment

by:and235100
ID: 20484542
I apologise that I expect too much from people - but what is the point of marking yourself as "Advanced" on the topic in question, if you cannot apply a script to a GPO - especially when the subject of the question implied some sort of script for a domain as a resolution.
(I know that my "answer" is not spot-on - but as I stated - you cannot programatically hide the SSID from a laptop, as far as my "ignorance" goes.)

>> since when do we accept everything the questioner fills out in the question form as completely accurate?

That is often all we have to go on! :) Very little additional information was given in this Q by the Asker.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 20488424
Thanks Lee
0
 
LVL 1

Expert Comment

by:Computer101
ID: 20521497
Forced accept.

Computer101
EE Admin
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question