[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1032
  • Last Modified:

Is there a GUI tool that removes cached PEAP credentials?

We have a wireless network at our organization that uses 802.1x authentication with PEAP. Users authenticate with their Windows Active Directory username and password. After connecting once to the wireless network, the client machine will automatically supply the username and password to the network the next time it sees the network.

 We must change our passwords every 120 days. This requires the cached password to be changed on the wireless client machine. Otherwise the client will give the wrong (old) password to the wireless network. Currently the only way we know to to this is to delete the registry key holding this cached information. See http://support.microsoft.com/kb/823731 for the procedure.

Many users use their own personal laptops on this network. I am very concerned about having our users editing their registry files. Is there a GUI utility that will either delete this registry key or (preferably) allow the user to change the password that is cached for this specific wireless network (SSID)?

Thanks,
donander
0
donander
Asked:
donander
  • 2
  • 2
2 Solutions
 
DarkerCommented:
While not a GUI solution it is just as easy and does not require the users edit the registry directly.  If they just run this .reg file it will remove the registry key described in that Microsoft KB article.

Note:  You will need to rename it from .txt to .reg in order for it to work properly.
Remove-PEAP.txt
0
 
za_mkhCommented:
I've created a little executable for you. I used AutoIT to create it. www.autoitscript.com - it's fantastic.

If you don't trust the EXE (rename from .txt to .exe) you can download the program from the website and compile what I wrote in the code section. Hope this helps!
#Region ;**** Directives created by AutoIt3Wrapper_GUI ****
#AutoIt3Wrapper_outfile=ClearEaPol.exe
#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****
If RegDelete("HKEY_CURRENT_USER\Software\Microsoft\Eapol\UserEapInfo") = 1 Then
	MsgBox(64, "Information", "Cached Wireless Key has been Cleared")
Else
         MsgBox(48,"Warning","Cached Wireless Key could not be cleared")
EndIf

Open in new window

ClearEaPol.xls
0
 
za_mkhCommented:
Those four lines of code have some logic. So if the key doesn't exist, you would get the warning message!
0
 
DarkerCommented:
I agree with za_mhk -- his executable does the same thing as my .reg file but cannot be edited by a novice user to screw something up and as he said -- it will let you know if it worked or not.  Feedback from the program is always appreciated from end-users.
0
 
donanderAuthor Commented:
I like the exe. I did download AutoIT and compile it because I wanted to try AutoIT. I got the message can't find it because I don't have wireless on my desktop, but this indicates the script is running correctly.

I forgot to say in my question that I would prefer not to use a .reg file, not because of the possibility of the user messing with it (which is a good point) but because I wasn't sure if it would work to remove something. But I agree that Darker's solution would work so I'm going to split the points 60-40.

Thanks much,
donander
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now