Is there a GUI tool that removes cached PEAP credentials?

We have a wireless network at our organization that uses 802.1x authentication with PEAP. Users authenticate with their Windows Active Directory username and password. After connecting once to the wireless network, the client machine will automatically supply the username and password to the network the next time it sees the network.

 We must change our passwords every 120 days. This requires the cached password to be changed on the wireless client machine. Otherwise the client will give the wrong (old) password to the wireless network. Currently the only way we know to to this is to delete the registry key holding this cached information. See for the procedure.

Many users use their own personal laptops on this network. I am very concerned about having our users editing their registry files. Is there a GUI utility that will either delete this registry key or (preferably) allow the user to change the password that is cached for this specific wireless network (SSID)?

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

While not a GUI solution it is just as easy and does not require the users edit the registry directly.  If they just run this .reg file it will remove the registry key described in that Microsoft KB article.

Note:  You will need to rename it from .txt to .reg in order for it to work properly.
za_mkhIT ManagerCommented:
I've created a little executable for you. I used AutoIT to create it. - it's fantastic.

If you don't trust the EXE (rename from .txt to .exe) you can download the program from the website and compile what I wrote in the code section. Hope this helps!
#Region ;**** Directives created by AutoIt3Wrapper_GUI ****
#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****
If RegDelete("HKEY_CURRENT_USER\Software\Microsoft\Eapol\UserEapInfo") = 1 Then
	MsgBox(64, "Information", "Cached Wireless Key has been Cleared")
         MsgBox(48,"Warning","Cached Wireless Key could not be cleared")

Open in new window


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
za_mkhIT ManagerCommented:
Those four lines of code have some logic. So if the key doesn't exist, you would get the warning message!
I agree with za_mhk -- his executable does the same thing as my .reg file but cannot be edited by a novice user to screw something up and as he said -- it will let you know if it worked or not.  Feedback from the program is always appreciated from end-users.
donanderAuthor Commented:
I like the exe. I did download AutoIT and compile it because I wanted to try AutoIT. I got the message can't find it because I don't have wireless on my desktop, but this indicates the script is running correctly.

I forgot to say in my question that I would prefer not to use a .reg file, not because of the possibility of the user messing with it (which is a good point) but because I wasn't sure if it would work to remove something. But I agree that Darker's solution would work so I'm going to split the points 60-40.

Thanks much,
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows OS

From novice to tech pro — start learning today.