asked on Prevent students from changing any wireless network settings
Hi,
I am trying to figure out how to prevent a school full of apparently deviant minded students hell bent on showing off how they can change wireless networks to unsecured ones in the neighborhood...
I have researched this pretty extensively on Expert's Exchange and Microsoft Technet, but I can't seem to find the correct answer... Here is what I know:
1) I have hudden the wireless icon from students but as soon as they disable the wireless adapter (there is a button above the keyboard on the laptop to do this), the wireless icon shows up and they can then then "View Available Wireless Networks".
2) I want to prevent students from:
a) Accessing wireless settings
b) Changing wireless networks (if subpoint a is met then this is moot!)
I would like to be able to do this via Group Policy, but I can't seem to make the Wireless Network Policies work in any way that appears to help.
Any suggestions?
Thanks in advance - I really appreciate
I am trying to figure out how to prevent a school full of apparently deviant minded students hell bent on showing off how they can change wireless networks to unsecured ones in the neighborhood...
I have researched this pretty extensively on Expert's Exchange and Microsoft Technet, but I can't seem to find the correct answer... Here is what I know:
1) I have hudden the wireless icon from students but as soon as they disable the wireless adapter (there is a button above the keyboard on the laptop to do this), the wireless icon shows up and they can then then "View Available Wireless Networks".
2) I want to prevent students from:
a) Accessing wireless settings
b) Changing wireless networks (if subpoint a is met then this is moot!)
I would like to be able to do this via Group Policy, but I can't seem to make the Wireless Network Policies work in any way that appears to help.
Any suggestions?
Thanks in advance - I really appreciate
Wireless NetworkingWindows XPNetwork Management
Last Comment
jasonzx
Are they standard User accounts?
ASKER
I'm researching the same thing, and I've not found a good solution even after searching for a few hours! You'd think this would be a huge issue and that it would be easy as cake to find an answer on this!! Alas,
I decided that I am going to use Windows Steadystate for it's disk protection features - basically it allows you to set up the computer in such a way that any changes a user makes are discarded and everything snaps back into place after you reboot the computer. I am only just beginning to dig in to this but it looks like it might have the desired results.
Here is a link that you may find useful:
http://social.microsoft.com/forums/en-US/windowssteadystate/thread/085c6519-f111-4679-89d5-b1baa0634c32/
Pesky students! ;)
I decided that I am going to use Windows Steadystate for it's disk protection features - basically it allows you to set up the computer in such a way that any changes a user makes are discarded and everything snaps back into place after you reboot the computer. I am only just beginning to dig in to this but it looks like it might have the desired results.
Here is a link that you may find useful:
http://social.microsoft.com/forums/en-US/windowssteadystate/thread/085c6519-f111-4679-89d5-b1baa0634c32/
Pesky students! ;)
thanks for the sharing
Steady State is great for kiosk and public type PC's so it should work for you in what you are currently looking to accomplish...
Silly thought.... Have you tried to add "DENY rights to the kids user's group? Guessing you might have a "Students" group or similar?
Silly thought.... Have you tried to add "DENY rights to the kids user's group? Guessing you might have a "Students" group or similar?
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
PS, I did not use steadystate - It would have required my reimaging each machine on the network. Maybe next year.
I had the same problem and recently came up with a solution.
regedit:
navigate to HKLM\Software\Microsoft\WZ
right-click->permissions->
Deny:Set Value, Create Subkey, create link, delete, write DAC, Write Owner
navigate to HKLM\Software\Microsoft\EA
right-click->permissions->
Deny:Set Value, Create Subkey, create link, delete, write DAC, Write Owner
To undo, select Deny policy->edit->clear all
If you wanted to automate or deploy, there's a setacl.exe on sourceforge and you can use:
SetACL.exe -on "HKLM\SOFTWARE\Microsoft\E
SetACL.exe -on "HKLM\SOFTWARE\Microsoft\W
regedit:
navigate to HKLM\Software\Microsoft\WZ
right-click->permissions->
Deny:Set Value, Create Subkey, create link, delete, write DAC, Write Owner
navigate to HKLM\Software\Microsoft\EA
right-click->permissions->
Deny:Set Value, Create Subkey, create link, delete, write DAC, Write Owner
To undo, select Deny policy->edit->clear all
If you wanted to automate or deploy, there's a setacl.exe on sourceforge and you can use:
SetACL.exe -on "HKLM\SOFTWARE\Microsoft\E
SetACL.exe -on "HKLM\SOFTWARE\Microsoft\W
http://technet.microsoft.com/en-us/library/cc787465.aspx