Solved

how to prevent access to the wireless encryption key in windows 7

Posted on 2010-08-30
8
852 Views
Last Modified: 2013-11-12
need to prevent viewing of wireless security key
0
Comment
Question by:mtburns
8 Comments
 
LVL 6

Expert Comment

by:fluk3d
ID: 33557835
Need more information, what type of enviroment are you running a windows domain? do users have local admin access to the machine.

0
 

Author Comment

by:mtburns
ID: 33557991
academic environment with areas of wireless access using wpa2/aes where students have laptops in specific classrooms, where previously the security key was able to be hidden. we're currently building a template Windows 7 laptop which will be cloned and need to have the key hidden. The students have local admin access in order to run certain applications. I'm thinking that there must be some sort of GP setting or registry fix for this, but it's not intuitively obvious. I appreciate any help that you can provide on this-Thanks in advance!!!!
0
 
LVL 6

Expert Comment

by:fluk3d
ID: 33558052
If the users have local admin access to the machine I do not believe there is a way to hide the key. You might want to look into setting up a RADIUS server to authenticate with your AP if users are logging into the domain.

I believe windows call this IAS for server 2003 and NAP for server 2008.

Have a look at this thread also.

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/Q_25463535.html
0
 
LVL 6

Expert Comment

by:fluk3d
ID: 33558164
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 6

Expert Comment

by:zkrieger
ID: 33560542
you cannot prevent local admins from viewing the key, however you can fix your applications.

the problem is not the key being visible, its that you arent solving the compatibility issues with your software apps to allow them to run on a non-admin user.

look into application virtualization (you probably have licensing already if you have an EA agreement with microsoft)
0
 
LVL 61

Expert Comment

by:btan
ID: 33605752
propose to go into user mode as it is not only wlan keys, with such rights they would be able to do alot. Else put them into a user domain group with specific rights. note that device port is also open, they would import tools for data siphoning, privilege escalation etc. Even if you masked out the registry locally, they can easily undo it. Do consider also the network segregation of the user test lan to isolate any abuse and ripple into corporate lan.

0
 

Author Comment

by:mtburns
ID: 33636943
None of the proposed/suggested solutions were useable in our environment. We resolved the issue by changing the template user from being a member of the Administrators group to being a member of the Power users group with elevated privileges. Now users cannot view the encryption key. We did not need to reconfigure our access points, other clients, make changes to application settings, setup a radius server, nor isolate LAN segments to accomplish this.
0
 

Accepted Solution

by:
mtburns earned 0 total points
ID: 33637015
None of the proposed/suggested solutions were useable in our environment. We resolved the issue by changing the template user from being a member of the Administrators group to being a member of the Power users group with elevated privileges. Now users cannot view the encryption key. We did not need to reconfigure our access points, other clients, make changes to application settings, setup a radius server, nor isolate LAN segments to accomplish this.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Need WiFi? Often, there are perfectly good networks that don't have WiFi capability - and there's a need to add it.  - Perhaps you have an Ethernet port into a network but no WiFi nearby. - Perhaps you have a powerline extender and no WiFi at the…
OfficeMate Freezes on login or does not load after login credentials are input.
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
This Micro Tutorial will give you a basic overview of Windows Live Photo Gallery and show you various editing filters and touches to photos you can apply. This will be demonstrated using Windows Live Photo Gallery on Windows 7 operating system.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now