Solved

how to prevent access to the wireless encryption key in windows 7

Posted on 2010-08-30
8
863 Views
Last Modified: 2013-11-12
need to prevent viewing of wireless security key
0
Comment
Question by:mtburns
8 Comments
 
LVL 6

Expert Comment

by:fluk3d
ID: 33557835
Need more information, what type of enviroment are you running a windows domain? do users have local admin access to the machine.

0
 

Author Comment

by:mtburns
ID: 33557991
academic environment with areas of wireless access using wpa2/aes where students have laptops in specific classrooms, where previously the security key was able to be hidden. we're currently building a template Windows 7 laptop which will be cloned and need to have the key hidden. The students have local admin access in order to run certain applications. I'm thinking that there must be some sort of GP setting or registry fix for this, but it's not intuitively obvious. I appreciate any help that you can provide on this-Thanks in advance!!!!
0
 
LVL 6

Expert Comment

by:fluk3d
ID: 33558052
If the users have local admin access to the machine I do not believe there is a way to hide the key. You might want to look into setting up a RADIUS server to authenticate with your AP if users are logging into the domain.

I believe windows call this IAS for server 2003 and NAP for server 2008.

Have a look at this thread also.

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/Q_25463535.html
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 6

Expert Comment

by:fluk3d
ID: 33558164
0
 
LVL 6

Expert Comment

by:zkrieger
ID: 33560542
you cannot prevent local admins from viewing the key, however you can fix your applications.

the problem is not the key being visible, its that you arent solving the compatibility issues with your software apps to allow them to run on a non-admin user.

look into application virtualization (you probably have licensing already if you have an EA agreement with microsoft)
0
 
LVL 62

Expert Comment

by:btan
ID: 33605752
propose to go into user mode as it is not only wlan keys, with such rights they would be able to do alot. Else put them into a user domain group with specific rights. note that device port is also open, they would import tools for data siphoning, privilege escalation etc. Even if you masked out the registry locally, they can easily undo it. Do consider also the network segregation of the user test lan to isolate any abuse and ripple into corporate lan.

0
 

Author Comment

by:mtburns
ID: 33636943
None of the proposed/suggested solutions were useable in our environment. We resolved the issue by changing the template user from being a member of the Administrators group to being a member of the Power users group with elevated privileges. Now users cannot view the encryption key. We did not need to reconfigure our access points, other clients, make changes to application settings, setup a radius server, nor isolate LAN segments to accomplish this.
0
 

Accepted Solution

by:
mtburns earned 0 total points
ID: 33637015
None of the proposed/suggested solutions were useable in our environment. We resolved the issue by changing the template user from being a member of the Administrators group to being a member of the Power users group with elevated privileges. Now users cannot view the encryption key. We did not need to reconfigure our access points, other clients, make changes to application settings, setup a radius server, nor isolate LAN segments to accomplish this.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Need WiFi? Often, there are perfectly good networks that don't have WiFi capability - and there's a need to add it.  - Perhaps you have an Ethernet port into a network but no WiFi nearby. - Perhaps you have a powerline extender and no WiFi at the…
On some Windows 7 (SP1) computers, Windows Update becomes super slow even the computer is reasonably fast.  There's one solution that seemed to have worked well for me (after trying a few other suggested solutions).
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question