Bluetooth Disabling

Neo_78
Neo_78 used Ask the Experts™
on
Hi,

I would like to disable Bluetooth and Wireless devices on the client computers using Windows 2008 GPO any suggestions.
Thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
Hope this helps:

http://forums.techarena.in/server-security/74997.htm

There is no Group Policy to directly do such. What "may" help if you have
Windows 2003 domain controllers is to configure Group Policy/computer
configuration/Windows settings/security settings/wireless network to allow
use of only preferred network with 802.1X EAP for smart card/certificate for
a non existent wireless network. I have not tried that myself but would be
easy enough to test. If the users are also local administrators they
probably would figure out how to bypass such anyhow. A computer user policy
that prohibit such on company equipment with defined consequences and signed
by all users for a copy in their file could be another way to discourage
such activity.

Author

Commented:
I dont have windows 2003 Domain Controller. Is there no option to achieve this using Windows 2008 GPO's
Most Valuable Expert 2011
Top Expert 2011

Commented:
The DevCon command-line utility functions as an alternative to Device Manager
http://support.microsoft.com/kb/311272/

Don know how many different network cards you have in your environment, but this might take some tweaking........

devcon disable =net pci\ven*

I dont have bluetooth on this system, so I cant look up the class for that category.....

In a machine startup script, will disable them. And if they arent admins, they cannot re enable them...
Should you be charging more for IT Services?

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Most Valuable Expert 2011
Top Expert 2011
Commented:
Wait... Just realized a big goof on my part.....

devcon disable =net pci\ven*

Kills all your network cards.....

The following will kill all bluetooth.....

devcon disable =Bluetooth pci\ven*

The following would need to be tested THOROUGHLY, to be able to capture the Instance IDs of your WIFI nics.......

devcon disable =net PCI\VEN_10EC&DEV_8168&CC_0200

If you have an inventory/management app, you might know exactly what model wifi cards are in the environment. You can get thier full Hardware IDs, and disable them without affecting the wired lan cards....

Also, disable the WZCSVC in GPO.....

Author

Commented:
I have checked with my friend in Microsoft and he confirmed that there is no such option in Windows 2008 to disable Bluetooth and Wireless ports
Most Valuable Expert 2011
Top Expert 2011
Commented:
In GPO?

I know you can disable the Windows Wireless Zero Config/BlueTooth services via GPO, and Devcon was intended to be used in a machine startup script.... I can confirm that works, as I have used it before....

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial