Solved

Locking down Wireless Profile

Posted on 2016-08-02
10
29 Views
Last Modified: 2016-09-10
We have 2 wireless networks in our company, one hidden SSID which is the company network and the other one is the Public network for guests (not hidden) I have an employee that constantly keeps removing the wireless profile already set on her computer (the hidden one), after doing so she ends up connecting to our public Wi-Fi (not hidden) and keeps blaming that the computer is the problem. This is the 4th time that is happening and I need to "lock down" the actual profile hidden profile that was initially created so that she can't hit the "Remove" option on top but still be able to add other networks (e.g Starbucks, Hotel Wi-Fi) if she decides to take the work computer home or travel. Does anyone have any idea how to address this? Can GPO fix this or perhaps a PowerShell script can do the trick? I really need to grey out the

Grey Out or Block Remove Option
0
Comment
Question by:Diego B
  • 4
  • 4
  • 2
10 Comments
 
LVL 38

Expert Comment

by:Adam Brown
Comment Utility
Go to this section of the registry:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles
and change the permissions on that folder and subfolders that denies delete permission to that user. She'll be able to create new profiles, but will not be able to delete any.
1
 

Author Comment

by:Diego B
Comment Utility
Testing as we speak... thank you so much!
0
 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 500 total points (awarded by participants)
Comment Utility
You can do this with GPO. It works much better than editing the registry and can force the client to oy connect to certain SSIDs while denying access to others.
1
 

Author Comment

by:Diego B
Comment Utility
Adam any chance to revert back the permission issue in the registry? The implicit deny is there and now I can't revert the change.
0
 
LVL 38

Expert Comment

by:Adam Brown
Comment Utility
Unless you set deny all permission for the user's group (Which is not what I recommended), you should be able to open the folder and set the permission. Otherwise, you'll have to use PSExec or a similar utility to open Regedit in the System context to modify the permissions.
0
New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

 

Author Comment

by:Diego B
Comment Utility
Craig you mentioned that GPO would be much easier than Adam's approach doing it through the Registry, can you please elaborate on the steps on how to do so?

thank you,
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points (awarded by participants)
Comment Utility
Sure can.

Have a look at this great article which shows you the steps...

http://www.petenetlive.com/KB/Article/0000923
0
 

Author Comment

by:Diego B
Comment Utility
Thank you, Craig. Now if I use this GPO setting will the user be able to delete the profile or will it lock it down?
0
 
LVL 45

Expert Comment

by:Craig Beck
Comment Utility
Depending on how you configure the GPO you can choose how much control you want the user to have. You can lock it down if you choose.
0
 
LVL 45

Expert Comment

by:Craig Beck
Comment Utility
Best answer chosen
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Join & Write a Comment

If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now