Change TKIP to AES remotely

WellingtonIS
WellingtonIS used Ask the Experts™
on
I have over 200 wireless machines that are currently wpa2 and TKIP.  My old Cisco controller didn't allow wpa2 and AES so we used TKIP.  My new controller a Cisco 5520 doesn't not allow wpa2 and TKIP. I'm stuck in catch 22.  Is there any way to change TKIP on the machines remotely, my users have no rights on the machines and I'd have to take off all the autologin settings and one by one change the encryption.  I don't want to have to create a group policy.  I'd rather use a script if possible
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2018

Commented:

Author

Commented:
Will this work on Windows 10 I have a mix.  Also the profiles or SSID's are the same.
Distinguished Expert 2018

Commented:
It will work on win10, yes.

For the switch to be as easy as it gets, configure a new SSID on your new switch.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
OK thanks.  But I'm going to delete the profile and add it back.  I think that will give me what I need.
Distinguished Expert 2018

Commented:
How are you going to do that? Can you even delete the current profile while it's in use?

Author

Commented:
That's the problem we can delete it, it changes but it's not automatically reconnecting  I wish there was a way via command to change TKIP to AES
Joe FulginitiNetwork Engineer

Commented:
Are you using wpa enterprise or wpa personal?
Distinguished Expert 2018

Commented:
I guess it will reconnect if you disable the adapter and enable it again. This needs to be done by a script that gets copied locally, first, before the connection breaks. Will try for myself.

Author

Commented:
Actually we managed to do it.
netsh wlan set profileparameter name="xxxxx" encryption=AES
Distinguished Expert 2018

Commented:
Ok, and is that deployable? I wonder if your script won't need a WLAN connection to be executed from its source.

Author

Commented:
Yes.  If you copy the script to the machine and run it, it does the trick.
Distinguished Expert 2018

Commented:
Yes, as I said, that of course will do it.
So, are we ready to close this, or any further questions?

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial