2

I want to prevent Windows from showing any wireless password. Is there a security database choice either on each individual computer or on the domain that will establish this policy?

M T Sharp
  • 21

1 Answers1

2

The only way to do this is to disallow access for regular users to the Network and Sharing Center through GPO. There is no way to disable only the Show wireless key function, either locally or through GPO.

To disable Network & Sharing Center through GPO:

I have clients that have laptop users and the laptop users need local administrator rights on their computers. I found out that restricting access to the Network and Sharing Center did not prevent the ability to view and see the properties (including the wireless keys) for local administrators. I was still able to view these properties through a shortcut to Manage Wireless Networks and/or by right clicking on a WLAN adapter, then Status, then Wireless Properties. Therefore, I set out to find a different method to prevent access to this information using a Software Restriction Policies GPO. The method that I have used below is drastic as it prevents access to be able to edit WLAN profiles. Users can still connect to a wireless network they simply cannot edit any of the properties. Here’s how…

  1. Create a new GPO and link it to the OU where you want the policy applied.
  2. Edit the new GPO and navigate to User Configuration\Policies\Windows Settings\Security Settings\Software Restriction Policies.
  3. In the Object Type pane, double click on “Enforcement” and change the “Apply Software Restriction Policies to the following:” and check “All Software Files” which will include DLL files.
  4. Next go to the “Additional Rules” node, right click on the blank area and add a new path rule.
  5. In the Path field type C:\Windows\System32\wlanui.dll and select the security level as Disallowed. wlanui.dll is the Wireless Lan User Interface GUI.
  6. Go to Computer Configuration\Policies\Administrative Templates\System\Group Policy and set the “User Group Policy loopback processing mode” to Enabled and select Replace which will override any other policies this software policy will take precedence.

Source: Direct quote from Technet forum post