Is there another way, outside of using the retrieved property for “Network Adapters”, to show systems that have wireless adapters? And, can I pull out wireless network configuration information, such as SSID, etc?
the following might get you on the right path, just try running this VBScript code. Unfortunately I don’t know how to instantiate one level down, as the instances of the MSNdis_80211_ServiceSetIdentifier class are the actual network cards and you need the Ndis80211SsId property (you’ll see what I mean when you run the code). Dirty job would be to parse it out.
Rad
On Error Resume Next
Set objWMI = GetObject(“winmgmts://./root\WMI”)
Set objInstances = objWMI.InstancesOf(“MSNdis_80211_ServiceSetIdentifier”,48)
Using the info Rad provided, I was able to pull this info out of the wmi using direct inspectors (but first I had to deal with the fact that “Ndis80211SSID” returns a binary value that needed to be converted to a string… quite a pain).
Returns SSID of currently active network adapters:
q: unique values of (concatenation of characters ((integer values of it) whose (it > 30))) of selects “Ndis80211SsId from MSNdis_80211_ServiceSetIdentifier” of wmi "root\wmi"
A: valinor
I am pretty excited about this. Thanks for the contribution Rad/Steve.
Well done Ben! I was kind of half hoping at the time of posting that you’d be able to translate the script into direct query which you did. The binary conversion was obviously an added challenge, but you’ve demonstrated a technique that could be used elswhere…
Nick, from my understanding of the driver class that is what you’re getting, but haven’t had the chance to test this extensively apart from connecting to our corporate WLAN.
hmmm…I have machines on the network, reporting into BigFix and are reporting various SSID’s using Ben’s WMI.
When I physically check the status of the Wireless NIC, it’s disabled (which is good), but not exactly what I wanted to see. I was trying to flag machines attempting to split tunnel…
I tried it here on a few computers and it returned the current SSID and then I disabled the network adapater and it returned nothing. On your computers does it show the last SSID? Is it specific to only a few computers?
That is interesting… my only guess is that it is a driver-specific implementation option and different drivers behave differently. I am using an Intel PRO/Wireless card that came with my Dell.
mgoodnow,
The wmi call returns the SSID characters one at a time in binary form and I had to translate them. On my computer there were a bunch of garbage characters I tried to strip out by restricting the characters as ascii characters 30 and above. Try this slight modification to return on only characters 32 through 126.
unique values of (concatenation of characters ((integer values of it) whose (it > 31 AND it < 127))) of selects “Ndis80211SsId from MSNdis_80211_ServiceSetIdentifier” of wmi “root\wmi”
Sorry for the security skewed post within the Systems management forum but this retrieved property has driven me to post for the first time!!
Is it now possible to implement a policy based upon a range of acceptable SSIDs? Would it allow our customers to enforce their users to connect ONLY to company AP’s whilst within the confines of their offices?
A real issue in shared offices is the common situation where users are connected to other companies APs etc, whilst plugged into the LAN.
The Security Policy Manager site has a Fixlet that disables wireless adapters. It should be pretty simple to use the information above to build in a list of “Approved SSIDs” and then set a policy to disable wireless for non-approved SSIDs.
Just want to thank you for highlighting a potential flaw in our build process, whereby Windows manages the wireless NIC before any 3rd party wireless management application gets installed and disables the device.