(imported topic written by SteveC91)
Is there another way, outside of using the retrieved property for “Network Adapters”, to show systems that have wireless adapters? And, can I pull out wireless network configuration information, such as SSID, etc?
Thanks
(imported comment written by BenKus)
Hey Steve,
Try this:
exists (selects “NetConnectionID from Win32_NetworkAdapter where NetConnectionID = ‘Wireless Network Connection’ AND NetConnectionStatus = 2” of wmi)
This will tell you if the wireless connection is active, but I am not sure about the rest of the config details.
Note that the Security Policy Manager site allows you to disable the wireless connections (and other peripheral devices too) with a Fixlet.
Ben
(imported comment written by rad.ricka91)
Steve,
the following might get you on the right path, just try running this VBScript code. Unfortunately I don’t know how to instantiate one level down, as the instances of the MSNdis_80211_ServiceSetIdentifier class are the actual network cards and you need the Ndis80211SsId property (you’ll see what I mean when you run the code). Dirty job would be to parse it out.
Rad
On Error Resume Next
Set objWMI = GetObject(“winmgmts://./root\WMI”)
Set objInstances = objWMI.InstancesOf(“MSNdis_80211_ServiceSetIdentifier”,48)
For Each objInstance in objInstances
WScript.Echo objInstance.getObjectText_
Next
(imported comment written by rad.ricka91)
Bit more info - see here (don’t we just all love Ndis drivers?)
http://www.scriptinternals.com/new/us/support/Internal/WMI_MSNdis_80211_ServiceSetIdentifier.htm
(imported comment written by SteveC91)
Thanks Ben and Rad. I’m going to give both a try. I’ll take a stab at the parsing.
Steve
(imported comment written by BenKus)
Wait! No need for scripts. check this out!
Using the info Rad provided, I was able to pull this info out of the wmi using direct inspectors (but first I had to deal with the fact that “Ndis80211SSID” returns a binary value that needed to be converted to a string… quite a pain).
Returns SSID of currently active network adapters:
q: unique values of (concatenation of characters ((integer values of it) whose (it > 30))) of selects “Ndis80211SsId from MSNdis_80211_ServiceSetIdentifier” of wmi "root\wmi"
A: valinor
I am pretty excited about this. Thanks for the contribution Rad/Steve.
Ben
(imported comment written by rad.ricka91)
Well done Ben! I was kind of half hoping at the time of posting that you’d be able to translate the script into direct query which you did. The binary conversion was obviously an added challenge, but you’ve demonstrated a technique that could be used elswhere…
R.
(imported comment written by nberger91)
This is awesome ! Do you know whether it is possible to retrieve current ‘connected’ SSID of active adapter ?
(imported comment written by rad.ricka91)
Nick, from my understanding of the driver class that is what you’re getting, but haven’t had the chance to test this extensively apart from connecting to our corporate WLAN.
Rad
(imported comment written by nberger91)
hmmm…I have machines on the network, reporting into BigFix and are reporting various SSID’s using Ben’s WMI.
When I physically check the status of the Wireless NIC, it’s disabled (which is good), but not exactly what I wanted to see. I was trying to flag machines attempting to split tunnel…
(imported comment written by BenKus)
Hey Nick,
I tried it here on a few computers and it returned the current SSID and then I disabled the network adapater and it returned nothing. On your computers does it show the last SSID? Is it specific to only a few computers?
Ben
(imported comment written by nberger91)
Hey Ben
Looks like it is showing the last connected SSID not the current connected SSID.
The adapter is disabled, however BigFix is returning an SSID.
Hope this makes sense…
(imported comment written by SystemAdmin)
After adding Ben’s wmi check to the console - did anyone find the results returning strange characters after the SSID string in the console?
(imported comment written by BenKus)
Hey Nick,
That is interesting… my only guess is that it is a driver-specific implementation option and different drivers behave differently. I am using an Intel PRO/Wireless card that came with my Dell.
mgoodnow,
The wmi call returns the SSID characters one at a time in binary form and I had to translate them. On my computer there were a bunch of garbage characters I tried to strip out by restricting the characters as ascii characters 30 and above. Try this slight modification to return on only characters 32 through 126.
unique values of (concatenation of characters ((integer values of it) whose (it > 31 AND it < 127))) of selects “Ndis80211SsId from MSNdis_80211_ServiceSetIdentifier” of wmi “root\wmi”
Ben
(imported comment written by Mark_Fullbrook)
Sorry for the security skewed post within the Systems management forum but this retrieved property has driven me to post for the first time!!
Is it now possible to implement a policy based upon a range of acceptable SSIDs? Would it allow our customers to enforce their users to connect ONLY to company AP’s whilst within the confines of their offices?
A real issue in shared offices is the common situation where users are connected to other companies APs etc, whilst plugged into the LAN.
I guess this is a way around that?
(imported comment written by BenKus)
Hey Mark,
The Security Policy Manager site has a Fixlet that disables wireless adapters. It should be pretty simple to use the information above to build in a list of “Approved SSIDs” and then set a policy to disable wireless for non-approved SSIDs.
Ben
(imported comment written by nberger91)
Hey Ben
Just want to thank you for highlighting a potential flaw in our build process, whereby Windows manages the wireless NIC before any 3rd party wireless management application gets installed and disables the device.
Another ‘side benefit’ to using BES. Thanks !
(imported comment written by Richard_Betts)
I have found the follwing WMI lookup that seems to return the SSID of the current connected network.
selects (“SSID from WiFi_AdapterAssociationInfo”) of wmi “root\cimv2”