XPpro+SP2: Rotate WEP keys remotely?

Can anybody tell me if it's possible to rotate the WEP keys remotely
rather then having to visit half a dozen PCs whenever the WEP keys
change?

Ideally by a registry change, although I'm willing to do some scripting
if needed.

Can anybody point me in the right direction?

--
A cheap shot is a terrible thing to waste.

"DevilsPGD" wrote:
> Can anybody tell me if it's possible to rotate the WEP keys remotely
> rather then having to visit half a dozen PCs whenever the WEP keys
> change?

Half a dozen is probably not as many as needed to justify
deployment of WPA with a central server,
but have you considered this?

> Ideally by a registry change, although I'm willing to do some scripting
> if needed.

Maybe copying a registry record for configured AP from one
machine to other will work, though I haven't tried.
Under the key
HKLM\SOFTWARE\Microsoft\WZCSVC\Parameters\Interfac es\{guid}
find value named Static#xxxx for your preferred connection and copy
it to another machine - {guid} will be different there!

--PA

In message <E8E083FE-3BEF-40BF-A9CB-(E-Mail Removed)> "Pavel
A." <(E-Mail Removed)> wrote:

>"DevilsPGD" wrote:
>> Can anybody tell me if it's possible to rotate the WEP keys remotely
>> rather then having to visit half a dozen PCs whenever the WEP keys
>> change?
>
>Half a dozen is probably not as many as needed to justify
>deployment of WPA with a central server,
>but have you considered this?

No, mostly because of the hassle -- It sounds like something that really
should be possible to configure remotely, either with a group policy or
login script, but I couldn't find anything online that would help.

Currently I have a couple 802.11g APs that we use, plus a backup 802.11b
AP which runs on a public SSID (without WEP) and has a captive portal
(think like a hotspot) that gives the new WEP key to authenticated users
over HTTPS, or allows visitors to enter the temporary password to get
online (still without WEP)

It gets the job done, but I like lazyness

>> Ideally by a registry change, although I'm willing to do some scripting
>> if needed.
>
>Maybe copying a registry record for configured AP from one
>machine to other will work, though I haven't tried.
>Under the key
>HKLM\SOFTWARE\Microsoft\WZCSVC\Parameters\Interfa ces\{guid}
>find value named Static#xxxx for your preferred connection and copy
>it to another machine - {guid} will be different there!

With the GUID being different it sounds like more work then is required,
but I'll consider it if I get annoyed enough with reconfiguring PCs.

--
Boom. Boom boom boom. Boom boom. BOOM. Have a nice day.
-- Susan Ivanova, B5

I am actually facing the same Problem as you,trying to find a way to rotate
the wep keys and/or WPA-PSK remotely.I was thinking with The GPO but seems
that windows server 2003 is not able to set policy for WPA-PSK.
Is there a way to programmatically distribute the new wep key or new WPA-PSK
to a client software residing in the user laptop(assuming that would be made
in a secure channel like through a backup AP and Tunelling or secure
Email)and set the new values of WEP or WPA PSK automatically while being as
much transparent for the user and possibly without user intervention.
I heard WMI is able to do that or the API WRAPI in C but dont know if so
succeeded in doing that or how to do that
Any help would be appreciated

"DevilsPGD" wrote:

> In message <E8E083FE-3BEF-40BF-A9CB-(E-Mail Removed)> "Pavel
> A." <(E-Mail Removed)> wrote:
>
> >"DevilsPGD" wrote:
> >> Can anybody tell me if it's possible to rotate the WEP keys remotely
> >> rather then having to visit half a dozen PCs whenever the WEP keys
> >> change?
> >
> >Half a dozen is probably not as many as needed to justify
> >deployment of WPA with a central server,
> >but have you considered this?
>
> No, mostly because of the hassle -- It sounds like something that really
> should be possible to configure remotely, either with a group policy or
> login script, but I couldn't find anything online that would help.
>
> Currently I have a couple 802.11g APs that we use, plus a backup 802.11b
> AP which runs on a public SSID (without WEP) and has a captive portal
> (think like a hotspot) that gives the new WEP key to authenticated users
> over HTTPS, or allows visitors to enter the temporary password to get
> online (still without WEP)
>
> It gets the job done, but I like lazyness
>
> >> Ideally by a registry change, although I'm willing to do some scripting
> >> if needed.
> >
> >Maybe copying a registry record for configured AP from one
> >machine to other will work, though I haven't tried.
> >Under the key
> >HKLM\SOFTWARE\Microsoft\WZCSVC\Parameters\Interfa ces\{guid}
> >find value named Static#xxxx for your preferred connection and copy
> >it to another machine - {guid} will be different there!
>
> With the GUID being different it sounds like more work then is required,
> but I'll consider it if I get annoyed enough with reconfiguring PCs.
>
> --
> Boom. Boom boom boom. Boom boom. BOOM. Have a nice day.
> -- Susan Ivanova, B5
>