Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Require Admin rights to create Ad Hoc network Network
In some cases, you may not want your OS X users to have the ability to create an Ad Hoc network. This can cause all kinds of issues if they are broadcasting their own SSIDs through out your network. After some extensive Google searching and hitting up some mailing lists, I was able to configure the AirPort daemon to require Administrative privileges to create an Ad Hoc network.

This is not widely documented, and I have only tested it in 10.5. I also rebooted my machine to restart all daemons after running the command. If you try running it in 10.4, you will have to test it as I do not have a Tiger machine around me to test this out.

Open up Terminal and run the following command:
sudo /usr/libexec/airportd en1 ‑ibss_admin 1
To undo this, simply rerun the code, but replace the ending 1 with a 0, and then all users will be able to create Ad Hoc networks.
    •    
  • Currently 1.80 / 5
  You rated: 1 / 5 (10 votes cast)
 
[10,394 views]  

Require Admin rights to create Ad Hoc network | 6 comments | Create New Account
Click here to return to the 'Require Admin rights to create Ad Hoc network' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Require Admin rights to create Ad Hoc network
Authored by: brett_x on Jan 21, '09 08:50:05AM
Good tip. I might add to that... You can also require admin password to control Airport under Network system preferences. Just click on your Airport, then click "Advanced". There's a checkbox for it. The difference is that you can't even join Airport networks if you select this.
The really nice thing is that this option is location specific. So, for laptops, if you don't have any reason end users should be changing or joining Airport networks while in the office, you can set up an "Office Network" location and check that box. When they are on the road, they can have an "Other Networks" location to choose that will allow them to join Airport networks. Just be aware that they have to log out or reboot after changing network locations for that to work.

[ Reply to This | # ]
Require Admin rights to create Ad Hoc network
Authored by: Volt on Jan 21, '09 09:53:22AM

In Tiger if you go to your Network System Preferences and configure your Airport connection, you can do this from the GUI I believe.

When you go to configure Airport, click "Options". Under "Require administrator password to:" there is a checkbox that says "Create Computer-to-Computer networks". I'm guessing there should be a similar processes in Leopard as well.



[ Reply to This | # ]
Require Admin rights to create Ad Hoc network
Authored by: tom larkin on Jan 21, '09 11:44:53AM

The command is perfect for a network policy or to send it out over ARD Admin via send Unix Command. I did not have this setting flagged in my image and unfortunately OS X group policy from OS X Server is not that specific at the moment, and it has to be done at the client level.



[ Reply to This | # ]
Require Admin rights to create Ad Hoc network
Authored by: mauricev on Jan 21, '09 03:41:18PM

Is there a command-line mechanism to create an ad hoc network in the first place? It almost sounds like this command itself could do it, but there are no switches mentioned in the man page and it doesn't complain with any hints if I pass bogus ones.



[ Reply to This | # ]
Require Admin rights to create Ad Hoc network
Authored by: mauricev on Jan 21, '09 04:14:23PM

I found it. What I'm looking for is the Linux equivalent of the iwconfig command.

The command is
/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport

and the --help switch reveals that --ibss= switch should work to create an adhoc network.



[ Reply to This | # ]
ad hoc network
Authored by: tom larkin on Jan 22, '09 06:53:22AM
I found it. What I'm looking for is the Linux equivalent of the iwconfig command. The command is /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport and the --help switch reveals that --ibss= switch should work to create an adhoc network.
I have used that binary in conjunction with /usr/sbin/networksetup in the past to configure some things on our Mac clients. however, I strongly suggest creating a symbolic link to the ariport binary as that path is very very long, ha ha.

[ Reply to This | # ]