Weekend Scripter: Use PowerShell to Manage Auto-Connect Wireless Networks

Summary: Use Windows PowerShell to manage auto-connect wireless networks in Windows 8.

Microsoft Scripting Guy, Ed Wilson, is here. Today I am going to continue my blog about working with auto-connect wireless networks in Windows 8. In yesterday’s blog post, Weekend Scripter: Use PowerShell to Find Auto-Connect Wireless Networks, I talked about the process of discovering wireless auto-connect networks.

Today I want to remove all but the specific networks that I desire to keep. There are, for my laptop, two networks I wish to retain: the MrEd wireless network (my home wireless network) and the Nokia Lumia 920 network (the network sharing feature on the Scripting Wife’s Windows 8 phone that I use to gain wireless Internet access when we are traveling). Everything else should go. 

Checking the files

The XML files that are used to configure the wireless connection profiles are stored in the ProgramData\Microsoft\WlanSvc\Profiles\Interfaces folder. Each network adapter identifies itself with a GUID, and there is a folder for each interface. Each file also identifies itself with a GUID. The folder is shown in the image that follows.

Image of menu

A folder full of GUID-named XML files is not the most friendly thing to attempt to review. This is where Windows PowerShell comes into play because Windows PowerShell makes working with XML very easy.

Modify yesterday’s script

I decided to modify yesterday’s script because it already found the files and produced a nice object with which to work. The first thing I did was create an array of the networks I want to keep. I added this command near the top of the script, as shown here:

$SafeNetworks = “Mred”, “NOKIA Lumia 920_3303”

The next thing I did was add a property to the object (the complete path to the XML file) because I will need it when I get ready to delete the files. This is shown here:

New-Object pscustomobject -Property @{

   ‘name’ = $c.WLANProfile.name;

   ‘mode’ = $c.WLANProfile.connectionMode;

   ‘ssid’ = $c.WLANProfile.SSIDConfig.SSID.hex;

   ‘path’ = $_.fullname}

Now I need to determine if the network name is in my $safeNetworks array. I use the –notcontains operator to do this. If the network is not in my $safeNetworks array, I use the Remove-Item cmdlet to delete the file. But for testing, I add in the –whatif parameter so I can work out any bugs in my code. Here is that portion of the script:

Foreach-object {

     If($SafeNetworks -notcontains $_.Name)

        { Remove-Item $_.path -whatif }

And that is basically it. So I give it a whirl to see what happens. Here are the results:

Image of command output

Well, it is time to remove the –whatif and give it a go.

Sweet. It looks like it worked. So I open yesterday’s script to make sure. It reports only the Nokia and the MrEd network. I look back in the folder, and there are only two XML files there.

Image of menu

OK, one more check…what does Netsh say? If you are like me, and you keep your wireless adapter disabled when you are connected to a wired Ethernet connection, it will say that there are no wireless interfaces on the system. This is shown here:

PS C:\> netsh wlan show profiles

There is no wireless interface on the system.

So I enable my wireless adapter and run the command a second time. This time it reports that I only have two wireless profiles:

PS C:\> netsh wlan show profiles


Profiles on interface Wi-Fi:


Group policy profiles (read only)




User profiles


    All User Profile     : NOKIA Lumia 920_3303

    All User Profile     : MrEd

So it works. Groovy. I think I will created a scheduled task, and run my script on a weekly basis. (For more information about using the Task Scheduler to run a Windows PowerShell script, see my blog post Weekend Scripter: Use the Windows Task Scheduler to Run a Windows PowerShell Script.)

Here is the complete script:


$GUID = (Get-NetAdapter -Name ‘wi-fi’).interfaceGUID

$path = “C:\ProgramData\Microsoft\Wlansvc\Profiles\Interfaces\$guid”

$SafeNetworks = “Mred”, “NOKIA Lumia 920_3303”

Get-ChildItem -Path $path -Recurse |

Foreach-Object {

   $c = Get-Content -path $_.fullname

   New-Object pscustomobject -Property @{

   ‘name’ = $c.WLANProfile.name;

   ‘mode’ = $c.WLANProfile.connectionMode;

   ‘ssid’ = $c.WLANProfile.SSIDConfig.SSID.hex;

   ‘path’ = $_.fullname} |

   Foreach-object {

     If($SafeNetworks -notcontains $_.Name)

        { Remove-Item $_.path } }


I invite you to follow me on Twitter and Facebook. If you have any questions, send email to me at scripter@microsoft.com, or post your questions on the Official Scripting Guys Forum. See you tomorrow. Until then, peace.

Ed Wilson, Microsoft Scripting Guy 

Comments (2)

  1. JPat says:

    Older post but figured I’d give some feedback; this worked nicely on my Windows 8.1 machine but it required a restart to remove the profiles not listed in the $SafeNetworks – the files were deleted but still visible via the netsh command prior to restart.

  2. tom says:

    Hi Scripting Guy,
    been spending the last couple of hours googling for a way to achieve the following:
    WLAN is WPA2-Enterprise / AES / PEAP
    in –> properties –> tab:security –> advanced settings –> tab: 802.1x settings –> authentication mode: user (wuha thats a long one)
    one can save credentials for wlan profile in advance – avoiding the prompt for these credentials upon first connection attempt.
    now thats not the big deal – the big deal here is the intricate difference that when providing the credentials in advance they seem to be cached for all users. other users will not be asked again for these credentials after logging in.

    however when one waits to get prompted upon connecting for the first time – these credentials are only cached for the current user.

    "unfortunately" these credentials don’t appear in the xml profile file like i.e. keyMaterial for passphrases..

    how can I use the allmighty Power of Powershell to import/export that user/pwd pair?