Skip to content

Instantly share code, notes, and snippets.

@dennyhalim

dennyhalim/randomized-mac-addresses-options.md

Forked from SystemJargon/randomized-mac-addresses-options.md
Created March 21, 2025 02:52
Show Gist options
  • Save dennyhalim/06519baa0f121afc5e4ce72b306b99fe to your computer and use it in GitHub Desktop.
Save dennyhalim/06519baa0f121afc5e4ce72b306b99fe to your computer and use it in GitHub Desktop.
Download ZIP
Randomized MAC addresses
Raw
randomized-mac-addresses-options.md

Randomized MAC addresses

Most modern client devices may now support, random hardware address aka randomized mac addresses.

From an I.T op perspective, this may cause DHCP pool exhaustion issues.

From a user perspective, they may not know what issues this may cause, besides a "I can't connect to the network anymore" issue.

This maybe of interest too, https://github.com/SystemJargon/mac-changer

Mitigation:

Lowering the DCHP lease time might mitigate this issue to some degree.

Adopt FastRoaming or even OpenRoaming (the latter being part of Cisco DNA Spaces, now adopted as an industry standard for seamless Wi-Fi onboarding)

Implement policies on company or owned devices, i.e. to turn off MAC randomization for the company-owned devices or BYOD devices if the company policy allows it.

Ask users to turn off MAC randomization on their devices where and if possible.

Powershell Script to disable randomize mac address feature


$WiFi = Get-NetAdapter -Name "Wi-Fi"

$RegPath = "HKLM:\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}"

($Key = Get-ItemProperty -Path "$RegPath\*" -Name "AdapterModel") 2> $Null

If ($Key.AdapterModel -eq $WiFi.InterfaceDescription){

New-ItemProperty -Path "$RegPath\$($Key.PSChildName)" -Name "NetworkAddress" -Value $($WiFi.MacAddress) -PropertyType String -Force}

Windows Registry Edit to disable randomize mac address feature


1. Win+R, run regedit.exe

2. Locate the network adapter configuration that was configured with the random mac address feature in
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}
The network adapter maker's name can suggest the proper subfolder of {4D36E972-E325-11CE-BFC1-08002BE10318}.

3. Right-click on the folder that matches your device. For example, if the "0001" folder matches your device, right-click on the folder. Select New → String Value. Name the new value "NetworkAddress".

4. Double-click the new Network Address entry. In the "Value data" field, enter your new MAC address. MAC addresses are 12-digit values, and should be entered without any dashes or colons. For example, if you want to make the MAC address "2A:1B:4C:3D:6E:5F", you would enter "2A1B4C3D6E5F"

5. Restart the computer. You will notice in the wifi adapter advanced configuration settings that the random mac address option is greyed out.

References

https://support.microsoft.com/en-us/windows/how-to-use-random-hardware-addresses-in-windows-ac58de34-35fc-31ff-c650-823fc48eb1bc

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Meraki_and_iOS_14_MAC_Address_Randomization

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment