Expand Minimize


When set, the OID_DOT11_ENABLED_MULTICAST_CIPHER_ALGORITHM object identifier (OID) requests that the miniport driver set the Extensible Station (ExtSTA) msDot11EnabledMulticastCipherAlgo management information base (MIB) object to the specified data.

When queried, this OID requests that the miniport driver return the value of the msDot11EnabledMulticastCipherAlgo MIB object.

The msDot11EnabledMulticastCipherAlgo MIB object specifies the list of multicast cipher algorithms that the 802.11 station enables for use when connecting to a basic service set (BSS) network. After OID_DOT11_CONNECT_REQUEST is set, the 802.11 station will attempt to connect to a BSS whose 802.11 Beacon or Probe Response frames specify support for a multicast cipher algorithm defined by an entry within the msDot11EnabledMulticastCipherAlgo MIB object.

Note  Support for this OID is mandatory if the 802.11 station supports any multicast cipher algorithms. The miniport driver returns a list of supported multicast cipher algorithms when OID_DOT11_SUPPORTED_MULTICAST_ALGORITHM_PAIR is queried.

The data type for this OID is the DOT11_CIPHER_ALGORITHM_LIST structure.

When OID_DOT11_ENABLED_MULTICAST_CIPHER_ALGORITHM is set, the miniport driver must do the following:

  • If the uNumOfEntries member of the DOT11_CIPHER_ALGORITHM_LIST structure is set to zero, fail the set request by returning NDIS_STATUS_INVALID_DATA from its MiniportOidRequest function. The msDot11EnabledMulticastCipherAlgo MIB object must always contain at least one entry.

  • If the 802.11 station does not support a specified multicast cipher algorithm, return NDIS_STATUS_INVALID_DATA from its MiniportOidRequest function.

  • If the 802.11 station does not support any of the specified multicast cipher algorithms for any of the enabled authentication algorithms defined by the ExtSTA msDot11EnabledAuthAlgo MIB object, return NDIS_STATUS_INVALID_DATA from its MiniportOidRequest function.

    For more information about the msDot11EnabledAuthAlgo MIB object, see OID_DOT11_ENABLED_AUTHENTICATION_ALGORITHM.

  • Enable the specified multicast cipher algorithms for any enabled authentication algorithm that supports the cipher.

  • Disable all supported multicast cipher algorithms that are not in the specified list.

  • Ensure that the value of the InformationBufferLength member of the MiniportOidRequest function's OidRequest parameter is at least the value returned by the following formula:


When OID_DOT11_ENABLED_MULTICAST_CIPHER_ALGORITHM is queried, the miniport driver must do the following:

  • If this OID was previously set, returns the list of multicast cipher algorithms in the same order as they were set.

  • If OID_DOT11_ENABLED_MULTICAST_CIPHER_ALGORITHM was not previously set, returns its default multicast ciphers in the list.

  • The miniport driver cannot return an empty list of multicast cipher algorithms. If the 802.11 station has not enabled any multicast cipher algorithms, the miniport driver must return a list containing DOT11_CIPHER_ALGO_NONE.

The default value for the msDot11EnabledMulticastCipherAlgo MIB object is the list of multicast ciphers supported by the enabled authentication algorithms specified by the msDot11EnabledAuthAlgo MIB object. The default multicast cipher list must be ordered by preference. For more information about cipher preference, see DOT11_CIPHER_ALGORITHM.

The miniport driver must set the msDot11EnabledMulticastCipherAlgo MIB object to the default multicast cipher if the following occurs:

The following points describe set requests of OID_DOT11_ENABLED_MULTICAST_CIPHER_ALGORITHM by the operating system:

  • The operating system might not always issue a set request of OID_DOT11_ENABLED_MULTICAST_CIPHER_ALGORITHM. In this case, the 802.11 station should use the default multicast cipher during any connection or roam operations. For more information about these operations, see Connection Operations and Roaming Operations.

  • If the operating system issues a set request of OID_DOT11_ENABLED_MULTICAST_CIPHER_ALGORITHM, it will precede a set request of OID_DOT11_ENABLED_UNICAST_CIPHER_ALGORITHM.

Note  Beginning in Windows 7, the operating system enables only one cipher algorithm at a time.



Available in Windows Vista and later versions of the Windows operating systems.


Windot11.h (include Ndis.h)

See also

Native 802.11 Wireless LAN OIDs



Send comments about this topic to Microsoft

© 2015 Microsoft