Hey everyone,
I'm looking for a way to block domain-joined computers from connecting to unsecured Wi-Fi networks using Group Policy Objects (GPO). Is there a method or setting available for this? Would love to know what options might be out there!
3 Answers
If you're looking for the specific steps, you can manage it from:
Computer Configuration
└ Policies
└ Windows Settings
└ Security Settings
└ Wireless Network (IEEE 802.11) Policies
Feel free to explore those settings!
We already had a GPO set up to auto-connect to our internal Wi-Fi. Right now, we can add settings to block ad-hoc and direct Wi-Fi connections as a temporary measure.
Not exactly. While you can create whitelists for specific SSIDs that machines can connect to, there isn't really an option to outright prevent connections to unsecured networks, as far as I know. It's more about managing what is permitted rather than blocking everything else directly.
I've seen it work similarly at a previous job. When connected to the company VPN, it allowed access to what was needed, but nothing else worked unless it was whitelisted by our firewall.
I was curious after reading this! You’re right; while you can block certain types of networks like ad-hoc ones or set up a whitelist, it seems GPO doesn’t have the capability to block unsecured networks outright. Maybe scheduling a task to auto-disconnect from unsecured networks could be a workaround? Just a thought!