We don't want to wipe out their saved home network SSIDs etc. We don't want to restrict the users to connecting to only a single SSID. Then you don't have to worry about removing networks you don't like, it will all happen automatically. I don't know how to do it in the xml but someone here probably will. With both of these settings in place they will only be able to connect to the networks stipulated in your config. Then where you would make a new policy for Windows Vista or later, in the Network Permissions tab, you need the options ticked for 'Prevent connections to ad-hoc networks' and 'Prevent connections to infrastructure networks'. IF you want them to be restricted to only one SSID, you need to implement the equivalent of (but in XML format):Ĭomputer Configuration > Windows Settings > Security Settings > Wireless Networks (802.11) Policies That software has saved my team thousands of hours of work over the past few years. It's a quick and dirty script, but I can put it up here if it would help.Īs always, I would strongly recommend PDQ software for this and sooo many other uses. but its painfully slow because of the bandwidth limits we put on the guest wifi.Īnyway, the problem got bad enough this week that I just made a PDQ Inventory collection checking for our guest SSID in the registry and if it find it, it automatically kicks off a PDQ Deploy package that runs the netsh command to delete the wifi profile and a powershell script to remove it from the registry. Our guest wifi is segregated from the rest of our networks, for obvious reasons, and so when they decide to hop on the guest wifi, the laptop tries to connect to DirectAccess which does work. We've had the problem where some users (for god knows what reason) connect their work laptop to our guest wifi even though every laptop is configured for our office wifi already. If you did a computer policy it would not require any user to be logged in, nor would it prompt UAC because GPOs get executed with elevated privileges.
0 Comments
Leave a Reply. |