road block

Block Computer from Connecting to Non-Domain Network

Q: How can I block a computer from connecting to other networks if the machine is connected to the domain network via a LAN?

A: If a machine is connected to your corporate network via a LAN, you might want to ensure that it can't also connect to another network using a wireless connection or even a second LAN connection. Edit Group Policy as follows to block other networks when connected to a domain network:

  1. Open the Group Policy Object (GPO) for the setting that's linked to the required domain or OU.
  2. Navigate to \Computer Configuration\Policies\Administrative Templates\Network\Windows Connection Manager.
  3. Double-click Prohibit connection to non-domain networks when connected to domain authenticated network, and select the Enabled setting.
  4. Click OK.
  5. Close the Group Policy Management Editor.

Refresh Group Policy on the computers that should receive the policy.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish