Q: How can I block a computer from connecting to other networks if the machine is connected to the domain network via a LAN?
A: If a machine is connected to your corporate network via a LAN, you might want to ensure that it can't also connect to another network using a wireless connection or even a second LAN connection. Edit Group Policy as follows to block other networks when connected to a domain network:
- Open the Group Policy Object (GPO) for the setting that's linked to the required domain or OU.
- Navigate to \Computer Configuration\Policies\Administrative Templates\Network\Windows Connection Manager.
- Double-click Prohibit connection to non-domain networks when connected to domain authenticated network, and select the Enabled setting.
- Click OK.
- Close the Group Policy Management Editor.
Refresh Group Policy on the computers that should receive the policy.