asked on
How to stop employees from connecting to a different SSID?
Hello Experts!
We have two SSIDs.
1. GUEST
This is for employees' cell phones, and visitors. No Internet access restrictions. Employees all know the security key.
2. PROD
This is for some production computers. Restrictions are set, which only allow access to certain websites.
We found employees quietly switch to GUEST when working on production computers to have fun online.
How can this be stopped?
Thanks!
ASKER
😄 sorry, we can't do that 😄
i would set up 2 different pc's one with guest account, and one with prod
that should be easy, since you have already one setup
ASKER
@nobus, sorry, I don't get your point. Can you explain a bit?
You could use a (computer) GPO to block that guest SSID.
when the accounts are on different pc's - you can protest them with different passwords
ASKER
right, I should look into GPO first; it's easier
ASKER
wow, very thoughtful!
If computer GPO is where the setting is configured it’s no issue if the user connects before login, or disables the NIC.
I’ve done it with GPO for literally thousands of devices this way with no issues.
ASKER
If AD can't be located, GPO will not apply, but the existing settings will stay and users can't make changes to them via editing local policies because they do not have admin right on their computers.
https://sdmsoftware.com/general-stuff/what-does-group-policy-do-when-it-cant-contact-a-dc/
GPOs already downloaded still apply.
After the first or second firing, it should stop.