Training
Learning path
Configure networking on Windows clients - Training
MD-100 Configure networking on Windows clients
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Tip
This CSP contains ADMX-backed policies which require a special SyncML format to enable or disable. You must specify the data type in the SyncML as <Format>chr</Format>
. For details, see Understanding ADMX-backed policies.
The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.
Scope | Editions | Applicable OS |
---|---|---|
✅ Device ❌ User |
✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC |
✅ Windows 10, version 1803 [10.0.17134] and later |
./Device/Vendor/MSFT/Policy/Config/WindowsConnectionManager/ProhitConnectionToNonDomainNetworksWhenConnectedToDomainAuthenticatedNetwork
This policy setting prevents computers from connecting to both a domain based network and a non-domain based network at the same time.
Automatic connection attempts
When the computer is already connected to a domain based network, all automatic connection attempts to non-domain networks are blocked.
When the computer is already connected to a non-domain based network, automatic connection attempts to domain based networks are blocked.
Manual connection attempts
When the computer is already connected to either a non-domain based network or a domain based network over media other than Ethernet, and a user attempts to create a manual connection to an additional network in violation of this policy setting, the existing network connection is disconnected and the manual connection is allowed.
When the computer is already connected to either a non-domain based network or a domain based network over Ethernet, and a user attempts to create a manual connection to an additional network in violation of this policy setting, the existing Ethernet connection is maintained and the manual connection attempt is blocked.
If this policy setting isn't configured or is disabled, computers are allowed to connect simultaneously to both domain and non-domain networks.
Description framework properties:
Property name | Property value |
---|---|
Format | chr (string) |
Access Type | Add, Delete, Get, Replace |
Tip
This is an ADMX-backed policy and requires SyncML format for configuration. For an example of SyncML format, refer to Enabling a policy.
ADMX mapping:
Name | Value |
---|---|
Name | WCM_BlockNonDomain |
Friendly Name | Prohibit connection to non-domain networks when connected to domain authenticated network |
Location | Computer Configuration |
Path | Network > Windows Connection Manager |
Registry Key Name | Software\Policies\Microsoft\Windows\WcmSvc\GroupPolicy |
Registry Value Name | fBlockNonDomain |
ADMX File Name | WCM.admx |
Training
Learning path
Configure networking on Windows clients - Training
MD-100 Configure networking on Windows clients
Documentation
Learn more about the WindowsPowerShell Area in Policy CSP.
Learn more about the Wifi Area in Policy CSP.
Learn more about the ADMX_DeviceSetup Area in Policy CSP.