Windows Server 2008

Creating a Wireless Network Group Policy, Part 1

One of the things that always seems weird about wireless networking is that companies typically go to great lengths to make sure that their wireless networks are secure, but often times do nothing to ensure that employees are actually connecting to the correct network. In fact, I recently received an e-mail from someone who had worked diligently to make sure that their network was secure. One of the users on their network ended up with a rather serious malware infections. An inspection of the users browser cache revealed that the user had been surfing adult websites. At first, the administrator was a little bit confused because software was in place to prevent access to these types of sites. Further investigation revealed that the user was circumventing network security by simply attaching to an unsecured wireless network down the street. Fortunately, it is possible to prevent this type of behavior by setting some group policies. In this article, I will show you how.

How is it Possible?

The first time that I ever heard about wireless group policies, the concept kind of messed with my mind. After all, it seems a little bit strange to be able to set a group policy that regulates wireless access when the wireless access point is not even aware of your Windows domain, and is certainly not subject to any group policy settings.

The reason why group policies can be used to regulate wireless access, is that they can be applied to the end users PC. As such, the group policy does not control the access point, but rather how users PCs connect to the access point.

Sponsored Content

Maximize Value from Microsoft Defender

In this ebook, you’ll learn why Red Canary’s platform and expertise bring you the highest possible value from your Microsoft Defender for Endpoint investment, deployment, or migration.

Relevant Group Policy Settings

It has actually been possible to regulate wireless connectivity for a group policy since Windows Server 2003. Unfortunately though, group policy settings related to wireless access could only be enforced on client machines that were running Windows XP. When Microsoft created Windows Server 2008, they extended the wireless network related group policy settings, and allowed those settings to be applied to both Windows XP and to Windows Vista.

To create a wireless security policy, open the Group Policy Management Editor (GPME.MSC). When prompted, choose the group policy that you want to edit, and click OK. Now, navigate through the console tree to Computer Configuration | Policies | Windows Settings | Security Settings | Wireless Network (IEEE 802.11) Policies. Be careful to choose the correct container, because as you can see in Figure A, there is a wired and a wireless network policy, and it’s easy to accidentally choose the wrong one.

Figure A Choose the Wireless Network (IEEE 802.11) Policies container.

One of the things that you might have noticed in the figure is that there are no default settings related to the wireless network policy. The reason for this is that Microsoft requires you to maintain separate policies for Windows XP and Windows Vista clients. If you right-click on the Wireless Network (IEEE 802.11) Policies container, you will see a shortcut menu that gives you an option to create either a new Windows Vista policy or a new Windows XP policy. For the sake of demonstration, choose the Create A New Windows Vista Policy option from the shortcut menu. When you do, Windows will display the dialog box that is shown in Figure B.

Figure B This is what it looks like when you create a new Windows Vista policy.

As you can see in the figure, this dialog box requires you to enter a name for the policy that you’re creating. I would also recommend that you fill in the optional Description field as a way of documenting what the new policy does.

The lower portion of the dialog box allows you to enter the names of the preferred wireless networks in the order that you want clients to attempt to connect to them. Simply click the Add button, and you will be prompted as to whether you want to add an ad hoc network or an infrastructure network. Assuming that you choose the option to add an infrastructure network, there are a number of associated security settings that you can include in the policy. I will show you the settings in the next part of this article series.


In this article, I have explained why it is important to control how clients connect to wireless networks. I also began showing you how to create a wireless network policy. I will conclude the process in the second part of this article series.

Got a question? Post it on our Windows Server 2008 forums!

Related Topics:

External Sharing and Guest User Access in Microsoft 365 and Teams

This eBook will dive into policy considerations you need to make when creating and managing guest user access to your Teams network, as well as the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

You will learn:

  • Who should be allowed to be invited as a guest?
  • What type of guests should be able to access files in SharePoint and OneDrive?
  • How should guests be offboarded?
  • How should you determine who has access to sensitive information in your environment?

Sponsored by:

Office 365 Coexistence for Mergers & Acquisitions: Don’t Panic! Make it SimpleLive Webinar on Tuesday, November 16, 2021 @ 1 pm ET

In this session, Microsoft MVPs Steve Goodman and Mike Weaver, and tenant migration expert Rich Dean, will cover the four most common steps toward Office 365 coexistence and explain the simplest route to project success.

  • Directory Sync/GAL Sync – How to prepare for access and awareness
  • Calendar Sharing – How to retrieve a user’s shared calendar, or a room’s free time
  • Email Routing – How to guarantee email is routed to the active mailbox before and after migration
  • Domain Sharing – How to accommodate both original and new SMTP domains at every stage

Aimed at IT Admins, Infrastructure Engineers and Project Managers, this session outlines both technical and project management considerations – giving you a great head start when faced with a tenant migration.the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

Sponsored by: