Policy
Prohibit connection to non-domain networks when connected to domain authenticated network
Windows 11 25H2
Policy overview
Key metadata and intent for this policy.
Supported OS tags: Windows10, Windows10RT, Windows11, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2012, WindowsServer2012R2, WindowsServer2016
This policy setting prevents computers from connecting to both a domain based network and a non-domain based network at the same time. If this policy setting is enabled, the computer responds to automatic and manual network connection attempts based on the following circumstances: Automatic connection attempts - When the computer is already connected to a domain based network, all automatic connection attempts to non-domain networks are blocked. - When the computer is already connected to a non-domain based network, automatic connection attempts to domain based networks are blocked. Manual connection attempts - When the computer is already connected to either a non-domain based network or a domain based network over media other than Ethernet, and a user attempts to create a manual connection to an additional network in violation of this policy setting, the existing network connection is disconnected and the manual connection is allowed. - When the computer is already connected to either a non-domain based network or a domain based network over Ethernet, and a user attempts to create a manual connection to an additional network in violation of this policy setting, the existing Ethernet connection is maintained and the manual connection attempt is blocked. If this policy setting is not configured or is disabled, computers are allowed to connect simultaneously to both domain and non-domain networks.
Registry values
How enabled and disabled states update the registry.
| Registry location | Type | Enabled value | Disabled value |
|---|---|---|---|
| HKLM\Software\Policies\Microsoft\Windows\WcmSvc\GroupPolicy\fBlockNonDomain | REG_DWORD | 1 | 0 |
Policy elements
Inputs and configuration options exposed by this policy.
This policy has no additional user input fields.
Other policies in this category
Explore related policies at the same level.
- ComputerDisable power management in connected standby modeAt least Windows Server 2012, Windows 8 or Windows RT
- ComputerEnable Windows to soft-disconnect a computer from a networkAt least Windows Server 2016, Windows 10 Version 1709
- ComputerMinimize the number of simultaneous connections to the Internet or a Windows DomainAt least Windows Server 2012, Windows 8 or Windows RT
- ComputerProhibit connection to roaming Mobile Broadband networksAt least Windows Server 2012, Windows 8 or Windows RT