How to Assign Users their Proper Wireless Connection Using Intune
Most organizations have more than one wireless SSID for their users. For example, a school might designate separate SSIDs for staff and students. Similarly, a business could have distinct SSIDs for regular employees and those with privileged access. These SSIDs are then paired with specific access policies, managed either through the native wireless manager or external tools like SD-WAN solutions. In our school scenario, the student's SSID might provide direct internet access, whereas the staff's SSID offers connectivity to internal resources like printers. For IT teams or personnel requiring complete network access, there's typically an unrestricted SSID in place.
With Intune, you can designate a specific wireless SSID for users. Additionally, Intune facilitates the use of WPA2-Personal wireless configurations, automatically supplying computers with the pre-shared key. This eliminates the need for users to manually enter it and allows for the implementation of intricate passwords of up to 64 characters, bolstering security. With this setup, you can also keep SSIDs hidden so that the visible SSID on your premises is for the guest network.
To configure wireless policies using the Microsoft Intune Admin Center go to Devices > Configuration profiles and click Create Profile. Select Windows 10 and later as your Platform and WiFi Templates as your Profile. Name your profile and then configure the settings as shown below. Here I have enabled “Connect automatically when in range” and “Connect to this network even when it is not broadcasting its SSID.”
Once configured, assign the profile to your designated groups. When onboarding new computers using Autopilot or a package you will need to manually connect the Windows device to a wireless SSID. Once Intune delivers WiFi profile, the computer will possess the necessary SSID details to connect automatically to an assigned SSID depending on the user that signs in.