This policy setting allows the configuration of wireless settings using Windows Connect Now (WCN). The WCN Registrar enables the discovery and configuration of devices over Ethernet (UPnP) over in-band 802.11 Wi-Fi through the Windows Portable Device API (WPD) and via USB Flash drives. Additional options are available to allow discovery and configuration over a specific medium. The recommended state for this setting is: Disabled. Rationale: This setting enhances the security of the environment and reduces the overall risk exposure related to user configuration of wireless settings. Impact: WCN operations are disabled over all media.
Solution
To establish the recommended configuration, set the following Device Configuration Policy to Disabled: To access the Device Configuration Policy from the Intune Home page: Click Devices Click Configuration profiles Click Create profile Select the platform (Windows 10 and later) Select the profile (Administrative Templates) Click Create Enter a Name Click Next Configure the following Setting Path: Computer Configuration\Network\Windows Connect Now Setting Name: Configuration of wireless settings using Windows Connect Now Configuration: Disabled Select OK Continue through the Wizard to complete the creation of the profile (profile assignments, applicability etc.) Note: More than one configuration setting from each of the Configuration profiles (ex: Administrative Templates, Custom etc.) can be added to each Device Configuration Policy. Default Value: WCN operations are enabled and allowed over all media.