I have both an "Employee" and "Guest" SSID in all our branches. The "Employee" SSID does RADIUS auth for access, whereas the Guest SSID just redirects to a splash page. Management would like to prohibit all corporate-owned laptops and mobile phones from joining the Guest network. In the dashboard, I can just set per-SSID policies and deny access to the Guest, but I can't seem to find a way to do that in the API. I'm trying to write a script that will grab the wireless MACs from our inventory and MDM system and push them into all the wireless networks out there.
Definately do this via the dashboard.
First bring up a list of all the clients on the employee SSID, and select them all.
Then apply a group policy noting to block access to your guest SSID.
You should be finished in about half a dozen mouse clicks.
Yeah that's what I'm coming up with. I can get the MAC addresses easy enough, but there are 16 wireless networks (one per branch) and doing the copy-paste routine every time we add a laptop or mobile will get old quickly
At least I can use my script to gather the list of MAC addresses, and cut down on that bit of information gathering.