We currently have an internal wifi for our notebooks to use. We are currently going to setup a public wifi and we need to block our existing work notebooks from connecting to it. We currently use a network policy server to control our existing internal wifi as we use certificates. If you do not have the certificate based on the RADIUS policy your notebook will not connect to the internal wifi.
For the public wifi, we would like to create a rule that says if your PC is joined to the domain deny access but if your pc is not joined to a domain such as a personal computer, you may join the public wifi.
If this can be accomplished, what is the best way to set this up.