Connect
Ask Community
Ask the community
Ask Community
  • Home
  • Windows
  • Strategy for getting a lost/stolen laptop online to receive lock command

Strategy for getting a lost/stolen laptop online to receive lock commandSolved

Profile photo of teglon99
teglon99
Participant
Discussion
Hexnode UEM
3 weeks ago Jan 20, 2026

I am just wondering what people’s strategies are for allowing a lost or stolen laptop to get online so the lost/lock command can be recieved? My thoughts are:

  1. Create a wifi policy with a specific SSID/pwrd that can set up to enable a recovered laptop to get back online so the password can be changed.
  2. Similar to above, a USB:NIC adapter to plug in and get it back online
  3. A customer policy or script that creates a guest acccount on each laptop, with no password, that can be accessed to allow the user to connect to a network to recieve the lock instructions

Is there an easier way to do this? What is the general best practices to get the lost or stolen laptop back online to recieve instructions from the MDM?

Thanks!

 

topic view count 103 Views

Tags

Customization (15) macOS (461) Remote Access (33) Remote Actions (18) Scripts (87) Windows (314)
Reply

Replies (1)

Marked SolutionPending Review
Profile photo of ace_98 Novice image
ace_98
Participant
3 weeks ago Jan 20, 2026
Marked SolutionPending Review

Fellow customer here. We have run into this exact question more than once.

Short version: there is no reliable way to force a lost or stolen laptop online. Once it leaves your known networks, you are basically waiting for it to touch the internet again on its own.

Most of the success we have had comes from what is already on the device before it goes missing.

If the laptop already knows a few networks (office Wi-Fi, home Wi-Fi, maybe a hotspot the user commonly uses), that is honestly your best bet. When it powers on somewhere familiar, it will auto-connect and immediately pull down the lock or wipe command. Boring answer, but it works more often than anything clever we tried.

We also stopped trying to “wait” for the device to come online before acting. The moment something is reported lost, we mark it lost and fire the lock right away. If it comes online next week or next month, the command just executes then.

On your specific ideas:

The special SSID policy sounds good on paper, but in reality we found it did not help much. A stolen device almost never ends up near that SSID, and it adds a lot of setup for very little payoff.

USB to Ethernet adapters are actually useful, but only after the device is physically recovered and back with IT. We use this sometimes when Wi-Fi is broken or the device is locked and just needs to check in one last time.

The guest account with no password is something we decided against pretty quickly. It weakens your baseline all the time, and if the device is actually stolen, you have basically given the thief a usable session. The odds of them politely connecting to Wi-Fi so MDM can lock the device are pretty slim.

At the end of the day, our mindset shifted a bit. We stopped treating “get it back online” as the primary goal and focused more on:

  • disk encryption everywhere
  • fast lock or wipe on lost mode
  • clear lock-screen message with contact details

If the device comes back online, great. If it never does, at least the data is protected.

Curious to see what others here are doing, but this approach has kept us sane so far.

Load more
Save
Related Topics

Leaderboard

Profile photo of bram Pro image
bram
1840 pts
Profile photo of timo-liam Veteran image
timo-liam
1280 pts
Profile photo of leo_scott Novice image
leo_scott
1177 pts
Profile photo of eliiza Novice image
eliza
1097 pts
Profile photo of boris Veteran image
boris
1089 pts
View all

Popular Tags

ABM (51)
Android (441)
iOS (350)
macOS (461)
Windows (314)
Apple TV (32)
App Management (341)
Enrollment (98)
Location (27)
Kiosk (209)
Scripts (87)
ADE (47)
OS Updates (77)
Android Enterprise (132)
View all