Выньте его из домена, переименуйте его и войдите назад в домене снова
Я могу придумать два возможных решения:
This is a classic use case for RADIUS authentication. You haven't provided a platform, so we can't give specific implementation details, but this generally is the solution of choice for corporate networks precisely because it allows you to define allowed user groups for network access, including Wifi. Coupled with PKI, it can even do so completely transparently to the end user - users or devices with the requisite certificates are allowed to connect, others are not.