iamtheky Posted December 4, 2008 Posted December 4, 2008 I am disabling usb storage devices in my install.I first set the registry entry to 4 via a reg file. - blocking all previously discovered devicesI then explicilty deny user rights to the usbstor.inf and usbstor.pnf. - Blocking any new devices from being discoveredThen I copy over a custom .adm that sets the registry value back to 4 everytime the machine is reset. Its the standard template for setting the usbstor to a value of 4 and everything works fine; once you go in to gpedit (uncheck "only show policy settings that can be fully managed") and enable the setting. Is there any way to enable this policy without user interaction?[usbstor.adm]CLASS MACHINECATEGORY USB STORAGE POLICY USB STORAGE DEVICES KEYNAME "SYSTEM\CurrentControlSet\Services\USBSTOR" EXPLAIN This policy allows the disabling of USB storage devices PART "Startup Type" DROPDOWNLIST REQUIRED VALUENAME "Start" ITEMLIST NAME "Disabled" VALUE NUMERIC 4 END ITEMLIST END PART END POLICYEND CATEGORYThanks.
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now