iamtheky Posted December 4, 2008 Posted December 4, 2008 I am disabling usb storage devices in my install.I first set the registry entry to 4 via a reg file. - blocking all previously discovered devicesI then explicilty deny user rights to the usbstor.inf and usbstor.pnf. - Blocking any new devices from being discoveredThen I copy over a custom .adm that sets the registry value back to 4 everytime the machine is reset. Its the standard template for setting the usbstor to a value of 4 and everything works fine; once you go in to gpedit (uncheck "only show policy settings that can be fully managed") and enable the setting. Is there any way to enable this policy without user interaction?[usbstor.adm]CLASS MACHINECATEGORY USB STORAGE POLICY USB STORAGE DEVICES KEYNAME "SYSTEM\CurrentControlSet\Services\USBSTOR" EXPLAIN This policy allows the disabling of USB storage devices PART "Startup Type" DROPDOWNLIST REQUIRED VALUENAME "Start" ITEMLIST NAME "Disabled" VALUE NUMERIC 4 END ITEMLIST END PART END POLICYEND CATEGORYThanks.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now