User session can't eject a Compact Flash in Win2000

[pointertovoid]

Hello!

Again a small worry which isn't completely new, as I already read it described - but not solved - on another forum some years ago.

I have Compact Flash cards, a Usb 2.0 reader for them, a Usb 2.0 card (chip from Nec) on Pci, and a Windows 2000 that runs the computer smoothly.

However, from the user sessions, Windows doesn't accept to eject the CF card. I close every window that shows the CF and ask Win to eject the CF from the Explorer's contextual menu - as it works from the Administrator session - but Win then answers that some task must still use the CF.

I'm not going to give admin privileges to the user sessions, as this is bad for security, as well as for privacy on this multiuser computer.

The wraparound I use is to eject the whole card reader, as the taskbar icon proposes, then pull the CF out, and connect the card reader again if needed. But this is less direct, may become impractical if some day I have a card reader integrated in the tower, and worse, this operation sometimes disconnects as well the Adsl modem which is on the same Pci-to-Usb card. So I'd like a true solution.

I've observed it with Pci-to-Usb cards from various manufacturers using different chips (Nec, Via, Ali) and with different drivers (Microsoft, Nec, Via). Several card readers with chips from various manufacturers behave the same way, again with different drivers (Microsoft or not). And several W2k installations on different motherboards do the same.

Can this be a matter of registry key protection? I can edit it with Vilma.

Or would KB841880 solve this issue? I still haven't found how to install it - troubles with availability and language.

Or eject the CF by some Bat file that I could run with an administrator shortcut?

I've also seen specialized software to eject similar Usb storage, so this worry doesn't look uncommon. Suggestions for a free one?

Edited February 12, 2009 by pointertovoid

[pointertovoid]

I've tried more or less all post-Sp4 functional patches for Usb available from Microsoft - at least the ones that bring the latest file versions.

These are KB 836111 838417 838989 843503 883528 (841880 superseded by) 890202. None brought the solution.

I couldn't find any task added when the administrator session ejects a Compact Flash card from the reader. If such a distinct task exists, it must be too fast to see it in the Task Manager.

To eject the complete Card Reader, Rundll32.exe C:\Winnt\System32\Hotplug.dll is used. It probably can't eject just the CF card; I didn't investigate.

I also tried a shortcut to Explorer.exe with administrator rights delegation... This shortcut can be created, launched, the antivirus sees something pass by, but Explorer doesn't launch.

One solution I found is to make a shortcut to C:\WINNT\system32\diskmgmt.msc (the disk management!) and allow to execute it with administrator rights delegation. There, the user can eject the CF, which is displayed as a disk.

Though, I'm not pleased with this workaround. First because diskmgmt is dangerous, then because I've to type the administrator password every time.

So better proposals are still welcome!

Lowering some key protections in the registry?

Or a third-party software? With a background service having admin privilege, or even if it needs the admin password every time?

Thanks!

[pointertovoid]

Solved.

This was not a matter of Usb patch, nor of a registry key protection or some kind of bug. It is a security policy of Windows whose default setting is too restrictive to match my needs, and probably the needs of most users. You know, "this bug is by design".

-----------------

Found the explanation here (available in English through a click):

http://www.uwe-sieber.de/usbtrouble.html#auswerfen

The same author gives the remedy as well, Danke Kumpel!

http://www.uwe-sieber.de/files/allocatedasd_2.reg

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"allocatedasd"="2"

Or use your favourite registry editor (mine is Vilma v1.6.0, still free).

On the other hand, the administrative tools don't offer the same adjustment in W2k, so this action is only for Xp:

Control Panel > Administrative Tools > Local Security Policy > Local Policies > Security Options > Devices: Allowed to format and eject removable media

W2k offers an adjustment specific to Ntfs removable media, which I set to "local current user" as well to avoid future annoyances.

-----------------

And then an article at Microsoft:

http://www.microsoft.com/technet/prodtechn...ntry/96271.mspx

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

REG_SZ allocatedasd // yes, this is really a string, to store a number

0 Only administrators of the computer

1 Only administrators and power users

2 Only administrators and the local current user

-----------------

On my W2k Sp4 R1 with all security patches but few functional ones, it worked for the power user session after a few reboots. The first reboot wasn't enough. I went through allocatedasd="1", it worked at that time, and again to allocatedasd="2" - no idea if this was necessary.

Xp is said to behave identically. It needs Sp2+some patches.

[pointertovoid]

Errr... I had to do it another way finally.

Allocatedasd=2 wasn't enough. It allowed to eject a CF card from a Usb reader as long as I hadn't accessed the data.

Maybe it's a consequence of my antivirus, Avast - stopping it completely needs to deinstall it, I didn't try.

So I now use EjectMedia with a shortcut that gives administrator rights for this operation. Found EjectMedia here:

http://www.uwe-sieber.de/drivetools_e.html (site in English as well)

Gross Technik mate in Churmany again, Danke Kumpel!

Now it works. I have to type the admin password each time. I suppose a special user account with administration rights would be enough for this operation and may be better in a protected environment.