Re: Restriction of External Drives through GPO
- From: "Paul Bergson [MVP-DS]" <pbergson@xxxxxxxxxxxxxxxxx>
- Date: Tue, 2 Jan 2007 08:09:30 -0600
What is not working? Have you verified that the adm has been applied
against the workstations you are attempting it to be?
This is a straight forward gpo that is now acknowledged by Microsoft.
--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.
"Karthick" <vkarthickeyan@xxxxxxxxx> wrote in message
news:1167722246.920805.268880@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hello friends!
I am using Windows2000 as a domain controller (Not advanced
server) . I want to restrict external drives ( CDROM, USB) for group of
users in the network.
I have searched in google and got the following .adm file.
But unfortunately , its not working for me.
I have been struggling for last one month.
Any suggestion will be very helpfull to me.
Thank you
Karthick.V
Please see the .adm file below
CLASS MACHINE
CATEGORY !!category
CATEGORY !!categoryname
POLICY !!policynameusb
KEYNAME "SYSTEM\CurrentControlSet\Services\USBSTOR"
EXPLAIN !!explaintextusb
PART !!labeltextusb DROPDOWNLIST REQUIRED
VALUENAME "Start"
ITEMLIST
NAME !!Disabled VALUE NUMERIC 3 DEFAULT
NAME !!Enabled VALUE NUMERIC 4
END ITEMLIST
END PART
END POLICY
POLICY !!policynamecd
KEYNAME "SYSTEM\CurrentControlSet\Services\Cdrom"
EXPLAIN !!explaintextcd
PART !!labeltextcd DROPDOWNLIST REQUIRED
VALUENAME "Start"
ITEMLIST
NAME !!Disabled VALUE NUMERIC 1 DEFAULT
NAME !!Enabled VALUE NUMERIC 4
END ITEMLIST
END PART
END POLICY
POLICY !!policynameflpy
KEYNAME "SYSTEM\CurrentControlSet\Services\Flpydisk"
EXPLAIN !!explaintextflpy
PART !!labeltextflpy DROPDOWNLIST REQUIRED
VALUENAME "Start"
ITEMLIST
NAME !!Disabled VALUE NUMERIC 3 DEFAULT
NAME !!Enabled VALUE NUMERIC 4
END ITEMLIST
END PART
END POLICY
POLICY !!policynamels120
KEYNAME "SYSTEM\CurrentControlSet\Services\Sfloppy"
EXPLAIN !!explaintextls120
PART !!labeltextls120 DROPDOWNLIST REQUIRED
VALUENAME "Start"
ITEMLIST
NAME !!Disabled VALUE NUMERIC 3 DEFAULT
NAME !!Enabled VALUE NUMERIC 4
END ITEMLIST
END PART
END POLICY
END CATEGORY
END CATEGORY
[strings]
category="Custom Policy Settings"
categoryname="Restrict Drives"
policynameusb="Disable USB"
policynamecd="Disable CD-ROM"
policynameflpy="Disable Floppy"
policynamels120="Disable High Capacity Floppy"
explaintextusb="Disables the computers USB ports by disabling the
usbstor.sys driver"
explaintextcd="Disables the computers CD-ROM Drive by disabling the
cdrom.sys driver"
explaintextflpy="Disables the computers Floppy Drive by disabling the
flpydisk.sys driver"
explaintextls120="Disables the computers High Capacity Floppy Drive by
disabling the sfloppy.sys driver"
labeltextusb="Disable USB Ports"
labeltextcd="Disable CD-ROM Drive"
labeltextflpy="Disable Floppy Drive"
labeltextls120="Disable High Capacity Floppy Drive"
Enabled="Enabled"
Disabled="Disabled"
.
- Follow-Ups:
- Re: Restriction of External Drives through GPO
- From: Darren Mar-Elia
- Re: Restriction of External Drives through GPO
- References:
- Restriction of External Drives through GPO
- From: Karthick
- Restriction of External Drives through GPO
- Prev by Date: Re: Logon to a new domain
- Next by Date: Re: Moving objects between OUs
- Previous by thread: Restriction of External Drives through GPO
- Next by thread: Re: Restriction of External Drives through GPO
- Index(es):
Relevant Pages
|
Loading
