Restrict access to Removable drives for XP users in Windows 2008 server domain

Posted on 2008-10-11
Last Modified: 2012-05-05
I have a Windows 2008 domain controller. All the clients are Windows XP. Now I have to restrict their access to all removable drives (USB/CD) and if possible also restrict them from browsing C drive as much as possible.
I tried to use group policy but the option for "Denying access to all removable drives" is only valid for Vista or later, how can I restrict XP client then ?

Please assist
Question by:Johnny_Nguyen
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 22693847

remove the rights for all users on the files c:\windows\inf\usbstor.inf & c:\windows\inf\usbstor.pnf. if you could do that by a vb script then include that into the  logon script.


Author Comment

ID: 22694005
You mean removing security access on those 2 paticular files using logon script ? I don't how that can be possible if the users are restricted users.

And does the above action restrict CDROM access to ?
LVL 15

Expert Comment

ID: 22697843
Symantec endpoint does this, hopefully you have this. Otherwise you are going to need to tweak a few things as XP is not built to do this.
LVL 31

Accepted Solution

Henrik Johansson earned 500 total points
ID: 22698800
Configure the following policy settings in a GPO:
User Configuration\Administrative Templates\Windows Components\Windows Explorer
* Hide these specified drives in My Computer
* Prevent access to drives from My Computer

See link about howto add your own options to the drive policies

Author Closing Comment

ID: 31505300
Thanks, Henjoh09, that's the Policy I need !

Featured Post

Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question