Restrict access to Removable drives for XP users in Windows 2008 server domain

Posted on 2008-10-11
Last Modified: 2012-05-05
I have a Windows 2008 domain controller. All the clients are Windows XP. Now I have to restrict their access to all removable drives (USB/CD) and if possible also restrict them from browsing C drive as much as possible.
I tried to use group policy but the option for "Denying access to all removable drives" is only valid for Vista or later, how can I restrict XP client then ?

Please assist
Question by:Johnny_Nguyen
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 22693847

remove the rights for all users on the files c:\windows\inf\usbstor.inf & c:\windows\inf\usbstor.pnf. if you could do that by a vb script then include that into the  logon script.


Author Comment

ID: 22694005
You mean removing security access on those 2 paticular files using logon script ? I don't how that can be possible if the users are restricted users.

And does the above action restrict CDROM access to ?
LVL 15

Expert Comment

ID: 22697843
Symantec endpoint does this, hopefully you have this. Otherwise you are going to need to tweak a few things as XP is not built to do this.
LVL 31

Accepted Solution

Henrik Johansson earned 500 total points
ID: 22698800
Configure the following policy settings in a GPO:
User Configuration\Administrative Templates\Windows Components\Windows Explorer
* Hide these specified drives in My Computer
* Prevent access to drives from My Computer

See link about howto add your own options to the drive policies

Author Closing Comment

ID: 31505300
Thanks, Henjoh09, that's the Policy I need !

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
A hard and fast method for reducing Active Directory Administrators members.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question