Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Restrict access to Removable drives for XP users in Windows 2008 server domain

Posted on 2008-10-11
5
Medium Priority
?
1,168 Views
Last Modified: 2012-05-05
I have a Windows 2008 domain controller. All the clients are Windows XP. Now I have to restrict their access to all removable drives (USB/CD) and if possible also restrict them from browsing C drive as much as possible.
I tried to use group policy but the option for "Denying access to all removable drives" is only valid for Vista or later, how can I restrict XP client then ?

Please assist
0
Comment
Question by:Johnny_Nguyen
5 Comments
 
LVL 7

Expert Comment

by:dineesh
ID: 22693847
hi,

remove the rights for all users on the files c:\windows\inf\usbstor.inf & c:\windows\inf\usbstor.pnf. if you could do that by a vb script then include that into the  logon script.

regards,
dinesh
0
 
LVL 1

Author Comment

by:Johnny_Nguyen
ID: 22694005
You mean removing security access on those 2 paticular files using logon script ? I don't how that can be possible if the users are restricted users.

And does the above action restrict CDROM access to ?
0
 
LVL 15

Expert Comment

by:plimpias
ID: 22697843
Symantec endpoint does this, hopefully you have this. Otherwise you are going to need to tweak a few things as XP is not built to do this.
0
 
LVL 31

Accepted Solution

by:
Henrik Johansson earned 2000 total points
ID: 22698800
Configure the following policy settings in a GPO:
User Configuration\Administrative Templates\Windows Components\Windows Explorer
* Hide these specified drives in My Computer
* Prevent access to drives from My Computer

See link about howto add your own options to the drive policies
http://support.microsoft.com/kb/231289
0
 
LVL 1

Author Closing Comment

by:Johnny_Nguyen
ID: 31505300
Thanks, Henjoh09, that's the Policy I need !
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question