• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1170
  • Last Modified:

Restrict access to Removable drives for XP users in Windows 2008 server domain

I have a Windows 2008 domain controller. All the clients are Windows XP. Now I have to restrict their access to all removable drives (USB/CD) and if possible also restrict them from browsing C drive as much as possible.
I tried to use group policy but the option for "Denying access to all removable drives" is only valid for Vista or later, how can I restrict XP client then ?

Please assist
1 Solution

remove the rights for all users on the files c:\windows\inf\usbstor.inf & c:\windows\inf\usbstor.pnf. if you could do that by a vb script then include that into the  logon script.

Johnny_NguyenAuthor Commented:
You mean removing security access on those 2 paticular files using logon script ? I don't how that can be possible if the users are restricted users.

And does the above action restrict CDROM access to ?
Symantec endpoint does this, hopefully you have this. Otherwise you are going to need to tweak a few things as XP is not built to do this.
Henrik JohanssonSystems engineerCommented:
Configure the following policy settings in a GPO:
User Configuration\Administrative Templates\Windows Components\Windows Explorer
* Hide these specified drives in My Computer
* Prevent access to drives from My Computer

See link about howto add your own options to the drive policies
Johnny_NguyenAuthor Commented:
Thanks, Henjoh09, that's the Policy I need !
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now