Solved

Enabling Redirection of Pnp Devices on Windows 2008

Posted on 2009-03-31
8
13,189 Views
Last Modified: 2013-11-21
When I connect each day from my XP workstation to our Windows 2008 servers via Terminal Services, I generate an Event ID 36 telling me that "Redirection of additional supported devices is disabled by policy."  Description of how to address this warning (which can simply be ignored) is at:

http://technet.microsoft.com/en-us/library/cc775202.aspx

That said, since I hate ignoring warnings even when they are innocuous:

- What PnP device does the server think I am trying to redirect?  In the remote desktop connection settings, the only item checked under "Local devices and resources" is Clipboard (I've gone into "More" and made sure everything is unchecked including Smart Cards).  I've also got nothing hooked up to my mobo other than a graphics card, mouse, & keyboard.

- Is there a security risk or other issue with enabling the redirection of Pnp devices as the article outlines?

Thanks!
0
Comment
Question by:pcamis
  • 3
  • 2
8 Comments
 
LVL 26

Expert Comment

by:PCBONEZ
ID: 24065274
From your link read this part:
>>>>
When a user establishes a remote session with a Windows Server 2008 terminal server, the supported Plug and Play device attached to the user's local computer can be redirected and made available to the user in the remote session.
<<<<

What that's saying is the problem device in not in the Server but in the user's local computer (the client PC).
The PnP info for some device in the client PC is being sent to the server and then being redirected back to the client PC [but now 'inside' the remote session] so that device can be used locally while the user is in the session with the server.

0
 

Author Comment

by:pcamis
ID: 24068440
Thanks pcbonez - I'm with you about the warning coming up because of PnP devices on the client PC.  Not sure what was being registered because the PC was barebones - nothing connected to the motherboard other than a basic graphics card, USB keyboard, and USB mouse.

Aside from that, and perhaps more importantly, do you know if I would be creating a security vulnerability by enabling client PC PnP devices to redirect to the host server?
0
 
LVL 26

Assisted Solution

by:PCBONEZ
PCBONEZ earned 125 total points
ID: 24069753
The USB driver may be being seen as an 'attached' PnP device as things like thumb drives, networking gear, modems, ect can be connected there.
[Just a wild guess mind you.]

Seems to me that if the person at that terminal isn't a risk then you won't have one.

All it really does is enable devices at the terminal so they can be used.
If you don't want those devices enabled then disable them locally (at the terminal) in other ways such as disconnecting, removing, turning them off in the BIOS.....
-
If the device doesn't work anyway it doesn't matter if the server redirects drivers and you can turn the pesky warning off by letting it do so.



0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:pcamis
ID: 24078942
Thanks pcbonez... I'm decided to try enabling PnP device pass-through on a test server.   The odd thing is that none of the restrictions listed in the link I originally posted are enabled (i.e. PnP devices should be enabled according to the TechNet article).

Has anybody else encountered this warning message on a Windows 2008 server and been able to resolve it?
0
 

Accepted Solution

by:
pcamis earned 0 total points
ID: 24130747
I think I've resolved the issue (I haven't seen an event id 36 in a while, so I'm presuming so).  From the instructions in the article I originally posted (http://technet.microsoft.com/en-us/library/cc775202.aspx), instead of leaving the box unchecked like the article instructs, I added a check next to the Terminal Services Configuration to disable the redirection of "Supported Plug and Play Devices".  Since I've checked the box, I no longer get the events.  Looks to me as though the article has things a bit backwards.
0
 

Expert Comment

by:TheBigDog
ID: 35479158
That didn't work for me, however, changing the "Allow RDP redirection of other supported RemoteFX USB Devices from this computer" to enabled in group policy seemed to do the trick. (Computer Config-Administrative Templates-Windows Components-Remote Desktop Services-RemoteFX USB Device Redirection)
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

OfficeMate Freezes on login or does not load after login credentials are input.
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now