Enabling Redirection of Pnp Devices on Windows 2008

When I connect each day from my XP workstation to our Windows 2008 servers via Terminal Services, I generate an Event ID 36 telling me that "Redirection of additional supported devices is disabled by policy."  Description of how to address this warning (which can simply be ignored) is at:

http://technet.microsoft.com/en-us/library/cc775202.aspx

That said, since I hate ignoring warnings even when they are innocuous:

- What PnP device does the server think I am trying to redirect?  In the remote desktop connection settings, the only item checked under "Local devices and resources" is Clipboard (I've gone into "More" and made sure everything is unchecked including Smart Cards).  I've also got nothing hooked up to my mobo other than a graphics card, mouse, & keyboard.

- Is there a security risk or other issue with enabling the redirection of Pnp devices as the article outlines?

Thanks!
Dan CarpIT DirectorAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Dan CarpConnect With a Mentor IT DirectorAuthor Commented:
I think I've resolved the issue (I haven't seen an event id 36 in a while, so I'm presuming so).  From the instructions in the article I originally posted (http://technet.microsoft.com/en-us/library/cc775202.aspx), instead of leaving the box unchecked like the article instructs, I added a check next to the Terminal Services Configuration to disable the redirection of "Supported Plug and Play Devices".  Since I've checked the box, I no longer get the events.  Looks to me as though the article has things a bit backwards.
0
 
PCBONEZCommented:
From your link read this part:
>>>>
When a user establishes a remote session with a Windows Server 2008 terminal server, the supported Plug and Play device attached to the user's local computer can be redirected and made available to the user in the remote session.
<<<<

What that's saying is the problem device in not in the Server but in the user's local computer (the client PC).
The PnP info for some device in the client PC is being sent to the server and then being redirected back to the client PC [but now 'inside' the remote session] so that device can be used locally while the user is in the session with the server.

0
 
Dan CarpIT DirectorAuthor Commented:
Thanks pcbonez - I'm with you about the warning coming up because of PnP devices on the client PC.  Not sure what was being registered because the PC was barebones - nothing connected to the motherboard other than a basic graphics card, USB keyboard, and USB mouse.

Aside from that, and perhaps more importantly, do you know if I would be creating a security vulnerability by enabling client PC PnP devices to redirect to the host server?
0
NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

 
PCBONEZConnect With a Mentor Commented:
The USB driver may be being seen as an 'attached' PnP device as things like thumb drives, networking gear, modems, ect can be connected there.
[Just a wild guess mind you.]

Seems to me that if the person at that terminal isn't a risk then you won't have one.

All it really does is enable devices at the terminal so they can be used.
If you don't want those devices enabled then disable them locally (at the terminal) in other ways such as disconnecting, removing, turning them off in the BIOS.....
-
If the device doesn't work anyway it doesn't matter if the server redirects drivers and you can turn the pesky warning off by letting it do so.



0
 
Dan CarpIT DirectorAuthor Commented:
Thanks pcbonez... I'm decided to try enabling PnP device pass-through on a test server.   The odd thing is that none of the restrictions listed in the link I originally posted are enabled (i.e. PnP devices should be enabled according to the TechNet article).

Has anybody else encountered this warning message on a Windows 2008 server and been able to resolve it?
0
 
TheBigDogCommented:
That didn't work for me, however, changing the "Allow RDP redirection of other supported RemoteFX USB Devices from this computer" to enabled in group policy seemed to do the trick. (Computer Config-Administrative Templates-Windows Components-Remote Desktop Services-RemoteFX USB Device Redirection)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.