?
Solved

Enabling Redirection of Pnp Devices on Windows 2008

Posted on 2009-03-31
8
Medium Priority
?
13,995 Views
Last Modified: 2013-11-21
When I connect each day from my XP workstation to our Windows 2008 servers via Terminal Services, I generate an Event ID 36 telling me that "Redirection of additional supported devices is disabled by policy."  Description of how to address this warning (which can simply be ignored) is at:

http://technet.microsoft.com/en-us/library/cc775202.aspx

That said, since I hate ignoring warnings even when they are innocuous:

- What PnP device does the server think I am trying to redirect?  In the remote desktop connection settings, the only item checked under "Local devices and resources" is Clipboard (I've gone into "More" and made sure everything is unchecked including Smart Cards).  I've also got nothing hooked up to my mobo other than a graphics card, mouse, & keyboard.

- Is there a security risk or other issue with enabling the redirection of Pnp devices as the article outlines?

Thanks!
0
Comment
Question by:pcamis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
8 Comments
 
LVL 26

Expert Comment

by:PCBONEZ
ID: 24065274
From your link read this part:
>>>>
When a user establishes a remote session with a Windows Server 2008 terminal server, the supported Plug and Play device attached to the user's local computer can be redirected and made available to the user in the remote session.
<<<<

What that's saying is the problem device in not in the Server but in the user's local computer (the client PC).
The PnP info for some device in the client PC is being sent to the server and then being redirected back to the client PC [but now 'inside' the remote session] so that device can be used locally while the user is in the session with the server.

0
 

Author Comment

by:pcamis
ID: 24068440
Thanks pcbonez - I'm with you about the warning coming up because of PnP devices on the client PC.  Not sure what was being registered because the PC was barebones - nothing connected to the motherboard other than a basic graphics card, USB keyboard, and USB mouse.

Aside from that, and perhaps more importantly, do you know if I would be creating a security vulnerability by enabling client PC PnP devices to redirect to the host server?
0
 
LVL 26

Assisted Solution

by:PCBONEZ
PCBONEZ earned 500 total points
ID: 24069753
The USB driver may be being seen as an 'attached' PnP device as things like thumb drives, networking gear, modems, ect can be connected there.
[Just a wild guess mind you.]

Seems to me that if the person at that terminal isn't a risk then you won't have one.

All it really does is enable devices at the terminal so they can be used.
If you don't want those devices enabled then disable them locally (at the terminal) in other ways such as disconnecting, removing, turning them off in the BIOS.....
-
If the device doesn't work anyway it doesn't matter if the server redirects drivers and you can turn the pesky warning off by letting it do so.



0
Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

 

Author Comment

by:pcamis
ID: 24078942
Thanks pcbonez... I'm decided to try enabling PnP device pass-through on a test server.   The odd thing is that none of the restrictions listed in the link I originally posted are enabled (i.e. PnP devices should be enabled according to the TechNet article).

Has anybody else encountered this warning message on a Windows 2008 server and been able to resolve it?
0
 

Accepted Solution

by:
pcamis earned 0 total points
ID: 24130747
I think I've resolved the issue (I haven't seen an event id 36 in a while, so I'm presuming so).  From the instructions in the article I originally posted (http://technet.microsoft.com/en-us/library/cc775202.aspx), instead of leaving the box unchecked like the article instructs, I added a check next to the Terminal Services Configuration to disable the redirection of "Supported Plug and Play Devices".  Since I've checked the box, I no longer get the events.  Looks to me as though the article has things a bit backwards.
0
 

Expert Comment

by:TheBigDog
ID: 35479158
That didn't work for me, however, changing the "Allow RDP redirection of other supported RemoteFX USB Devices from this computer" to enabled in group policy seemed to do the trick. (Computer Config-Administrative Templates-Windows Components-Remote Desktop Services-RemoteFX USB Device Redirection)
0

Featured Post

Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Arrow Electronics was searching for a KVM  (Keyboard/Video/Mouse) switch that could display on one single monitor the current status of all units being tested on the rack.
Backups and Disaster RecoveryIn this post, we’ll look at strategies for backups and disaster recovery.
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question