Prevent people from using USB storage drives on a domain.
Posted on 2010-11-09
I am looking for a custom Group Policy to prevent people from plugging USB flash drives, portable hard drives and Media Card Readers to transfer data from and to my windows machines managed on a windows 2003 domain.
I manage 20 machines, 13 are Windows XP, 5 are Windows Seven and 2 are Windows Vista. I'm trying to setup a custom Group Policy that disables:
USB flash drives
USB portable hard drives
Removable media cards (SD, CF) or USB card readers
...without disabling document scanners or printers or any other USB devices.
I already tried...
(("Open registry and navigate to the following registry key:
Now in the right pane, double-click Start and type 4 in the Value data box (Hexadecimal) and quite the registry editor. To enable the USB storage devices, change the Start value back to 3."))
... but I saw that it only disables portable USB hard drives, it does not disable reading from SD cards and I think it may have to be done on each machine.
Is there a problem when trying to set up group policies on a windows 2003 server to enable them on different windows clients (seven, vista and XP)?