I have 3 workstations running Windows 7 and a server running 2012 Foundation.
I have a set of users that, for some reason, can't seem to access portable drives or other removable media, such as a DVD ROM.
In GPMC everything under User Configuration\Policies\Adm
e Templates: Policy definitions\
All removable storage classes: deny all access = disabled
Allow active content from CDs to run on user machines = disabled
CD and DVD: Deny read access = disabled
CD and DVD: Deny write access = disabled
Floppy Drives: Deny read access = disabled
Floppy Drives: Deny write access = disabled
Prevent access to drives from My Computer = disabled
Removable Disks: Deny read access = disabled
Removable Disks: deny write access = disabled
Tape Drives: Deny read access = disabled
Tape drives: deny write access = disabled
WPD Devices: deny read access = disabled
WPD Devices: deny write access = disabled
Under Computer Configuration\Policies\Adm
e Templates, All settings view, All the same are set to disabled, with the addition of the "execute" permissions. Everything else is set to "not configured."
When all but one of the users who tries to access a Canon powershot camera, they see the message "you do not have permission to access this device." When trying to access the DVD drive they see "is not accessible, Access is denied."
I've manually run gpupdate, it appears to be running successfully, I've rebooted the workstations to see if that changes things - no dice. I have no idea as to why the one workstation can access the camera. Everybody ought to be under the same security policies.
All three users are associated with the Domain Users and staff groups.
What am I missing?