Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

WPD Device Policy in Windows 2008 Server R2

Posted on 2014-09-26
4
393 Views
Last Modified: 2014-10-08
I'm having trouble with part of the Removable Access Storage policy in Windows 2008 R2 Server. I set the policy to limit DVD/CD, Removable Drive, and WPD to read only and only applied this to a security group with select members. The policy worked fine, but I got requests to have access for a camera for pictures. I took out a few members so the policy would not apply to them and ran gupdate /force, rebooted, etc. I then ran rsop.msc to see what was applied to the computer and these parameters were not there, but when I went to connect the camera, it would not read it and said access was denied. The policy is user based not computer. The DVD/CD and USB thumbdrives work with no issue, only the camera is an issue. If I login to the machine with another user not part of the original policy, it works fine. I've checked the registry and even tried a suggested hot fix for this issue, but the hot fix say it is not necessary. My workstations are Windows 7 Pro. Any suggestions to get this working again would be appreciated. Thanks!
0
Comment
Question by:mrogers1650
  • 2
4 Comments
 
LVL 5

Expert Comment

by:Daniel Kline
ID: 40347090
Are those "weapons of PC Destruction"?  Sorry, not helpful, but I couldn't help myself.

I would try uninstalling the camera driver and reinstalling it.  It could be that the driver sets those settings during installation.  Most camera drivers see the internal memory or cards as removable storage.
0
 
LVL 20

Expert Comment

by:Lazarus
ID: 40347639
you could try to reset you local computers GPO:

XP
In the console window, type the command: secedit /configure /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose

WIN 7
In the console window, type the command: secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose
0
 

Accepted Solution

by:
mrogers1650 earned 0 total points
ID: 40359494
I was able to get this resolved by working with the OU I setup, moving users in and out, and disabling the policy, allowing the default domain update to work and then re-enabling it and allowing the 90 minute update apply again. I allowed the default update because there are too many clients to update individually. I think I got lucky, but I did not have to remove registry entries, rename .pol files, etc. The final suggestion in this thread is what I think helped:

http://www.techrepublic.com/forums/questions/old-gpo-settings-keep-returning/

Mark
0
 

Author Closing Comment

by:mrogers1650
ID: 40367937
I found some info and suggestions on the Internet and it helped me resolve the issue.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 10 Proxy server failing to work 5 25
Windows Server to Cisco switch connectivity 10 68
Windows Server 2012 R2 - connect to computer 13 33
Connection reset by peer 18 30
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
By default the complete memory dump option is disabled in windows . If we want to enable the complete memory dump for a diagnostic purpose, we have a solution for it. here we are using the registry method to enable this.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question