WPD Device Policy in Windows 2008 Server R2

I'm having trouble with part of the Removable Access Storage policy in Windows 2008 R2 Server. I set the policy to limit DVD/CD, Removable Drive, and WPD to read only and only applied this to a security group with select members. The policy worked fine, but I got requests to have access for a camera for pictures. I took out a few members so the policy would not apply to them and ran gupdate /force, rebooted, etc. I then ran rsop.msc to see what was applied to the computer and these parameters were not there, but when I went to connect the camera, it would not read it and said access was denied. The policy is user based not computer. The DVD/CD and USB thumbdrives work with no issue, only the camera is an issue. If I login to the machine with another user not part of the original policy, it works fine. I've checked the registry and even tried a suggested hot fix for this issue, but the hot fix say it is not necessary. My workstations are Windows 7 Pro. Any suggestions to get this working again would be appreciated. Thanks!
mrogers1650Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Daniel KlineSr. SharePoint DeveloperCommented:
Are those "weapons of PC Destruction"?  Sorry, not helpful, but I couldn't help myself.

I would try uninstalling the camera driver and reinstalling it.  It could be that the driver sets those settings during installation.  Most camera drivers see the internal memory or cards as removable storage.
0
LazarusCommented:
you could try to reset you local computers GPO:

XP
In the console window, type the command: secedit /configure /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose

WIN 7
In the console window, type the command: secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose
0
mrogers1650Author Commented:
I was able to get this resolved by working with the OU I setup, moving users in and out, and disabling the policy, allowing the default domain update to work and then re-enabling it and allowing the 90 minute update apply again. I allowed the default update because there are too many clients to update individually. I think I got lucky, but I did not have to remove registry entries, rename .pol files, etc. The final suggestion in this thread is what I think helped:

http://www.techrepublic.com/forums/questions/old-gpo-settings-keep-returning/

Mark
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mrogers1650Author Commented:
I found some info and suggestions on the Internet and it helped me resolve the issue.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 7

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.