Solved

Block USB flash drives on domain clients with gpo

Posted on 2014-12-18
3
143 Views
Last Modified: 2015-01-03
Is there a GPO that will block USB ports- mass storage devices only- so that I can prevent folks from using USB flash drives on the domain etc, but NOT block USB ports that are needed for other devices like printers etc?

Win7 clients/ Win2008 domain

please advise
0
Comment
Question by:Rbbedz1
  • 2
3 Comments
 
LVL 10

Accepted Solution

by:
Schuyler Dorsey earned 500 total points
ID: 40507287
Yes.

Computer Configuration > Admin Templates > System > Removal Storage Access. Here are your options.

 removstorage.PNG
0
 

Author Comment

by:Rbbedz1
ID: 40507292
we also want to be able to enforce this for some clients and to not push to others (exceptions).....can this be done so that we can only give to some and not others
0
 
LVL 10

Expert Comment

by:Schuyler Dorsey
ID: 40507296
Yes. You apply GPOs to OUs in the GPMC. So it just depends on your A.D. structure. You could have two OUs, one where you are going to enforce this and one where you don't. So apply the GPO to the OU you want to enforce this setting. Just ensure the related computer objects are in this OU.

Alternatively, you can use security or wmi filtering.
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question