asked on Auto disconnecting Specific USB devices after an amount of time ?
Is there a way to auto disconnect specific USB's devices after a precise amount of time via Registry or GPO ? or can this be scripted
After x amount of time the usb device gets disconected ,If that specific Usb is disconnected then re plugin it would reset the countdown timer back to a amout of time so it can be used again ...
I also researched and found a Microsoft utility called Devcon that manages devices :
I'm more concerned about the feasibility , can this be done & scripted if no gpo exists for such .... ?
After x amount of time the usb device gets disconected ,If that specific Usb is disconnected then re plugin it would reset the countdown timer back to a amout of time so it can be used again ...
I also researched and found a Microsoft utility called Devcon that manages devices :
DevCon (Devcon.exe), the Device Console, is a command-line tool that displays detailed information about devices on computers running Windows. You can use DevCon to enable, disable, install, configure, and remove devices.
I'm more concerned about the feasibility , can this be done & scripted if no gpo exists for such .... ?
Windows Server 2008Windows XPWindows 7SecurityPeripherals
Last Comment
Maidine Fouad
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
@Kimputer
Thank you for answering
Not at all , What we do as a living in our field is serving and empowering users ^^, i have specific reasons to do that and its not about stopping General storage usbs or printers (heh that would get a lot of users angry ), but for a specific device .
We use Usb security tokens here , and a lot of times every day , users leave it pluged in , so when they go away and the windows auto locks , and for example someone nearby touches the keyboard accidentally (and i dont know why it's 'enter' key accidentally) it reduces the number of attempts before the security token gets locked , users forget passwords all the time , they hit and miss a lot, so they have to come to the IT department so we unlock it ...(i m not in a position to criticize security measures so ...)
I noticed this and i want to reduce the amount of work we do ,especially "hamster wheel work" (ig resetting tokens) I like to call it hamster wheel because you keep on doing it (like when the hamster gets on the wheel and starts spinning ) it gets you nowhere , and the amount of work never seems to end + it takes precious time away from our lives , we could focus on more important things
I want the hardware & software to do the work .
Im thinking of this (and automating the Security unlock meanwhile at least ... ( no clicking on gui's ...) but that's another topic and its easy to do so ) i might do that first then start on this project.
And yes it seems a self written app is the solution , i might just do that one step at a time , i dont mind programming .
And yes perhaps its better to use a scripting language for this project , and keep the script running locally on the clients , deployment is not a problem server client architecture might be overkill for this ?
Good idea this might need a database ,For the database im thinking maybe sqlite , if it's lighweight and not ressource heavy .
@Dban
thank you for your comment
It seems that powershell can do the job ,those security tokens have specific Pids , monitoring triggers , then using DriveCmdletProvider , and using a timer based on when that usb device is pluged in...
usb disk ejector is great but its gui based, i want to automate not click ^^ , and is built with pascal code i think (.*.pas files ?) i might check the code if it can help ...
and yes task scheduler & the event viewer , Great idea !
can power shell can be used to create tasks , verify the task scheduler service if its on or off and any dependencies ? ( i can search on the how , i am just checking if PS can or cannot do this , but if you have anything that might help i dont mind )
Also I am thinking how would such script be run at the Begin Logon prompt (if this is possible) , The usual start-up phase i think for windows is kernel loading phase->Winlogon.exe ->SCM services ->Lsass-> Begin Logon prompt then user Userinit.exe -> Explorer.exe and GPO'S and startup programs ... right ?
it might be easy on user init , setting it up as a start up program , but if it can be run before this would be nifty !
I will check what events happen on Usb plug and on usb removal for most used devices and for what we use as security tokens ...
Any input and or Constructive criticism is welcomed
Thank you for answering
Not at all , What we do as a living in our field is serving and empowering users ^^, i have specific reasons to do that and its not about stopping General storage usbs or printers (heh that would get a lot of users angry ), but for a specific device .
We use Usb security tokens here , and a lot of times every day , users leave it pluged in , so when they go away and the windows auto locks , and for example someone nearby touches the keyboard accidentally (and i dont know why it's 'enter' key accidentally) it reduces the number of attempts before the security token gets locked , users forget passwords all the time , they hit and miss a lot, so they have to come to the IT department so we unlock it ...(i m not in a position to criticize security measures so ...)
I noticed this and i want to reduce the amount of work we do ,especially "hamster wheel work" (ig resetting tokens) I like to call it hamster wheel because you keep on doing it (like when the hamster gets on the wheel and starts spinning ) it gets you nowhere , and the amount of work never seems to end + it takes precious time away from our lives , we could focus on more important things
I want the hardware & software to do the work .
Im thinking of this (and automating the Security unlock meanwhile at least ... ( no clicking on gui's ...) but that's another topic and its easy to do so ) i might do that first then start on this project.
And yes it seems a self written app is the solution , i might just do that one step at a time , i dont mind programming .
And yes perhaps its better to use a scripting language for this project , and keep the script running locally on the clients , deployment is not a problem server client architecture might be overkill for this ?
Good idea this might need a database ,For the database im thinking maybe sqlite , if it's lighweight and not ressource heavy .
@Dban
thank you for your comment
It seems that powershell can do the job ,those security tokens have specific Pids , monitoring triggers , then using DriveCmdletProvider , and using a timer based on when that usb device is pluged in...
usb disk ejector is great but its gui based, i want to automate not click ^^ , and is built with pascal code i think (.*.pas files ?) i might check the code if it can help ...
and yes task scheduler & the event viewer , Great idea !
can power shell can be used to create tasks , verify the task scheduler service if its on or off and any dependencies ? ( i can search on the how , i am just checking if PS can or cannot do this , but if you have anything that might help i dont mind )
Also I am thinking how would such script be run at the Begin Logon prompt (if this is possible) , The usual start-up phase i think for windows is kernel loading phase->Winlogon.exe ->SCM services ->Lsass-> Begin Logon prompt then user Userinit.exe -> Explorer.exe and GPO'S and startup programs ... right ?
it might be easy on user init , setting it up as a start up program , but if it can be run before this would be nifty !
I will check what events happen on Usb plug and on usb removal for most used devices and for what we use as security tokens ...
Any input and or Constructive criticism is welcomed
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Thank you@kimputer and @btan again for your time
Maybe that's why no one has built such an app yet.
Think about copying files to a USB drive, or printing a large document. Suddenly it just stops and you have to re-do everything again (after re-inserting the USB). Obviously, you have a reason for this (which I'd very much like to know, but if you don't want to reveal it, it's also ok).
But alas, you COULD use it to program or script something, though the GPO doesn't seem helpful in this case. Unless you distribute the executable first, and run scripts locally.
Since there's a remote function in the tool, you could just built the app or script around a server in your network that scans available computer, and lists the current hardware
Then at an interval, repeats, and compares the previous scan.
Then you have to keep a database on the new devices, and when the time comes, disconnect the device and clear the database.
So, it's doable, but needs a lot of programming (and even more time for realworld testing)
Another options is to push a self-written app as a service to all the computers.