I created a GPO that blocks USB/DVD/CD Drives
Computer Configuration (Enabled)hide
Policieshide
Administrative Templateshide
Policy definitions (ADMX files) retrieved from the local machine.System/Device Installation/Device Installation Restrictionshide
Policy Setting Comment
Allow administrators to override Device Installation Restriction policies Enabled
Display a custom message title when device installation is prevented by a policy setting Enabled
Enter the text you wish users to see (Max 63 chars)
Main Text Drive Block via Policy. Contact HelpDesk
Policy Setting Comment
Prevent installation of removable devices Enabled
User Configuration (Enabled)hide
Policieshide
Administrative Templateshide
Policy definitions (ADMX files) retrieved from the local machine.System/Removable Storage Accesshide
Policy Setting Comment
All Removable Storage classes: Deny all access Enabled
CD and DVD: Deny read access Enabled
CD and DVD: Deny write access Enabled
Floppy Drives: Deny read access Enabled
Floppy Drives: Deny write access Enabled
First thing is that Message only appears the first time you try to connect a USB device. If I take it out or even reboot and put in back that message does not appear but it DOES block the USB Drive. Is there a way to have that message appear every time?
Next issue is in Delegation I have Domain Admins DENY for Apply Policy. When I login with my domain account the USB is still be blocked and I ran GPRW and it selected a PC that's in the OU and my domain admin account and it show it being applied. I am trying to figure out what I have done wrong.
Computer Configuration (Enabled)hide
Policieshide
Administrative Templateshide
Policy definitions (ADMX files) retrieved from the local machine.System/Device Installation/Device Installation Restrictionshide
Policy Setting Comment
Allow administrators to override Device Installation Restriction policies Enabled
Display a custom message title when device installation is prevented by a policy setting Enabled
Enter the text you wish users to see (Max 63 chars)
Main Text Drive Block via Policy. Contact HelpDesk
Policy Setting Comment
Prevent installation of removable devices Enabled
User Configuration (Enabled)hide
Policieshide
Administrative Templateshide
Policy definitions (ADMX files) retrieved from the local machine.System/Removable Storage Accesshide
Policy Setting Comment
All Removable Storage classes: Deny all access Enabled
CD and DVD: Deny read access Enabled
CD and DVD: Deny write access Enabled
Floppy Drives: Deny read access Enabled
Floppy Drives: Deny write access Enabled
First thing is that Message only appears the first time you try to connect a USB device. If I take it out or even reboot and put in back that message does not appear but it DOES block the USB Drive. Is there a way to have that message appear every time?
Next issue is in Delegation I have Domain Admins DENY for Apply Policy. When I login with my domain account the USB is still be blocked and I ran GPRW and it selected a PC that's in the OU and my domain admin account and it show it being applied. I am trying to figure out what I have done wrong.