Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Remove USB Pen drive?

Status
Not open for further replies.
BOFH1

BOFH1

Technical User
Jan 3, 2004
135
0
0
GB
My users cannot remove USB devices inc Pen drives, i tried setting this policy but still no joy,

Computer Configuration\Windows Settings\Security Settings\Local Policies\security options\Devices: allowed to format and eject removable media

I emabled interactive users to do this but they still can't. (Obviously they can just pull them out which is what they are doing but i don't like that)

Win2k Pro SP4

Any ideas.

Thanks.



 
Sort by date Sort by votes
Your GPO is not sufficient for Pen Drives. The USB Pen Drives are enumerated under the PnP service; changing your floppy disk and inserting another is not, for example.

There really is no good GPO for Pen Devices at the moment under Win2k or XP.

Let them remove them as they are doing.
 
Upvote 0 Downvote
Hmmm a few users have complained this is corrupting docs, i've not seen any evidence of this yet tho.


Thanks for the reply tho.

 
Upvote 0 Downvote
It is perfectly believable that it could corrupt documents if removed in an unsafe manner.

Have them logoff before removing the device.
 
Upvote 0 Downvote
I will cheers.

ps i assumed the "format and eject removable media" meant other than floppy disks.

Did i interperit that incorrectly.


 
Upvote 0 Downvote
Yes, you interpreted the policy object correctly.

Strictly speaking that policy object was designed for NTFS formatted media only; what was in mind was MO (magneto-optical) drives.

It is tied to a Windows service called RMS (Removable Media Storage System) that handles among other things tape libraries.

There just is not a suitable policy object in the standard MMC libraries for USB Pen devices. Unfortunately, handling these devices "properly" implies some changes in the way in which Plug and Play enumeration occurs, and how the devices are identified to the OS.

 
Upvote 0 Downvote
Of course i hadn't considered RMS.

Thanks for your input bcastner.

 
Upvote 0 Downvote
The issue appears in all of the OS Forums on this, and other sites.

I am very sympathetic, and in my own modest way have "pushed" the issue with Microsoft.

There are things in the works; the convenience of these little devices far exceeds the planned for security hazards of floppy disks and CDs.

As a guess, you will see first standards set for identifying the devices unambiguously (there essentially are none now), and a resultant GPO to handle the issue.

As another guess, the security issues will rate first on the Microsoft list. The standards setting for acceptable HCL devices to incorporate the safety removal icon a bit later.

And whether Win2k will ever see these changes, I am flat clueless.

There exists already some third-party software to handle your issue. One good example:
 
Upvote 0 Downvote
do you mean users cannot disable usb devices right clicking on the tray icon? did you try a left click too?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

grnzbra
  • Locked
  • Question
Formatting Full Hard Drive 1
Replies
7
Views
154
austinpctech
austinpctech
Sebastian42
  • Locked
  • Question
Getting a drive REdetected
Replies
18
Views
229
Rick998
Rick998
dpellegrini
  • Locked
  • Question
Unable to map a drive
Replies
12
Views
201
dpellegrini
dpellegrini
FraidyMan
  • Locked
  • Question
Intermittent USB 1
Replies
4
Views
79
tacohunter
tacohunter
Sebastian42
  • Locked
  • Question
Inappropriate drive icon being allocated 1
Replies
2
Views
63
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top