none
2008 r2 GPolicy Question

    Question

  • Dear Sirs,

    I have a Domain with 2008 r2 OS and Windows 7 Clients. I need to implement a scenario where all users can't write on usb drives EXCEPT some specific user accounts. 

    I was try to Open the Default domain Group Policy settings and then change the Computer Configuration\Policies\System\Removable Storage Access\ to Allow. With this Action ALL company wasn't able to write on USB Disks. But with this method i can't find a way to select a "whitelist"users so they can Write to usb drives.

    how this can establish ? 

    thank you

    Wednesday, November 21, 2012 10:44 AM

Answers

  • Thank you for your answer. This answer refer only to domains 2003. This method also works for 2008 but i need something more simple. The way i described it is much easier but i cannot find how to apply it only to specific users. What is suggested? to create 2 seperate GPO ? One for allow users and one for Deny users? Or just create one GPO and assign it to Deny Users ?

    See this Blog http://www.grouppolicy.biz/tag/usb/. Here you can find all the info what you are looking for.The Author have been explained in different ways and also shared some of best practices.

    Note:Same blog details you can find in my previous post if you navigated it completely. Anyways sharing it with you again. Thanks :)


    Regards, Ravikumar P

    Friday, November 23, 2012 12:16 PM

All replies