2012 R2 based AD GPO to control USB access on XP

    General discussion

  • We are in the process of revamping our network and have deployed a new Windows 2012R2 based AD Domain.

    We have a mix of Win XP, Win7 & Win 8 Clients. Although the process of discarding the XP systems is in the pipeline, it will take time. Until then we wish to use AD GPO to deny access to USB port on the XP systems in the Win 2012R2 based AD Domain.

    We could easily restrict the USB Access on the Win 7 & Win8 systems but the GPO does not apply to XP.

    How can we restrict USB access on the XP System?

    • Edited by CosmicStrom Tuesday, January 6, 2015 1:36 PM
    Tuesday, January 6, 2015 1:35 PM

All replies

  • This is done via a file modification create here's a guide

    • Edited by AlexAdkin Tuesday, January 6, 2015 3:48 PM
    Tuesday, January 6, 2015 3:46 PM
  • Hi,

    Check out this MS article.

    Wednesday, January 7, 2015 5:15 AM
  • Hi,

    In addition, you can import the administrative template in the following KB article into Group Policy as a .adm file, and then you can find the corresponding policy setting in GPO to manage USB for Windows XP clients.

    HOWTO: Use Group Policy to disable USB, CD-ROM, Floppy Disk and LS-120 drivers

    Regarding how to add or remove an Administrative Template (.adm file), the following article can be referred to for as reference.

    Add or remove an Administrative Template (.adm file)

    Best regards,
    Frank Shen

    Wednesday, January 7, 2015 1:45 PM
  • Dear Prabhu,

    We tried configuration as mentioned in but it simple does not work with XP system.

    Tuesday, January 20, 2015 5:43 AM
  • Thanks Frank, we tried by importing the adm template and it seems to work. We need to test this thoroughly with few more xp systems.
    Tuesday, January 20, 2015 5:46 AM