0
I want use windows policy setting to limit access to removable media.
This can be done by setting
[HKEY_USERS\<uid>\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices]
"Deny_All"=dword:00000001
for limiting a specific user
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices]
"Deny_All"=dword:00000001
for all users on the machine.
I'm looking for a method to limit all users, with the exception of one specific local user. However, the limitation appears to be additive - there is no way (that I know of) to define an exception for a specific user.
Is there some kind of alternative?
disabling removable media access in the machine level (in HKEY_LOCAL MACHINE), and allowing removable media access to a specific user doesn't work. blocking each other user does work, but it's problematic with domain users (there might be many users in the domain) – Ophir Yoktan – 2011-06-24T20:22:30.520
@Ophir Yoktan I never said do it for HKLM...do it all for current each user with the appropriate permission, then set it up so any future users get the default profile, with the permission denied. – KCotreau – 2011-06-24T22:17:54.473