0
I wan't to set up windows policy definitions (specifically, block access to removable media) to service users.
For a regular user, I use the following definition in the registry:
[HKEY_USERS\<uid>\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices]
"Deny_All"=dword:00000001
but service users don't have a registry hive - so there's no where to perform this definition.
Is there a method to apply a policy (or other user specific registry setting) to a service user?
I mean both these users, but also user defined users which are used to run services – Ophir Yoktan – 2012-02-20T08:56:36.950
For any user, you're going to need to have their NTUser.dat open. Either log in as that user (if it's a "normal" user account) and go to HKEY_CURRENT_USER\Software\Policies... or mount their NTUser.dat as described. – Patrick Seymour – 2012-02-20T22:22:45.553