Wow, that was so simple that I could not think of it. Thanks for thinking "outside the box" or, rather "inside the box" in this case :-)
DL Meade, CNE, MCP Network Administrator Frankfurt-Short-Bruza www.fsb-ae.com <http://www.fsb-ae.com> -----Original Message----- From: Andrew Duey [mailto:[EMAIL PROTECTED]] Sent: Friday, July 05, 2002 11:14 AM To: NT 2000 Discussions Subject: RE: Lock out USB mass storage devices? How about removing the USB ports? Many computers have the front USB ports on a ribbon cable which could be removed from the case and moved inside the computer. Then you can run the USB keyboard & mouse connections INSIDE the case. This way you would still have USB but just not externally accessible. You could either disable the others via the BIOS or superglue them out of service. --Andrew Duey, MCSE -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Meade, Devin Sent: Tuesday, July 02, 2002 4:11 PM To: NT 2000 Discussions Subject: Lock out USB mass storage devices? Group, Is there anyway to lock out the ability to put a USB compact flash reader in on W2K Pro? We will be using optical mice and keyboards that are USB so I can't globally disable USB. I tried stopping the removable storage service but I could still read a compact flash SANdisk through the "removable disk" node. I am trying to ensure that users can't attach anything to the usb port and copy Gigs of data from or to our network - like a cf card or for that matter a USB cd burner. FYI - we are applying the basicws security template and the users will NOT be power users or administrators. I did not see anything that jumped out in the Security Configuration and Analysis MMC. Any thoughts? DL Meade, CNE, MCP Network Administrator Frankfurt-Short-Bruza www.fsb-ae.com ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
