how to block usb in active directory for users or computers

hello

after searching whole internet for a tutorial to block usb devices in active directory i found that non of them are actually work because in all of them they said to

“enable (* removable access * deny) in computer config/administrative templ

and link existing gpo to USER or OU

then run gpoupdate /force command in both server and client

and poof not working

because they point to enable usb blocking in computer config so then we shoud link gpo to comuter instead of users

while doing that make usb blocking work perfectly but also block usb for every user on that particular computer included administrators

so what to do to block usb for users instead of computer?sample just:

enable gpo in user config/ instead

 

also if your AD functional level is windows server 2000 the android smartphone and other portable device is still have accessable to avoid that you need to raise it to 2012 r2.

be notice with that windows xp and older mashine maybe stop working in AD

 

GOOD LUCK

 

6 فکر می‌کنند “how to block usb in active directory for users or computers

  1. DemiTass

    Howdy just wanted to give you a quick heads up.
    The text in your content seem to be running off the screen in Opera.

    I’m not sure if this is a formatting issue or something
    to do with browser compatibility but I thought I’d
    post to let you know. The style and design look great though!
    Hope you get the issue fixed soon. Many thanks

پاسخ دهید

نشانی ایمیل شما منتشر نخواهد شد. بخش‌های موردنیاز علامت‌گذاری شده‌اند *