hasmad.blogg.se

Select Human Interface Devices and the devices to restrict one of its functions.Under Devices Excluded From Blocking, click Add.(If Disk Drives isn't listed, it is already added as a Blocked Device). Under the Blocked Devices section, click Add, select USB and click OK.Right click the Application and Device Control Policy and select Edit.If so, there will be a notification message on the client that a reboot is necessary for the new policy change, and the client will be listed in the Reboot Required logs in the SEPM. When the clients get the new policy, they may need to be rebooted for the policy to work correctly. Select the group to assign the edited policy to. Press OK to close windows until at the " Application and Device Control Policies" window of the SEPM.Select (Highlight) the device added to the hardware list (The unique USB device added previously.) and press OK.Select (Check mark) " Only match on the following device id type", press Select.Under " File or Folder Name To Match" enter a * (An Asterisk).Select " Block writing to all files and folders", under "Do not apply to the following files and folders", select Add.Select (Check Mark) " Block writing to USB drives" and select Edit.Right click the appropriate Application and Device Control Policy and select Edit.

In the SEPM, Under View Policies, select Application and Device Control.Select the Device ID option, click in the text box and use CTRL-V to paste the Device ID copied from the DevViewer tool.Īdd Disk Drives and the Hardware Device to allow to the Devices Excluded From Blocking list:.Type in the Name to identify the device (example: Administrator's USB Flash drive).Under Tasks, select Add a Hardware Device.Under Policy Components, select Hardware Devices.In the upper left corner of the console, under the View Policies section, click on Policy Components to expand the sub-list.In case of difficulties in finding the correct 'Device ID' for building the rule, remember that in DevViewer you can change the 'View Style' to "View devices by connection", which may help, particularly when troubleshooting USB exclusions.Īdd the Hardware Device into SEPM policy: In the device's Properties dialog box, on the Details tab, select the Device ID (on Windows XP) or Device Instance Path (Windows Vista or 7).In the Device Manager list, double-click the device.