[gptalk] ADM problem

  • From: "Gray Troutman" <jgraytroutman@xxxxxxxxx>
  • To: gptalk@xxxxxxxxxxxxx
  • Date: Tue, 22 Aug 2006 09:34:12 -0500

Hey folks,
I've implemented a few custom ADMs without any difficulty.  I have one,
however, that doesn't seem to want to work properly.  It's one I found it
over at thelazyadmin.com.  The ADM is supposed to disable write access to
USB devices.  When I manually create the key and dword, everything works
fine, but when I try to implement it through a GPO, it creates the key and
dword, but doesn't place the appropriate value (1) into the registry.  Here
are the contents of the ADM:

CLASS MACHINE
CATEGORY "Removeable Storage Write Access"
POLICY "USB Write Access"
 KEYNAME "SYSTEM\CurrentControlSet\Control\StorageDevicePolicies"
  VALUENAME "WriteProtect"
  VALUEON NUMERIC 1
  VALUEOFF NUMERIC 0
END POLICY
END CATEGORY;

As an additional note, I'll mention that this is the only machine specific
policy I'm trying to enforce within this GPO, everything else is on the user
side.  I had thought that maybe I had instituted a policy that was keeping
the key from being generated, but everything show up except for the
appropriate value.

Thanks in advance,
Gray

Other related posts: