Allow non-power users to “safely” eject removable media.

pts.
Tags:
DataCenter
Management
Microsoft Windows
Networking
OS
Security
Servers
SQL Server
Does anyone know a way in which I can allow out public computer users the ability to safely remove their flash media drives? I found a setting in group policy, but I can only allow admins or power users. I do not want to make the public user a power user on the local machine. The clients are WinXP Pro and the server is Win 2003. I am running a domain with Active Directory.

Answer Wiki

Thanks. We'll let you know when a new response is added.

I had the same situation. I wanted school students to be able to remove their USB drives without giving them rights. Here is what I did:

  1. Create a shortcut named ?Safely Remove Hardware? with the target location of %windir%System32RUNDLL32.EXE shell32.dll,Control_RunDLL hotplug.dll
  2. Place the shortcut on your start menu (network or local)
  3. Open your User Policy and go to Administrative Templates/Control Panel. Change the setting ?Prohibit access to the Control Panel? to ?Not configured?.
  4. Change the ?Show only specified Control Panel Applets? to ?Enable? then click the Show button, click the add button and type in sysdm.cpl.

Step #4 only allows them to run the applet not get into the control panel itself.

Hope this helps, Toby

Discuss This Question: 4  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Spadasoe
    per Sandisk: These steps are not required for Windows XP. Use the "Safe to Remove Hardware" hotplug icon in the notification area ofthe taskbar to safely remove the device before unplugging. I have not had any loss of data or corruption when just unplugging. Just make sure any apps running from the drive are stopped, any data copy is completed.
    5,130 pointsBadges:
    report
  • Imazing
    FYI, I have had a number of users corrupt data by just unpluging flash drives. It took aout a 6 monthes to a year but it did happen and when it happened they were not happy. Luckly I was able to retrieve must of the data.
    0 pointsBadges:
    report
  • Skepticals
    spadasoe, The problem I face is with the public users. I do not have the time nor energy to show each and every one of them documentation that says they do not have to safely remove the hardware. I myself, generally do not use it. I think you were telling me to use: Use the "Safe to Remove Hardware" hotplug icon in the notification area ofthe taskbar to safely remove the device before unplugging. But, they do not have access to this. It says that they do not have permission to eject the media. That is the problem.
    0 pointsBadges:
    report
  • Mortree
    Place a banner on the background if necessary and Set rights to Adminsitrators and Interactive Users on this item. Intereactive users includes normal users. Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity Options Determines who is allowed to format and eject removable NTFS media. This capability can be given to Administrators, Administrators and Power Users, or Administrators and Interactive Users. Of course it would be even safer if your application copies only from a particular directory to Flash media then ejects using encrypted secondary credentials. Various programs exist to enable elevated credentials for such scripts/applications http://searchwincomputing.techtarget.com/tip/0,289483,sid68_gci1069341,00.html
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following