Sign in to follow this  
Followers 0
plastix

Detect Share / Group Policy File Rights

6 posts in this topic

Hi all.

Restricting access by Group Policy etc to UsbStor.inf / UsbStor.pnf can prevent the use of USB drives.

The presence of these files doesn't tell you whether the current user can use usb drives on the system... is there any means of detecting this type of protection / management ? I've looked at FileGetAttrib and the extended file property thread, but can't see anything that would help.

TIA :whistle:

Share this post


Link to post
Share on other sites



Hi all.

Restricting access by Group Policy etc to UsbStor.inf / UsbStor.pnf can prevent the use of USB drives.

The presence of these files doesn't tell you whether the current user can use usb drives on the system... is there any means of detecting this type of protection / management ? I've looked at FileGetAttrib and the extended file property thread, but can't see anything that would help.

TIA :whistle:

Here's a couple of sites to check out:

tech-recipes.com

techtarget.com

Google and you'll find about a hundred more ways to do this...


Auto3Lib: A library of over 1200 functions for AutoIt

Share this post


Link to post
Share on other sites

Thanks PaulIA

Actually, I've looked at many sites regarding 'how to' disable USB access etc - what I am after is a means of detecting whether these measures have been implemented on a given system from AutoIt.

Detecting whether the UsbStor service loading at startup has been disabled is easy enough reading the registry key... but I'm not sure how to go about detecting policy management on the files I mentioned previously - that's what I'm after.

Thanks again

Share this post


Link to post
Share on other sites

Thanks PaulIA

Actually, I've looked at many sites regarding 'how to' disable USB access etc - what I am after is a means of detecting whether these measures have been implemented on a given system from AutoIt.

Detecting whether the UsbStor service loading at startup has been disabled is easy enough reading the registry key... but I'm not sure how to go about detecting policy management on the files I mentioned previously - that's what I'm after.

Thanks again

Uh... you lost me. :whistle: There's a lot of different ways to disable the USB drives. You'd have to write just as many routines to detect this, right? ;)

Seriously, if you want to disable the USB drive, just use one of the methods outline above. It you're trying to detect if it's disabled, then can you elaborate on what you'd do next? Are you looking to re-enable access? Maybe if you're a little more clear on the end goal, we can help you out.


Auto3Lib: A library of over 1200 functions for AutoIt

Share this post


Link to post
Share on other sites

Uh... you lost me. :whistle: There's a lot of different ways to disable the USB drives. You'd have to write just as many routines to detect this, right? ;)

Seriously, if you want to disable the USB drive, just use one of the methods outline above. It you're trying to detect if it's disabled, then can you elaborate on what you'd do next? Are you looking to re-enable access? Maybe if you're a little more clear on the end goal, we can help you out.

Sure. While detecting 'every' means of disabling USB devices is not feasible, I basically need to check for the user-management control of the UsbStor.inf file. This is part of a system audit to ensure compatibility with a number of systems (one of which runs from USB). If this is restricted, then the utility would email a datafile indicating that USB is disabled on a given system - this would enable this system to be 'skipped' until USB can be activated (if at all). The test systems do not belong to the company - flagging those that have various restrictions will avoid wasted trips to these areas until the restrictions can be lifted. Running this audit tool prior to a visit may reduce some time wasting. Hope that paints the picture a little.

Basically, those systems that have posed problems (as far as USB devices go) have either had the UsbStor service disabled, or the UsbStor.inf was locked - hence the interest in detecting the latter.

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

Ah! Ok, I'm with you now. So, if a group policy is in effect that prevents the UsbStor.inf file from being read, can't you detect this by simply trying to open the file and read it?

Edited by PaulIA

Auto3Lib: A library of over 1200 functions for AutoIt

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0