Email: helpdesk@telkomuniversity.ac.id

This Portal for internal use only!

All Categories

All Categories

Search

0 Wishlist

Cart

Categories
More Categories Less Categories

iconTicket Service Desk

All Categories

All Categories

Search

0 Wishlist

Cart

Menu
Home/Microsoft/Blocking USB slots in Intune

Blocking USB slots in Intune

/ 2024-08-02 / Microsoft

Dear Reader, 

because of security reasons, I want to block all the USB slots of our clients.

On different websides I was told to go to    Intunes –  Devices – Windows – Configuration    and create a new “GPO” policy  by choosing an administrative template called “prevent installation of devices not described….” and include the user group. In a second step I need to exclude all the hardware I do not want to be blocked, like keyboard, mouse….  

But after all that doesn´t seem to work.

After waiting a few hours, in hope the test client would drag the “GPO”, I could still use my own USB Stick. (Btw: is there a way to synchronise instead of waiting? Like the old gpupdate /force in cmd? and without the “synchronise” in the company portal?)

 

After that fail, I did the same in Endpoint security and that works fine. All the USB slots are  locked. 

So was it just a wrong infromation to do it with a configuration profile?  

Where is the difference between configuration profile and endpoint security? 

 

In a next step I want to lock down USB in booting the PC as well. Is that possible? 

Thanks a lot for any hint. 

Have a nice day. 

Hilmar

​Dear Reader, because of security reasons, I want to block all the USB slots of our clients.On different websides I was told to go to    Intunes –  Devices – Windows – Configuration    and create a new “GPO” policy  by choosing an administrative template called “prevent installation of devices not described….” and include the user group. In a second step I need to exclude all the hardware I do not want to be blocked, like keyboard, mouse….  But after all that doesn´t seem to work.After waiting a few hours, in hope the test client would drag the “GPO”, I could still use my own USB Stick. (Btw: is there a way to synchronise instead of waiting? Like the old gpupdate /force in cmd? and without the “synchronise” in the company portal?) After that fail, I did the same in Endpoint security and that works fine. All the USB slots are  locked. So was it just a wrong infromation to do it with a configuration profile?  Where is the difference between configuration profile and endpoint security?  In a next step I want to lock down USB in booting the PC as well. Is that possible? Thanks a lot for any hint. Have a nice day. Hilmar  Read More

Tags:

Related posts

From questions to discoveries: NASA’s new Earth Copilot brings Microsoft AI capabilities to democratize access to complex data
2024-11-14

From questions to discoveries: NASA’s new Earth Copilot brings Microsoft AI capabilities to democratize access to complex data

Microsoft introduces new adapted AI models for industry
2024-11-13

Microsoft introduces new adapted AI models for industry

IDC’s 2024 AI opportunity study: Top five AI trends to watch
2024-11-13

IDC’s 2024 AI opportunity study: Top five AI trends to watch

Leave a Reply

Your email address will not be published. Required fields are marked *

Adobe
Google for Education
IBM
Matlab
Microsoft
Wordpress
Visual Paradigm
Opensource

Portal Application Package Repository Telkom University, for internal use only, empower civitas academica in study and research.

Information

Contact Us

Copyright © Telkom University. All Rights Reserved. ch