Hi Darren,
Thanks for the response. Yeah, I saw that KB article and noticed it was only on a per computer basis and that's when I turned to the group here for a bit of assistance. I'll check out the 3rd party companies you recommended and go with one of them if it turns out to be necessary. I appreciate your help. ~Ben From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Wednesday, December 13, 2006 8:56 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Lockdown CD-ROM access for some Ben- You might want to consider one of the 3rd party solutions for this. There are several on the market that both use and don't use Group Policy to implement lockdown. Check out Securewave and DesktopStandard, among others. If you don't have a budget, then there is a policy hack you can use to just disable the CD device driver altogether. This would be on a per computer basis though-not per user. See the following KB for details: http://support.microsoft.com/kb/555324 Darren From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of WATSON, BEN Sent: Wednesday, December 13, 2006 7:36 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Lockdown CD-ROM access for some I have been given a task for our secured environments (by secured, I mean government clearances required) to develop a means to lock down access to the CDROM drive at a user based level. They want most users to be restricted from using the CDROM drives in anyway, but allow a certain security group the ability to have full use of their CDROM drives. As far as I can tell, there is not a group policy that allows for this type of granular lockdown of the devices. Any suggestions on how to best tackle this? Information simply cannot leave these secured environments, and they no longer want users to have unfettered access to CD/DVD burners. The drive letter of the CD drives may not always be the same, in fact some machine's drive letters may vary wildly. Thanks, ~Ben
