Video Screencast Help

Need to block USB on Safe Mode/ Safe Mode with networking

Created: 29 Dec 2011 • Updated: 29 Dec 2011 | 25 comments

Hi- I have blocked the USB through Symantec Policy but this Policy/SEP not working on safe mode. Kindly provide any resolution to sort out.

 

Pls help.

Comments 25 CommentsJump to latest comment

la_ripper's picture

Policy would not work in safe mode.

Don't forget to mark your thread as 'solved'  or vote with the answer that best helped you!
 

Mithun Sanghavi's picture

Hello,

Auto-Protect would not run in Safe Mode and so does the Application and Device Control.

If the mass storage device is on the network and you did not choose Safe Mode with Networking, then you will probably not be able to get to it. This has nothing to do with SEP.

The Application and Device control drivers will automatically disable themselves in the event that they see they are running in safe mode.

Also check this Thread:

https://www-secure.symantec.com/connect/forums/application-and-device-control-not-working-under-safe-mode

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Sumit G's picture

If I am running in Safe Mode with Networking then this Service will work?

Regards

Sumit G.

Mithun Sanghavi's picture

Hello,

Is the mass storage device on the network?

I believe you are talking about USB, isnt' it??

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Sumit G's picture

My Requirement is I need to disable the USB when I will be on Safe Mode with Networking. Because in our Network some of the user can access the Song/Video after running the System in Safe Mode with Networking.

Regards

Sumit G.

Mithun Sanghavi's picture

Hello,

Well, in that case, only thing you can do is to restrict their access to  Safe mode / Safe Mode with Networking with a Password.

Contact Microsoft for the same.

You can also check this:

http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/e9baae2d-7cbe-4109-a90b-7886b48007c4

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Sumit G's picture

it's mean that any one can access the usb device to restart with safemode. so there is not any benefit of application and control service under safemode

Regards

Sumit G.

Sumit G's picture

But One of my old branch this option is working through the SEPM..

I had logged in Safe Mode but not able to Acess the USB there.

Regards

Sumit G.

Sumit G's picture

Hi Yesterday I have make some changes in the registry.

I have copied the folder of Symantec

Path- Hkey local machine\currentcontrolset\services\symantec

and paste it in the below path

Path- Hkey local machine\currentcontrolset\Safeboot\Network

then restart the system and open threw Safemode with networking it's working. Pendrive and all block drive showing blocked there.

But that is not permanent and solid solution. So pls help me to make it possible.

Regards

Sumit G.

W007's picture

Hi

Have you issue sorted with this mention setting.?

 

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Jason1222's picture

What version of Windows are you running?

Windows Vista/7 or Windows XP?

32 bit or 64 bit?

Sumit G's picture

Problem is still..

Windows Vista/7 or Windows XP with 32 bit

Regards

Sumit G.

W007's picture

Hi

Disable Safe mode..

http://forums.techarena.in/operating-systems/1173908.htm

 

http://www.pcreview.co.uk/forums/disable-f8-and-safe-mode-windows-xp-boot-up-t145891.html

http://forum.thewindowsclub.com/windows-7-management-support/30836-how-enable-disable-safe-mode.html

Block Removable Device..

this is not possible through SEPM you can try to Group policy,

You can try this Step.

 

Run -> GPMC.MSC ->Create new GPO Policy->Edit ->Computer Configuration ->Policies ->Administrative Templates->System /Removal Storage Access and select setting.

http://support.microsoft.com/kb/555324

 

 

 

 

 

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Sumit G's picture

Hi Manish,

 

    I know it not possible through SEPM ADC, But I want the same setting on SEPM also. Because our company using SEPM basically for the ADC policy. If it not working in Safe Mode/ Safe Mode with n/w then our senior will be update the requriement to change it.

Regards

Sumit G.

Ashish-Sharma's picture

HI Sumit,

Please Ask you seniors if this policy may be work you are IT team will be not complete all troubleshooting part in Safe mode.

One more all Symantec policy applied after your system are running.It's not working in Safe mode.
 

 

 

Thanks In Advance

Ashish Sharma

 

 

la_ripper's picture

 

 

Hello Sumit,

 

The ADC policy would not work in safe mode since most of the drivers are disabled in this mode. 

We understand your requirement is to block ADC in safe mode in networking since its a concen that users may misuse it. Looking from the IT point of view safe mode in networking the users can make many more changes apart from ADC so its best to eduated ur seniors to first block access of safe mode with networking which also take care of the ADC and the other changes which users may do . 

 

Don't forget to mark your thread as 'solved'  or vote with the answer that best helped you!
 

Sumit G's picture

Hi- I have make some changing in the registry, now smc service is working in Safe Mode with n/w but. Policies are not working there. So can anyone guide me how the connection b/w smc.exe and ADC policy

Regards

Sumit G.

pkyadav's picture

Hi All,

In sep 11.x, sep work in safe mode and ADC policy also work in safe mode....but in sep 12.1 its not working in safe mode...but safe mode with networking it works......

Also its a very big drawback of SEP 12.1, that it not work in safe mode....coz if user can access the usb in safe mode then he can steel the ofc data............so whats the use of sep and ADC policy......why we use sep??????

Sumit G's picture

There is not any closer found to resolve this issue

Regards

Sumit G.