Forum Discussion

perty1976's avatar
perty1976
Copper Contributor
Aug 21, 2022
Solved

Can't restore access to USB storage device

Good evening, I have a problem restoring access to USB archive in devices managed by intune.
I insert a new user in the OU excluded from the policy that blocks USB storage device. Until now the user had access to them.
Obviously this does not restore the access, I have to do it.

I changed the registry value

HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\System\AllowStorageCard to 1

and I checked that there are no values in the key

HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevice

When I insert a USB storage the icon appears, I see that it is in FAT32 or NTFS format but if I explore the content it tells me that I have to insert a USB device.

What do I need to change to restore access to USB storage device?

Intune
usb block
  • NielsScheffers's avatar
    NielsScheffers
    Aug 23, 2022

    perty1976, I think you must use the OMA-URI method, as that is (kind of) how it was set, so the tattoo is in there. Simply changing the registry (via regedit) may not yield results.

8 Replies

Sort By
  • NielsScheffers's avatar
    NielsScheffers
    Iron Contributor
    Aug 22, 2022

    Hi perty1976! Unfortunately, like you've noticed, this configuration is tattooed on the device (it's not removed when unassigned, it just isn't enforced anymore).

     

    When you say you already "changed the registry value", did you do it manually or via OMA-URI (./Device/Vendor/MSFT/Policy/Config/System/AllowStorageCard = (integer) 1)? The latter should work. It requires a restart, though.

     

     

    • perty1976's avatar
      perty1976
      Copper Contributor
      Aug 22, 2022

      Hi NielsScheffers 

      Thank you Durrante  the article was one of those I referred to. 

       

      When AllowStorageCard = 0  

       

       
       
      But when AllowStorageCard = 1 

       

       

      And the storage device is connected 

       

       

      Yes, when I change registry key I restart my notebook and I am trying with different storage devices. 

       

      I change registry settings manually by regedit as local admin. 

       

      Now the configuration to disable USB is for all autopilot devices but my is in a filter for exclusion and my user is in a OU in excluded group. 

      • NielsScheffers's avatar
        NielsScheffers
        Iron Contributor
        Aug 23, 2022

        perty1976, I think you must use the OMA-URI method, as that is (kind of) how it was set, so the tattoo is in there. Simply changing the registry (via regedit) may not yield results.

Resources