Can't restore access to USB storage device

perty1976 · ‎Aug 21 2022

Good evening, I have a problem restoring access to USB archive in devices managed by intune.
I insert a new user in the OU excluded from the policy that blocks USB storage device. Until now the user had access to them.
Obviously this does not restore the access, I have to do it.

I changed the registry value

HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\System\AllowStorageCard to 1

and I checked that there are no values in the key

HKLM\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevice

When I insert a USB storage the icon appears, I see that it is in FAT32 or NTFS format but if I explore the content it tells me that I have to insert a USB device.

What do I need to change to restore access to USB storage device?

Durrante · ‎Aug 22 2022

Hi there, I have blogged about this before? Can you check your settings against the bonus tip section in this article: https://letsconfigmgr.com/block-usb-drives-microsoft-intune/

A restart is required so maybe that's the bit your missing?

NielsScheffers · ‎Aug 22 2022

Hi @perty1976! Unfortunately, like you've noticed, this configuration is tattooed on the device (it's not removed when unassigned, it just isn't enforced anymore).

When you say you already "changed the registry value", did you do it manually or via OMA-URI (./Device/Vendor/MSFT/Policy/Config/System/AllowStorageCard = (integer) 1)? The latter should work. It requires a restart, though.

perty1976 · ‎Aug 22 2022

Hi @NielsScheffers

Thank you @Durrante the article was one of those I referred to.

When AllowStorageCard = 0

But when AllowStorageCard = 1

And the storage device is connected

Yes, when I change registry key I restart my notebook and I am trying with different storage devices.

I change registry settings manually by regedit as local admin.

Now the configuration to disable USB is for all autopilot devices but my is in a filter for exclusion and my user is in a OU in excluded group.

perty1976 · ‎Aug 23 2022

@perty1976, I think you must use the OMA-URI method, as that is (kind of) how it was set, so the tattoo is in there. Simply changing the registry (via regedit) may not yield results.

perty1976 · ‎Aug 23 2022

Even with OMA-URI the result is the same.

Tomorrow I will try with another notebook. I hope it's only my notebook to have this problem!

perty1976 · ‎Aug 24 2022

New notebook, different user and same result.

https://docs.microsoft.com/en-us/answers/questions/156104/intune-usb-block-unabel-to-reverse-change....

And I'm not the only one.

AFRSM · ‎Sep 16 2022

Has there been any resolution to this? Experiencing the exact same issue

perty1976 · ‎Sep 16 2022

I applied the OMI-USI policy on 130 laptops and it applied correctly on more than 100. The other 30 slowly began to activate the usb ports and at the moment there are only 4 notebooks not being able to use the usb ports even if the policy has been set.

perty1976 · ‎Aug 23 2022

@perty1976, I think you must use the OMA-URI method, as that is (kind of) how it was set, so the tattoo is in there. Simply changing the registry (via regedit) may not yield results.

View solution in original post

Can't restore access to USB storage device

Can't restore access to USB storage device

Re: Can't restore access to USB storage device

Re: Can't restore access to USB storage device

Re: Can't restore access to USB storage device

Re: Can't restore access to USB storage device

Re: Can't restore access to USB storage device

Re: Can't restore access to USB storage device

Re: Can't restore access to USB storage device

Re: Can't restore access to USB storage device

Re: Can't restore access to USB storage device

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Can't restore access to USB storage device