9.3 patch 1 came out and it claims it supports MTP. I loaded it up in my test environment and it still appears I need to have a plug and play rule that blocks all 'windows portable devices' in order to stop copying things to my Android Phone. Maybe I am missing something in the policy to add MTP as a removable storage device.... Still looking and I opened a SR. If I find anything I will post it here.
Here is the device I am trying to make read only via a RMSD rule: Andrioid JB, HTC One. I connect via USB and it shows up as a Windows Portable Device which I can navigate and get to storage on the device. I was under the impression that this uses MTP and 9.3 P1 should be able to recognize this as such and apply removable storage rules to the device (like read only). As mentioned earlier in this thread I know I can block Windows Portable Devices via P&P rules, but that just blocks the entire device and I can't make it read-only. Its possible I'm just confusing this a bit; just so I am clear, where do you actually set MTP rules (or where do they get applied)? From the documentation its not clear if something has to be modified in the policy or if its somehting that is automatically detected. Thanks for any assistance.
Device Class GUID:
Device Class Name:
Device Compatible ID:
Device Instance ID:
I am trying to do something similar. I want to allow reading from devices and charging of phones, but I can't do it. A device detection rule will allow it, but it seems that there is a double detection with smartphones. The first uses the rule, the second shows the device as a Windows Portable Device and bypasses the device rule. A PnP rule will block this, but block it completely and not allow charging. It seems that there is no way to get what I need. I have tried numerous parameters on the rules, but nothing seems to work.
MTP rule is supposed to work with Removable Storage Protection rule and not with any Device Rules.
You can apply a rule to block all content being copied to all removable storage devices, and this will help you in achieving block of copying to MTP devices while allowing to charge them.
Ensure Portable devices handler is enabled.
Hope I could help
The way that MTP blocking has been implemented in 9.3.1 is nothing short of retarded.
We have RS rules in place that makes Removable Storage on all bus types read-only with the exception of EERM-encrypted devices (and using EEFF to enforce encryption of USB media). This works beautifully for non-MTP RS. Now, because MTP is enforced via an RSPR and not a RSDR, blocking write access to this is impossible without affecting our EERM-encrypted devices. It just prevents writing content on all removable storage devices now, inlcuding our EERM-encrypted devices when the RSPR rule is in force.
Why is there no mechanism to exclude/include devices by definition in the RSPR rule or some way of differentiating between MTP and normal RS-based devices?
Anyone have any suggestions?
So if I understand this correctly....
You can make a device read-only that uses MTP via a Removable Storage Protection Rule.
You can NOTmake a device read-only that uses MTP via a Removable Storage Device Rule.
If that is the case to the point above, if we have 'approved devices' there is no way to enable/disable the MTP Removable Storage Protection Rule to specific devices only.
Am I correctly interpreting how this works?