The phone wasn't connected to the terminal at all and the policy rule with the definition has been set in place.
But once the phone was connected to the desktop, the desktop actually registers the device and installs the driver and allowing user to transfer photos and also being to charge.
Also, i have set the device class to be blocking imaging devices and also, Windows portable device (which supposingly should be mass storage device).
I'm currently using a plug and play definition and rule.
Please advise as the first instance should block the phone connection directly instead of letting it run the driver and installing it instead.
Thanks for the reply.
For the plug and play definition, I'm trying to block off all the Apple products that are trying to be plugged into the desktop.
Thus, my settings were set as according:
bus type: USB (using cable)
device class: imaging devices, windows portable device (two boxes that I've ticked)
device name: Apple (partial match, because some products may appear as iPod or iPhone or iPad)
Are there other parameters that I would need to consider?
Would there be another alternative way to block off personal smart phones such as iPhones other than the below stated?
Plug and Play device definition 1:
- bus type: USB
- device class: imaging devices, windows portable device
- device name: Apple (partial match)
- vendor ID: 05AC (Apple)
- device ID: blank as it works to block off the iPhones on the second instance
Plug and Play rule A creation:
- To include the above definition, block (online/offline) and to apply to the user group
Would a plug and play device rule be sufficient to block off entirely or is there like another device rule that I have left out on my side.
Do we need to have a rule for removable storage device or any other rules needed?
On our end we are still trying to test out the various rules/definitions for other aspects such as thumbdrives and such.
I have seen somewhat of the opposite at my company. We want to allow reading from devices and charging. When I first connect an Android device, I get a popup warning as expected, and I am unable to save to the device but it charges. However, upon the second detection, the device is detected as a Windows Portable Device, and I am able to save files to it. If I enable a PnP rule, the device is blocked completely on the second detection and does not charge, but I am unable to see files at all.
So it seems that there is an issue with the double detection, and I am unable to configure a rule to work. I want to use a Device Detection, but I have tried a number of parameters, and none work. When the device comes in as a Portable Device, it seems that a PnP is the only thing that will work, but it does a complete block.