HP ProBook 4525s HP ProtectTools User Guide - Windows XP, Windows Vista, Windo - Page 93
Device Access Manager for HP ProtectTools, Device Access Manager - reviews
View all HP ProBook 4525s manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 93 highlights
Device Access Manager for HP ProtectTools Users have been denied access to devices within Device Access Manager, but the devices are still accessible. ● Explanation-Simple Configuration and/or Device Class Configuration have been used within Device Access Manager to deny users access to devices. Despite being denied access, users can still access the devices. ● Solution: ◦ Verify that the HP ProtectTools Device Locking service has started. ◦ As an administrative user, click Control Panel, and then click System and Maintenance. In the Administrative Tools window, click Services, and search for the HP ProtectTools Device Locking/Auditing service. Be sure that the service is started and that the startup type is Automatic A user has unexpected access to a device, or a user is unexpectedly denied access to a device. ● Explanation-Device Access Manager has been used to deny users access to some devices and allow users access to other devices. When the user is using the system, they can access devices they believe Device Access Manager has denied and are denied access to devices they believe Device Access Manager should allow. ● Solution: ◦ Use the Device Class Configuration within Device Access Manager to investigate the user's device settings. ◦ Click Security Manager, click Device Access Manager, and then click Device Class Configuration. Expand the levels in the Device Class tree and review the settings applicable to this user. Check for any "Deny" permissions that may be set on the user or any Windows Group of which they may be a member, e.g., Users, Administrators. Allow or deny-which takes precedence? ● Explanation-Within Device Class Configuration, the following configuration has been set: ◦ The Allow permission has been granted to a Windows group (e.g., BUILTIN\Administrators) and the Deny permission has been granted to another Windows group (e.g., BUILTIN\Users) at the same level in the device class hierarchy (e.g., DVD/CD-ROM Drives). ◦ If a user is a member of both those groups (e.g., Administrator), which takes precedence? ● Solution: ◦ The user is denied access to the device. Deny takes precedence over Allow. ◦ Access is denied because of the way in which Windows works out the effective permission for the device. One group is denied, and one group is allowed, but the user is a member of both groups. The user is denied because denying access is given precedence over allowing access. Device Access Manager for HP ProtectTools 85