Normally in Windows 2000/XP only administrators have sufficient rights to install new hardware on a machine, but PnP provides a way around that in some cases. This is because there are two ways in which PnP can install new hardware: server- or client-side installation. To prevent ordinary users from being able to install PnP devices, you can delete the Driver.cab file, which contains all of the device drivers included with your release version of Windows. This file is found in the C:\Windows\Driver Cache\I386 folder on a desktop system, but it's a hidden file so you have to change your folder options to view it. If you delete this file on a user's machine, then when a user connects a new device to his or her machine and the PnP Manager starts the install process, it won't find a driver locally and will prompt the user for administrator credentials to complete the installation. If you've kept your system patched and up to date with the latest service pack then also be sure to delete the sp*.cab file found in the same folder because this file also contains drivers for supported devices.
- Admin KnowledgeBase
- Articles & Tutorials
- Authors
- Blogs
- Free Tools
- Hardware
- Message Boards
- Newsletters
- RSS
- Software
- White Papers
- Admin Tips
- Windows Server 2008/2003/2000/XP/NT Administrator Knowledge Base
- Windows XP
- Admin Tips
- Security
- Prevent Ordinary Users From Installing Devices
- Security
- Admin Tips
- Windows XP
- Windows Server 2008/2003/2000/XP/NT Administrator Knowledge Base
Enhance security by preventing ordinary users from being able to install devices.
Latest tips by Mitch Tulloch
Article not looking right or info is missing? Let us know so that we can fix it: .
Featured Links*
Become a WindowsNetworking.com member!
Discuss your network issues with thousands of other network administrators. Click here to join!
Featured Products
