Normally in Windows 2000/XP only administrators have sufficient rights to install new hardware on a machine, but PnP provides a way around that in some cases. This is because there are two ways in which PnP can install new hardware: server- or client-side installation. To prevent ordinary users from being able to install PnP devices, you can delete the
Driver.cab file, which contains all of the device drivers included with your release version of Windows. This file is found in the C:\Windows\Driver Cache\I386 folder on a desktop system, but it's a hidden file so you have to change your folder options to view it. If you delete this file on a user's machine, then when a user connects a new device to his or her machine and the PnP Manager starts the install process, it won't find a driver locally and will prompt the user for administrator credentials to complete the installation. If you've kept your system patched and up to date with the latest service pack then also be sure to delete the
sp*.cab file found in the same folder because this file also contains drivers for supported devices.