Allow Device Level Access to Remotely Logged On Users

Applies To: Windows Server 2008

You can use this procedure to give device-level access to remotely logged on users to the drives on a computer.

By default, users logged on to a computer remotely (for example, by using Terminal Services or Remote Desktop) do not have device level access to either fixed or removable drives. This means that they cannot format hard drives or USB flash memory drives, or write to CD or DVD recorders.

Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure.

To allow device level access to remotely logged on users

1. Open the Group Policy Management Editor. To do so, click Start, and then in the Start Search box, type mmc gpedit.msc.

2. In the navigation pane, open the following folders: Local Computer Policy, Computer Configuration, Administrative Templates, System, and Removable Storage Access.

3. In the details pane, double-click All Removable Storage: Allow direct access in remote sessions.

4. Click Enabled.

5. Click OK to save your changes.

Additional considerations

• If you edit policy settings locally on a computer, you will affect the settings on only that one computer. If you configure the settings in a Group Policy object (GPO) hosted in an Active Directory domain, then the settings apply to all computers that are subject to that GPO. For more information about Group Policy in an Active Directory domain, see Group Policy (https://go.microsoft.com/fwlink/?LinkId=55625).