I am trying to work on a fixlet which will disable the writing functionality if any system contains a CD or a DVD writer.
I came across one published by Microsoft,
Relevance:
(exists key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” whose (value “allocatedasd” of it != “2”) of registry) OR (exists key “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer” whose (value “NoCDBurning” of it != “00000001”) of registry)
I don’t know about the details of disabling all CD burning software, but I do see a problem with the your code that, if fixed, may make the above achieve your goal. The problem is with accessing the HKEY_CURRENT_USER branch. The client runs as SYSTEM, so the current user context for the client is not the same as the logged on user.
See this thread for info on how to read and set keys in HKEY_CURRENT_USER:
This mentions about the CD recording tab which contains the option to “enable CD recording on this drive” which is checked by default. I am trying to locate the value wherein I can restrict the burning functionality using any third party software…Any suggestions
I did some Googling on this and it looks like this is not a normally configurable item in Windows. You can use the GP setting to disable the Windows built in burning ability but this does not restrict 3rd party burning software.
I did find a hack that might work for you. It’s not a Microsoft Approved approach and might have unexpected side effects but it could be what you are looking for.
Under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\IDE+drive++device string+\Device Parameters\Imapi change the EnableImapi reg value from 1 to 0 for the drive where you want to disable CD Burning.
Relevance to find this might look something like this:
q: (value “FriendlyName” of it as string & " – " & value “EnableImapi” of key “Device Parameters\Imapi” of it as string) of keys whose (exists key “Device Parameters\Imapi” whose (exists value “EnableImapi” of it) of it) of keys of key “HKLM\system\CurrentControlSet\Enum\ide” of registry
Try it manually first on a few test machines to make sure it does what you wanted it to do. If it works as desired, we can work the problem together to get this all into a robust fixlet.