Check the "Microsoft-Windows-DeviceGuard/Operational" log for events related to the enforcement of the attack surface reduction rules.
Look for events with Event ID 1121 or 1122, which indicate the blocking of a process or file.
Also, check the "System" log for any related errors or warnings.
- The provided configuration "Storage RemovableDiskDenyWriteAccess 0 1 device 83AF4780-92A8-44A1-9EFD-63B38B2173C6=1" indicates that the policy is enabled (value 1) for the specific device ID.
- Verify that the same configuration is present on the non-working devices. If it's missing or has a different value, it could explain why the policy is not effective on those devices.