Share via

Allow installation of devices that match any of these device ids GPO Wildcard

Alex Carter 1 Reputation point
2022-01-25T11:48:06.927+00:00

i'm currently creating a company wide GPO to only allow listed hardware IDs to install on client machines.

the trouble with this is the sheer amount of hardware IDs

i've tried using wildcards that are apparently supported but they don't seem to work

e.g
USB\VID_413C&PID_301A&REV_0100 - works fine and lets device install

  • USB\VID_413C&PID_301A*
  • USB\VID_413C&PID_301A&*
  • USB\VID_413C&*

ive tried different ways of displaying the wildcard, like between quotes or apostrophes but nothing. anyone got any tips here?

thanks in advance

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
4,997 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 39,496 Reputation points
    2022-01-25T20:56:10.417+00:00

    Hello @Alex Carter

    Yes you can.

    For Device ID we also we support the use of wildcards "" and "?":
    • Asterisk (    ) means zero or more of any character
    • Question mark (?) means a single character of any value

    Examples:
    • Any USB storage device: USBSTOR*
    • Any USB disk: USBSTOR\DISK*
    • Any USB SanDisk drive: USBSTOR\DISK&VEN_SANDISK*
    • Specific SanDisk device: USBSTOR\DISK&VEN_SANDISK&PROD_CRUZER_MICRO&REV_2033\0002071406&0

    Hope this helps with your query,

    --------
    --If the reply is helpful, please Upvote and Accept as answer--

  2. Mike Nagy, LYME 0 Reputation points
    2024-06-21T16:52:32.9933333+00:00

    I am having the same problem using Local Group Policy Editor setting a policy using Device IdsThis works

    USB\VID_0B95&PID_1790

    This does not

    USB\VID_*

    0 comments