Disable and Enable USB Storage acces

Step 1: Enable Group Policy Auditing

· Launch the 'Server Manager'and open the Group Policy Management Console(GPMC).

· In the left pane, expand the 'Forest'and 'Domains' nodes to reveal the specified domain you want to track the changes for.

· Expand the domain a right click 'Default Domain Policy'.You can also choose a domain policy that is universal throughout the domain, or create a new GPO and link it to the Default Domain Policy.

· Click on 'Edit' of the desired group policy, to open up the Group Policy Management Editor.

· Expand 'Computer Configuration'-->Policies-->Windows Settings-->Administrative Templates-->System-->Removable Storage Access.

Double click the All Removable Storage classes: Deny all access policy. Select Enabled and click OK.

1. Close the Group Policy Editor

2. Restart the computer to apply the changes.

2. Disable Usb Drives in Registry Editor

This method works in all editions of running Windows 10, and it disconnects only USB drives, without affecting the mouse, keyboard, and printer connected via USB. Before editing the registry, it is recommended to create a system restore point.

Open Windows registry editor: in the search bar or in the menu to execute (run with the Win + R keys) enter the regedit command and press the Enter key.

How to use a Group Policy Object to block access to USB storage devices

In the modern workplace, just about every member of staff owns and uses at least one USB storage device. (In this article, “USB storage device” refers to any USB device that can store data, including, but not limited to, flash drives, external hard drives, smartphones, tablets, portable gaming devices, cameras and MP3 players).

However, the portability and widespread adoption of USB storage devices pose a significant security threat. For example, an employee could inadvertently connect an infected device to an endpoint, which may result in malware spreading to the company’s network. Alternatively, USB storage devices may be used to exfiltrate sensitive information or install unauthorized applications, which could lead to further security concerns.

Thankfully, Microsoft has made it relatively simple to block the use of unauthorized USB storage devices. In this article, we’ll show you the exact steps to disable USB storage devices using a Group Policy Object (GPO).

Note: To restrict access to external drives with a GPO, you need to be running Windows Server 2008 (or newer); on desktops, you need Windows Vista or newer. Older versions of Windows and Windows Server will need to use third-party tools to block access to external media, which are not covered in this article.

Apply a GPO to an organizational unit

Open the Group Policy Management Console (gpmc.msc).
Right-click on the organizational unit (OU) you want to apply the policy to and click Create a GPO in this domain, and Link it here.
Enter a name for the policy (e.g. Block USB Devices) and click OK.
In the Linked Group Policy Objects tab, right-click the policy you created in Step 4 and click Edit.
Navigate through the console tree to Computer Configuration > Policies > Administrative Templates > System > Removable Storage Access.
In the Removable Storage Access section, you’ll find a number of policies for a variety of storage devices. Policies include:
- CD and DVD: Deny execute access.
- CD and DVD: Deny read access.
- CD and DVD: Deny write access.
- Custom Classes: Deny read access.
- Custom Classes: Deny write access.
- Floppy Drives: Deny execute access.
- Floppy Drives: Deny read access.
- Floppy Drives: Deny write access.
- Removable Disks: Deny execute access.
- Removable Disks: Deny read access.
- Removable Disks: Deny write access.
- All Removable Storage classes: Deny all access.
- All Removable Storage: Allow direct access in remote sessions.
- Tape Drives: Deny execute access.
- Tape Drives: Deny read access.
- Tape Drives: Deny write access.
- WPD Devices: Deny read access.
- WPD Devices: Deny write access.
To deny access to all storage devices, double click All Removable Storage classes: Deny all access, tick Enabled and click OK. Once this policy is enabled, the system will detect when a USB storage device is connected and display an error message stating that the drive is not accessible and access is denied.

Apply a GPO to specific users

In the previous section, we blocked access to all removable media for all users within the selected OU. However, there are often situations where you’ll want to apply a GPO only to a specific group or groups. To do so:

Open the Group Policy Management Console.
In the navigation pane, find and select the GPO.
Click the Delegation tab.
Click Advanced.
Select Authenticated Users.
Scroll down to the Apply group policy permission and untick Allow.
Click Add, enter the name of the group you wish to apply the policy to and click OK.
Select the group you added in Step 7, scroll down the permission list to Apply group policy and tick Allow. The GPO will now only be applied to users who are in this group.

Exempt a group from a GPO

In other situations, you may wish to apply a GPO to an OU but still allow certain users (such as administrators) to be able to access USB storage devices. To do so:

Open the Group Policy Management Console.
In the navigation pane, find and select the GPO.
Click the Delegation tab.
Click Advanced.
Click Add, enter the name of the group you wish to exempt from the policy and click OK.
Select the group you added in Step 5, scroll down to the Apply group policy permission and tick Deny.
Click OK, and then click Yes if prompted by the Windows Security dialog box. The GPO will now not apply to users in this group.

DSC Errors and fix

Open a new tab and Type https://localhost:8020 and press enter

Ubuntu Printer instalation

Install HP LaserJet P1108 printer in Debian and Ubuntu

You can find that HP LaserJet P1108 does not work simply adding the printer with Ubuntu 16.04 and Debian 8. Installation of HP driver fails to install plugin file. You will get following error message

Install HP Printer packages

sudo apt-get install hplip hplip-gui

Check the version of hplip

dpkg -l hplip

Note down the version number. Download and install missing plugins match with the hplip version from the following link (The version number of the plugin should be same as hplip.)

https://www.openprinting.org/download/printdriver/auxfiles/HP/plugins/

The following command will install the plugin (give the exact name of the plugin)

sudo sh hplip-3.15.2-plugin.run

Run the following command to configure the printer.

hp-setup -i

User settings,

sudo adduser vimal lp

sudo adduser vimal lpadmin

Replace vimal with your user name.

The user can access further Printer settings in the following link in a browser;

http://localhost:631/

References

https://bugs.launchpad.net/ubuntu/+source/hplip/+bug/1476011

http://hplipopensource.com/node/306

Activate windows 10 and 11

EPFO DSC signing tool instalation

Java Download link

EPFO signer tool

If you are also not able to use your digital signature in EPF employer portal or software updating DSC details, then go through it carefully step by step to know how to use digital signature for PF effectively. Read the steps. So that you can easily approve KYC details of your employees.

Digital Signature Certificate (DSC)

What is Digital Signature Certificate (DSC)

A Digital Signature Certificate is a digital version of a paper certificate. It is used electronically to prove one’s identity, to access information or services on the Internet, or to digitally sign certain documents.

This certificate is used for e-filing of income tax return, GST e-filing, government online tendering etc.

What is Full Form of DSC

The full form of DSC is Digital Signature Certificate. DSC is a protected digital key provided by Certifying Authorities to verify and confirm the identity of the person holding such certificate. Public key authentication is used to create a digital signature.

DSC contains information about the user’s profile, pin code, country, email address, date of issue of the certificate and the name of the certifying authority.

New Update For DSC (Approved Only a Few Seconds)

A plugin has been made available by the government so that you will be able to get your dsc approved in a few seconds, then step-by-step process is given below.

Download

Download facility is available below in this article, wherever Digital Signature Service-based Digital Signature has been enabled, the link to download the same will be provided on the relevant screen.
The utility (EPFO_DSC_Signer_1.0.0.exe) can also be downloaded from the link given on the Unified Portal.

INSTALLATION

The Digital Signing Service utility has to be one time downloaded and installed on the client machine from which the Digital Signing is to be performed for facilities provided in the Unified Portal application for EPFO.
1. Double-click on the downloaded executable file to initiate the installation process. The digital signer Service setup wizard will be displayed, click on Next to continue.

2. On some PCs below warning may be shown. Click on More info

3. Click on Run anyway to continue with the installation process

4. To proceed further you will have to agree and accept the terms and conditions by selecting the I accept the agreement and then click on Next.

5. Select the directory for installation and click on Next.

6. To create a desktop icon and include the service in start menu click Next. It is recommended.

7. Select the folder for start menu shortcut

8. The application will start installing on your system.

9. Click on Finish to end the setup wizard. Icon for DSC utility will be created on desktop and start menu.

10. Double click on DSC Service icon to run the signing service. Now you are ready to sign.

BROWSER

Check whether the certificate is already imported into your browser post installation. To verify the same please follow the below process.

MOZILLA FIREFOX

· Go to Mozilla Firefox browser settings.

· Click on Privacy & Security option.

· Click on View Certificates button.

· Click on Import to import DSC certificate.

· Select the certificate from the installation directory of the digital signing service utility (e.g C:\Program Files (x86)\DSC Service\1.0.0)

· Select Trust the CA to identify website option and click on OK.

Now, your Mozilla Firefox is ready for digitally signature.

System Requirements for EPFO Digital Signature

In order to use digital signature for EPF (Employee Provident Fund) transactions, the following system requirements must be met:

Operating System: Windows 7, 8, 8.1, 10 (32-bit or 64-bit) or Linux (Ubuntu 14.04, 16.04, 18.04)

Java Version	Java SE 15.0.1
Mozilla Firefox	Version 48
EPFO_DSC_Signer_1.0.0.exe	Click Here
EPFO_DSC_Sign_pdf	Click Here

Note: If you are still facing any problems, then you can mail us, and I will do it for free.

Step 1. If you already have updated Java and Mozilla installed then that software has to be uninstalled first.

Step 2. After that you install this software by clicking on my given link

Step 3. If you are a Mozilla Firefox user then you need to install version Firefox 48.

Step 4. If you use other versions, then they don’t support Java and you will get the following errors.

Step 5. You will get the download in Mozilla zip file which you have to unzip.

Step 6. As soon as it is unzipped, then you will find a folder named bin in it, in which you will get the setup of Firefox, which you have to run.

Step 7. You need to install Java before opening the setup.

Step 8. You can download both the applications from the link given by me.

Step 9. Digital Signature Certificate: Class 2 or Class 3 digital signature certificate issued by a licensed Certifying Authority (CA)

Step 10. Hardware Token: USB token or Smart Card Reader for storing and accessing the digital signature certificate.

Step 11. Internet Connection: High-speed internet connection with at least 512 Kbps bandwidth

Now after restarting the system at last, you can upload the digital signature on any other government website.

Note: It is important to ensure that the system requirements are met before using digital signature for EPF transactions to avoid any technical issues or errors.