I am in a organization that has chosen to utilize the RemovableStorageDevices registry key to lock down access to removable media. What we have seen and a few other organizations have seen is that this breaks Windows 2008 Servers, and suspect that it breaks Vista machines as well if the following actions are performed as well. In my organization the problem is realized when a additional hard drive is added, in another organization I have spoken to the problem is realized when adding another SCSI controller. The exact key that is breaking the virtual machines is:
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{6AC27878-A6FA-4155-BA85-F98F491D4F33}
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE}
Information:
These keys do not exist unless manually created or set via local/group policy. When utilized and a hard drive is added and the VM is rebooted the system will never come back up, and will not boot up enough to get into safemode. The work around that we have found is to totally delete the keys and rapidly add the hard drive or SCSI controller. We have tested this on normal W2K8 image that has not had the DISA stigs applied and the problem is not realized. Due to this we believe that a secondary setting, which is mandated by the STIG, causes the VM's to totally go down.
Please provide advise!!!!