OK, so you have been poking around Group Policies and want to hide drive letters for certain users but have found the choices available to you are too limited. Well my friend you have come to the right place.
You CAN use the GPO. You simply need to either write your own ADM file or edit the standard system.adm.
How It Works
Picture a line of the alphabet starting with Z and ending with A ZYXWVUTSRQPONMLKJIHGFEDCBA
Each drive letter is assigned a number based on binary location. A=1, B=2, C=4, D=8 etc.
To block any drive letter you need to tell the GPO the value for that drives letter. To block multiple drives, add the values of those drives together.
Examples: Block A & D = 9 Block A & C & D = 13
You can use the following chart to figure out the values you need.
A 1 B 2 C 4 D 8 E 16 F 32 G 64 H 128 I 256 J 512 K 1024 L 2048 M 4096 N 8192 O 16384 P 32768 Q 65536 R 131072 S 262144 T 524288 U 1048576 V 2097152 W 4194304 X 8388608 Y 16777216 Z 33554432 ALL 67108863
The Administrative Template
Here is an example ADM file that you can edit. ADM files are just text files, use notepad to modify them to ensure you don't get any formatting or control codes that you would with a more robust word processor.
Add entries to both the itemlist and the strings section. Save the file as HideDrives.adm and place in your server's Windows\Inf folder. Then in your GPO right click Administrative Templates. Select Add Template and select your HideDrives.ADM file.
PART !!HideDrivesDropdown DROPDOWNLIST NOSORT REQUIRED VALUENAME "NoDrives" ITEMLIST NAME !!ABOnly VALUE NUMERIC 3 NAME !!COnly VALUE NUMERIC 4 NAME !!DOnly VALUE NUMERIC 8 NAME !!ABConly VALUE NUMERIC 7 NAME !!ABCDOnly VALUE NUMERIC 15 NAME !!HideACE VALUE NUMERIC 21 NAME !!HideCE VALUE NUMERIC 20 NAME !!HideCDE VALUE NUMERIC 28 NAME !!HideACEF VALUE NUMERIC 53 NAME !!HideCEF VALUE NUMERIC 52 NAME !!ALLDrives VALUE NUMERIC 67108863 DEFAULT NAME !!RestNoDrives VALUE NUMERIC 0 END ITEMLIST END PART END POLICY
[strings] Blank=" " ABCDOnly="Restrict A, B, C and D drives only" ABConly="Restrict A, B and C drives only" ABOnly="Restrict A and B drives only" ALLDrives="Restrict all drives" COnly="Restrict C drive only" DOnly="Restrict D drive only" HideACEF="Restrict A,C,E and F drives only" HideCDE="Restrict C, D and E drives only" HideACE="Restrict A, C and E drives only" HideCE="Restrict C and E drives only" HideCEF="Restrict C, E and F drives only" HideDrives="Hide Drives" HideDrivesDropdown="Hide Drives Selection" MoveProfile="Move Profiles" MoveProfileDropdown="Move User Profile Location" MOVEPROFILETOD="Move Profile to D Drive" RestNoDrives="Restore Drives"