We are using KES 11.0.1.90 with KSC 10 and the Device Control functions to disable optical disc drives. In the past some USB devices create a virtual CD-ROM device to serve installers and drivers and adding them to the trusted devices list has always allowed them full function. This also lets us allow specific people access to specific devices without issue.
One of our departments wants to use a few hardware encrypted flash drives, Kingston IronKey D300 specifically, to transfer some internal data. This device mounts a small virtual CD-ROM and a flash drive as two separate drive letters. The unlocking software is contained on this small virtual disc, and without running it, the drive is unusable.
Adding the device to the trusted devices list allows the virtual CD-ROM device to mount and even allows me to browse its files, but when I run the unlock software, the splash screen shows then the program silently closes.
Running this unlock program on a computer with optical drives unrestricted allows full normal operation, and allowing all optical drives on the initial computer also allows it to run without issue. While the virtual CD-ROM is trusted but not working, the autorun.ini file does not process properly, as the drive letter icon remains default. While functioning properly it shows a custom drive icon applied by the autorun.inf.
I can't see any other devices added outside of the virtual CD and base storage device, and I haven't been able to find anything in the system logs nor in the KSC Event logs being blocked when it fails. Am I missing something, or is this a compatibility issue with the KES device control driver?