We are currently building a shared workstation that will be going out to the users. These machines are going to auto login. What we want is to lock down the desktop so that it can be seen but the users can not save anything to the desktop. Folder Redirection does not seem to be the best option. What we have done is created a policy that makes the desktop read only. What I am not seeing is what happens when this machine gets moved out of the restrictive OU and to a less restrictive
area. What will the security settings do when it gets moved? How can we get it to go back to default.
"You can't fix stupid!"