Ok, I'm not sure if this is the right forum for this question, so if it's not I apologize in advance. I just installed W2K (whew!). I added a few user accounts and I made them part of either the guest group or the restricted user group(I wanted to test the diff)I did this for my sons because they are just getting too dangerous with computers and I want to protect my system. Anyway, I logged in under my son's account and I was able to delete system files. I had full administrative access!!! What am I doing wrong? Do I have to have a server to be able to limit user access???? Does this have to be set up somewhere other than on the local computer domain? Thanks Judy

You need to go to user-passwords and take his logon name off administrator rights and give him less access. Also keep in mind all guest accounts will vanish every 24 hours. So any settings you have made with a guest account will be lost in 24 hours from the time you created it. The guest account will have to be created again......and all settings on the previous guest account will not be available. Also set a password for Administrator that only you know.......otherwise he could logon as administrator and have full access. Keep in mind each user in will have there own programs that only they have access to.........and will not be able to access some programs you installed under your username. Essentially each user has his own copy of the registry.........some programs will be available to all users and some just to the user that installed the program. Do a search on Usernames and passwords on google and do some research......you can save yourself some headaches is you have a good idea how the security works. Plus you could lock yourself out of your own computer and have to reinstall everything. Keep in mind also if you create a set of the 4 setup disks..........the administrator password that is in use when you create them will be the one you will need to access the console or command line. Unless you download the bootdisks from www.bootdisk.com and use those........they need no password to access the command line. Windows 2000 is based on access rights....unlike Window 9x which doenst care. So you have to be careful how you setup user accounts and keep track of the passwords etc. If you son losses his username info......you can always logon as administrator and change his user name or password.

Hmmm If I go to the C: drive on my computer at work and I try to delete anything in it (ie. files, folders, etc) it says I do not have enough rights to perform that operation...or something to that affect. We do have a server at work and I am wondering if that is what its going to take because I cant seem to make the user rights that specific on my computer. I think I will get a book on this but right now, I don't have much hope.

Hmmm...... First of all...check if you have the win2k instalation on an ntfs partition. If you install it on a fat32 partition, the user permission will not work correctly (meaning I can still see and delete the file that I like). If it is on ntfs, then right click on the respected folders that you want to protect and click in the sharing option. From the user's list, remove any non relevant user that you do not want access to the folders. If it is not on ntfs, then I guess you'll have to change the file system from fat32 to ntfs.