RE: Preventing users from deleting all their files

["AndrewC" <andrew () whirlow plus com>]

First off, what environment are you operating in? I will assume it is
Windows 2000 server/2003 server and XP/2000 workstations?
Also, what files are being deleted? System Files or the Users
work/personal files?
If you are on a domain, make them all power users (or less as
applicable) if they are not already. This will prevent core system file
tampering. You could create a GPO that prevents file deletion to the
level you want or in the areas you want - this is messy though as temp
files need to be deleted when documents being edited (eg in MS Word) are
closed.

ALL user files should be stored on a central server/s and again you
could use GP to ensure they can only save to the relevant server drives.
Also create login scripts (and logoff scripts if required) to map what
part of what drive/folders/files/programs can/cant be accessed and set
file permissions in AD also.

Personally, on our Network we use Novell file servers' (in a 2k/2k03 AD
Forest) which offers a very tightly controlled environment for mapping
drives (Novell login scripts), folders, setting permissions on file
editing, file  read, write, erase, create, File Scan. Modify etc etc

Alternatively you could create an image of the hard drive and re-install
if the workstation gets killed but this is NOT advisable in my book! And
would be VERY time consuming on even a modest amount of machines....not
to mention the dramatic lack of security/monitoring at the root of the
issue.

Hope this is of some use

Regards



Andrew Craig

A+, N+, MCSE, CCNA