Win7 second-user (account) permissions trouble

#1
Hi,
I have this problem of which I couldnt figure the solution on my own.

I am using Win7 Home 64 and I have created second user account on it.

My goal is basically to restrict this account from any access besides Program Files Windows folder and his user profile (C:\Users\SecondUser\..)

I achieved most of it by denying "List folder contents" permission for that particular user on all drives.

Problem is that if I use this on a system (C:\) and second user logs in and wants to (for example) copy something on a desktop or work in Office, it doesnt work properply (C:\ being inaccessible), apparently because Windows/Office need to write temp files to a C:\ (root) all the time, even though you copy/rename/modify files within permission area only (user's profile dir).

What I need to know is how to restrict user/account from listing/reading C:\ (root including subfolders) but be able to write/delete this temporary folders/files so it will work as required.

Maybe there is some other way around it. I would like to know, anyway that works. Thank you.
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.