I wrote this to help a colleague at another school who had students saving games to the C drive of PCs.
PROBLEM: When using Group Policies with ZENworks and Windows XP you may find users are able to create folders and files in root of C:. This is due to the change in default security settings for drives on Windows XP from 2000.
You need to use the Security Template editor to create a template restricting rights to the C: drive and deploy it with your group policies. The same procedure can be used to create a Security Template for use with Active Directory.
I recommend going into Advanced and removing the two entries for Users allowing them to Create Folders and Create Files. This will prevent students and users creating files on C: drive.
You can create similar entries for other folders such as program files, etc. You can also allow students access to folders if required by certain programs or groups. Remember under Novell, because computers are not part of domain you cannot use items you have added such as groups or individual users.
Multiple Security Templates can be created for different machines.
We allow staff to create files on C: (mainly to keep personal photos and music off network) so we have separate Security Template for Staff and Student PCs.