If you share your computer with others and you are the primary user, you might want to exercise some control over the tasks other users can perform when logged onto the computer. In a home office where the kids also use the computer, you’re sure to want to apply some restrictions to the actions the kids can take.
Restrictions are easy to achieve in a domain environment because you can apply them on a group or user basis through group policies applied at the domain or organizational unit (OU) level. It isn’t quite as easy without a domain, but it can be done. On a standalone computer in a workgroup, you can ensure different levels of restriction and protection through a handful of different methods, starting with user accounts and groups.
First and foremost, you need to make sure the other users are not using your account. It’s important that each user has a unique account to enable you to apply rights and permissions differently for them. Using unique accounts is also important if you want to audit logon, logoff, resource access, and so on. You can use groups to further segregate permissions and rights if you have many users who work on the same computer. Or create a shared account with the necessary permissions and rights for those users who require the same settings and restrictions.
You create user accounts and groups through the Users and Passwords object in the Control Panel. This object also gives ...