This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 2%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
Hey
I've made a separate user account on my laptop. How do i block access from the new account to all the content on my hard drive?
I have Windows 10 Home.
Thanks!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 32%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
It is not possible to block a user account from accessing the hard drive as you cannot have a local profile without one.
You can limit what the user has access to but, again, they need at least read access to the Windows directory where the OS files reside. For most everything else you can remove the read access in the file system. However I suspect you'll need to still give them read access to at least the shared files sitting in the Program Files and Program FIles (x86) folders. Additionally there are going to be other locations they'll need read access to. Personally, if they are just a standard user then Windows should already be reasonably locked down for them. They won't be able to read or modify any data beyond their own and shared data.
To allow a user to only use the web browser then you'll want to use Group Policy Editor to whitelist the allowed program(s) the user can run. In this case just the browser(s) you specify.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 96%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFF%3C/text%3E%3C/svg%3E)
Hi,
Yes, we can do this through the group policy: Prevent access to drives from My Computer.
1, Create the group policy object through MMC.MSC.
2, Apply this GPO only to the new user
3, User Configuration > Administrative Templates > Windows Components > File Explorer
In the right side of the screen, scroll down to find a policy that is called:
Prevent access to drives from My Computer, select restrict all drives.
Refresh the group policy.
Since the drives was restricted for the user, before you configure the Group Policy, you shall complete all installations and settings in C drive or other drives.
Hi,
If this question has any update?
Welcome to share your current situation.
Please feel free to let us know if you need further assistance.
Best Regards,
Hi,
If there are any updates, welcome to share here!
Best Regards,