per il primo quesito usa SRP Software Restriction Policies:
Software Restriction Policies (SRP)
What about the Software Restriction Policies (SRPs) available in Win2K3 Server and Windows XP? At first, SRPs appear to be identical to
Simplify Lockdown: they prevent applications from running if those applications are on a black or white list. By creating rules for users and computers, you can prevent unwanted applications from executing--even
viruses. So long as an application’s location does not change (for path rules) or its hash signature does not change (for hash rules), it will be prevented from launching from any part of Windows.
Although SRPs are an improvement over previous group policy versions, they still have their failings. Like the group policies before them, these policies apply only to either the
Terminal Servers themselves or the people logging on to them--you can’t restrict applications within a terminal session based on what terminal someone’s using to connect to the server. SRPs also
do not remove disallowed icons from
a user’s desktop, they will only display an error message if a user tries to run it, which will only confuse and frustrate the user.
ref: http://amnesia.tricerat.com/group_policy
per il secondo quesito definisci il path documents per ciascn utente nelle proprietà dell'account utente ed usa le acl per bloccare accessi ad altre cartelle
per il quesito sulla posta devi verificare se Thunderbird dispone di un tool di deployment.
ciao.
Edoardo Benussi
Microsoft MVP - Management Infrastructure
edo[at]mvps[dot]org
