I am looking for the easiest solution to this problem. I have an NT domain running currently. I need the easiest way to create a profile (either on the domain or locally) that will totally lock out the computers usage except for one icon which is to remain on the desktop. Basically, once the user logs into the PC (using a predefined user login), the only thing that should appear on the desktop is one icon from a third party software company. The start button can be visible as they will need to use it to log out, but I do not want to see any of the programs listed (i.e. no "run", "Help", etc.). Also, the pc is currently internet enabled and needs to remain this way to support the third party software, so I need to make sure they cant even launch the browser. This is not a major problem since I am just waiting for the network security people to configure a profile, but I am inpatient and hate to wait, so I would like to do it myself. Any help that can be provided would be appreciated.