I'm using Active Dir. on Win 2003 Server. When I add a new user to the domain, the new user is automatically added to group Domain Users. I've discovered that any users in Domain Users have access to the C: drive on every domain PC. If the user is removed from Domain Users (after adding Domain Guest as the primary), he/she no longer can access the shared hard drives. It seems to me that Domain Users have rights similar to Administrators. Is this true? Can Domain Users rights be changed? Thanks!