I have a AD environment with desktop restrictions such as hide hard disks, desktop icons using AD GPO and it works fine. When a user logs into the Windows system he cannot access local folders.
I have a custom application which has the provision to export logs to local drive. From this application I can access all the local dirves. Also when I select browse option (within this application while exporting logs), I can open the folder as “Open in new Window” from here I can acces everything such as control panel etc.
Now I need to prevent this access from this custom application as well. How can I achieve this?