I have a small non-profit office that until recently was all P-T-P. Have purchased a new server running W2K-Server and am hosting the main application from that server. There are about 10 users with a mixed bag of W2k and (mostly) W98 on their desktops. Currently they have user id's & passwords that add the network drives etc. but my problem is folks accessing the desktop by sneaking into offices & hitting ESC to bypass the logon process. I need to restrict this. What's my best approach.