You know, I thought about what you wrote here, and decided to make some changes. I added a user account that had full administrative rights. I then changed my user account to "restricted". Guess what. I could no longer print to my printer when logged in on my account. The printer works fine though in the new administrator account I opened.
I thought I'd change my personal account to "standard" instead of "restricted". Can't do that. There is no option for a Group name named "standard". "Administrator" and "Restricted" are the only two groups to which I can add new users.
So, I'm back to square one. I system restored to where I was before making the changes. If you have any suggestions on how to get around such issues I'd really appreciate hearing them (I've been all over the place online but searches don't address this specific matter...that I can find). But you really came across with some criticism ("If it is too inconvenient for you..." or "...and don't care about the info it contains getting into the wrong hands"...). And here I try to take your opinion constructively and it gets me nowhere; well, worse than nowhere.
I'd say thanks, but I'm not sure for what. But I will say, be careful of what you recommend so blithely. You can potentially wreak havoc without intending to. Fortunately, I didn't let it get away from me.
Since you changed the rights of the owner account (the one you created when the system was new), then the rights enjoyed by said account no longer apply since the resources (like printers) were set up with your account in mind. You essentially locked yourself out.
Now, since you changed your "owner" account back, everything works fine.
Administering a system is not trivial (I started in 1985 with NetWare), and I did not mean to imply that it was, nor was I going to be able to explain it to you in the confines of the thread.
I'm sorry for your temporary troubles but you did very well in creating a user with admin rights. You created a "back door"!
The basic premise of my threads was to get you to think about, and RESEARCH, for yourself, the ins and outs of a multi-user system and the security of said system. And whether or not multiple users use your particular system (individually or at the same time), or it's just you, it is still a multi-user system and the ACl still applies.
In XP and below (don't ask me about Vista) you have, via the control panel applet "Users & Groups" to create users AND groups. You can create any damn groups you want to and add any or all users to said group(s). And you can then tell the various resources on your system (files, directories, printers etc.,) that certain users and or groups have the right to use, read, write, delete, modify, control... whatever said resource.
So take one of your newly created accounts, make it a restricted account, and then find your printer in control panel and right click on it and go into properties and look for "sharing". In there you will be able to select users and or groups that can access said resource, and to what degree. You can also do that with your home directory or sub-directories therein. Windows, Documents and settings (if memory serves) In linux it's /home; NetWare \USERS
So find your current account directory and right click on a directory or "Folder" and goto properties and find "sharing" Give the restricted account rights said directory (or file or whatever), then log in as that account and access the resource you gave it permission to access.
Se what happens. Play around with it. I would also suggest looking into either online or at Borders, a book or tutorial on basic Windows system administration for a multi-user system.
The lessons/concepts you learn there will carry over to just about any and all systems you are likely to encounter. The specifics of how its done may differ from system to system, but the concepts are pretty much universal.
And they're "Best Practices"!
So great job on thinking about it, trying it, and then reporting back on how it didn't work. You're now way further along than the vast majority of Windows users.
Once you've researched and played around with it more, you will come to understand why us old SysAdmins get our knickers in a twist over this issue with the uninitiated.
Welcome to reality. Security is a pain in the butt. Yes if you run under a user with non-administrative privileges you have to spend some time tweaking the permissions so you can do stuff like access printers (that’s what you need to do with your restricted account, give it permission on the printer, probably in the printer properties or printer share). And you have to do things like login as a different account to run installs. Of course on the other side of it you don’t have permission to accidentally install viruses, and you probably don’t have permissions for trap websites to plant spyware.
Security in computers is just like security in the real world. Annoying but necessary. If you lock a door you can’t get back through without a key. If you lock the registry you can’t get in without the right account. If you’re going to run wide open (logged in as admin) you need to be careful, and lucky.