I believe it would be hard to enforce this for someone that has physical
access to the system, but what you can do is to restrict what drives the
user will see in "my computer" by setting the option
user configuration->Administrative Templates->Windows Explorer->Prevent
Access to drives in My Computer and only allow users to see C: any any
mapped network drives. This is not a "hard enforcement" since users will
still be able to access content on other drives if the type in the path
through "start->Run", and the only way to prevent this is through NTFS,
which obviously is hard to control on a harddrive someone else has attached.
So if this is a security requirement, I would recommend that you physically
secure access to the workstation, and make sure that the PC is not allowed
to boot from floppy.
Good luck
Niclas Lindblom
