How do I solve this user AD access

[Vans]

we are employing one user who will have email and access to one folder on the network.

She will be able to browse this one folder but all other folders in the directory I want to deny her access to.

Within AD do I create another group with just her in? If so how do I force it so that she has access to no folders by default unless I specify otherwise.

Usually its access to all folders unless otherwise specified which is why I'm asking.

 

[walnuts]

If the other folders have "everyone" group then your going to have a hard time denying her access to other folders.

If she only requires access to one folder I would setup access straight to that folder using login script so she doesn't have to browse folders.