Hyena is designed primarily as an administrative utility, so there aren't any controls with Hyena to limit what a user can do. Permissions are handled by Windows, so if a person can cause problems through Hyena, there are many other methods they can use to do the same. With that in mind you want to make sure you limit what they can do in Windows (Active Directory) and you will be able to control what they can do in Hyena or anything else.

With that said, we do have a feature in Hyena to hide certain fuctionality. To see this go to File->Manage Object View->Nodes. You can disable objects on that dialog, to hide them from the left-hand window. The one limitation is they can go to that same location and enable those objects if they choose. Some options in that case would be to use the Shared Configuration options under Tools->Settings->General, then give those accounts read-only access to that location on a server.