If you don’t want anyone to be able to change the desktop profile (except temporarily on their own loged workstation) – use mandatory profiles. Simply change your roaming profile “user.dat” to “user.man”. Do that on the server NOT the workstation. Then log each machine on once. You should see user.man in the local copy too. Make the User.man file NTFS read-only for users on the server. The same for the serverside START menu & desktop etc. Not 100% sure you can safely set the serverside profile folder read-only without impact to applications though.
You can of course adminstratively change the desktop by copying the revised desktop profile “user.dat” off a local machine to the server then changing it to “user.man”.
To make the desktop common to multiple users…well simply using the same username at logon will do the job. However if you want to track logons separately etc, you could also simply point all roaming profiles at the same profile directory on the server (no %username% variable – just //profileserver/profile/mandatory for every account) using a template account to create the actual accounts.
Deny My Documents? Well if you do the above with a common mandatory profile for all accounts (or single account) you could redirect the folders to a common server folder and then make it NTFS read only (with text file to say why) or deny all access. I am thinking there might be a GPO setting to remove My Documents as well.