Windows 11 Kiosk Mode login errors

Question

My apologies upfront for my level of frustration, we've been fighting this for too long. We have a client with 39 systems in full-screen kiosk mode using Microsoft Edge to display a website. The ones running Windows 11 Pro 24H2 have a recurring problem fighting off the unwanted bloatware Microsoft forces on these systems (honestly, I consider all of it malware since it's unwanted, installed without permission, modifies the system without permission, and causes disruptions in the use of the system). If it's not OneDrive, it's Teams. If it's not Teams, it's PhoneLink. We use PowerShell scripts in a GPO to remove the bloatware, but since kiosk mode runs using a local account the Domain GPO doesn't work. Startup scripts on the local system won't work either since apparently they can't remove Store software from accounts that aren't logged in, but of course kiosk mode logins can't run scripts either, for obvious reasons. We get this very unprofessional message after just about every Windows Update:

Last month it was "Mobile Devices" added to the startup options for the user (PhoneLink was previously disabled and removed using Get-AppxPackage -allusers Microsoft.YourPhone | Remove-AppxPackage). It's beyond ridiculous that Microsoft does this (NO, I'm not going to tell the customer to buy Windows Enterprise to run their Kiosks, I'll install Ubuntu and run it in kiosk mode before I'll ever consider that).

I've taken systems, wiped them, removed all partitions, and reinstalled a clean version of Windows 11 Pro 24H2 using the ISO on microsoft.com. I then setup kiosk mode without doing anything else to the system, letting Windows create the local account, and it will, 100% of the time, return with this error after the system is allowed to fully update. Take the system out of kiosk mode, log in as the kiosk user, remove all the bloatware, reboot, put the system back in kiosk mode using the same user, and the popup goes away, for a month, until Microsoft installs their monthly updates which apparently reinstalls or reenables their bloatware. Again, this happens regardless of the domain-joined state or whether I create the local account to use or if I let the OS create the user as part of setting up the kiosk.

Question: Has anyone found a way to reliably use Windows 11 Pro (any build) in full-screen kiosk mode without Microsoft attempting to load their bloatware even though Microsoft knows user has no rights to load it?

BTW, setting this does NOT stop PhoneExperienceHost.exe from trying to run: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System] "EnableMmx"=dword:00000000

It's important to note, this does NOT happen with fully updated Windows 10 Pro 22H2. There are about 25 Win10 Pro 22H2 systems that are going to Ubuntu next year and if I can't find a solution for Win11 Pro they're going too. All future PCs bought for their kiosks will come with Ubuntu or no OS on them rather than Windows if that's what it takes. I just can't believe that Microsoft has Kiosk mode but has no clue that their bloatware causes so many issues.

Thanks...

Answer 1

I'm really sorry to hear about the frustration you've been dealing with. It sounds incredibly challenging, especially given how persistent these issues are. I can understand why you're considering alternatives like Ubuntu.

Here are a few suggestions that might help:

1. Win11Debloat Script: There's a PowerShell script called Win11Debloat that can remove pre-installed apps and disable telemetry. It's designed to be easy to use and can handle a lot of the bloatware removal tasks for you. You can find it on GitHub.
2. Group Policy Preferences: While GPOs might not work directly on kiosk mode accounts, you could try using Group Policy Preferences to push scripts or commands to the local accounts. This might help automate the removal of bloatware after updates.
3. Task Scheduler: You could try setting up a task in Task Scheduler to run a PowerShell script that removes bloatware at startup. This might circumvent some of the limitations you're encountering with startup scripts.
4. Third-Party Tools: There are third-party tools like CCleaner that can help clean up unwanted software and improve system performance. These tools might offer additional features that could be useful in managing bloatware.
5. Windows 10 Compatibility: Since you mentioned that Windows 10 Pro 22H2 doesn't have these issues, it might be worth considering sticking with Windows 10 for your kiosk systems if possible.

I hope one of these suggestions helps! If you need more detailed guidance on any of these options, feel free to ask. I'm here to help.

Source 1 : Github Source 2 : Pcworld