I've created a kiosk application installer that works perfectly fine when I run it locally, but I'm having trouble getting it to run remotely. The installer creates a local 'Kiosk' account with a random 20-character password (that has problem characters not in the valid character set). After that, it launches an executable as the local Kiosk account to create and load its user registry hive, and finally, it edits the Kiosk registry hive to apply a local group policy.
While everything works seamlessly on the target PC, I would prefer not to use Remote Desktop (RDP) for the installation and instead would like to push it silently. Although using Invoke-Command works for setting up the local Kiosk account, I face an access denied error when I try to load the Kiosk account via Invoke-Command. I've considered using a scheduled task but faced issues there as well. Any suggestions on how to overcome this?
2 Answers
It sounds like you're running into the double hop problem. You might want to explore .NET code for creating a user profile to get around this. Alternatively, using CIM and Win32_Process might be a good route to take since it allows you to create the process without requiring impersonation. I’d suggest going with the first method as it's usually simpler.
Have you considered loading the registry hive directly? You could try using this command to load it:
`reg load HKUkiosk C:Userskioskntuser.dat`
And don’t forget to unload it afterwards:
`$null = REG UNLOAD HKEY_Userskiosk`
Related Questions
How To: Running Codex CLI on Windows with Azure OpenAI
Set Wordpress Featured Image Using Javascript
How To Fix PHP Random Being The Same
Why no WebP Support with Wordpress
Replace Wordpress Cron With Linux Cron
Customize Yoast Canonical URL Programmatically