Answered

Explore Westonci.ca, the top Q&A platform where your questions are answered by professionals and enthusiasts alike. Get quick and reliable solutions to your questions from a community of experienced experts on our platform. Our platform provides a seamless experience for finding reliable answers from a network of experienced professionals.

Buddys machine shop has a kiosk computer located in the lobby for customers to use. The kiosk computer has recently been updated to Windows 10 from Windows 7 and is not part of a domain. The local computer policy created for Windows 7 has been applied to Windows 10. This policy severely restricts the use of the computer, so that customers can only use the web browser.
Occasionally, an administrator needs to sign in to the kiosk computer to perform maintenance and update software. However, this is awkward because the administrator needs to disable settings in local policy be performing any task. Then, when the tasks are complete, the administrator needs to re-enable the settings in the local policy. Explain how this system can be improved upon.

Sagot :

Talanat
If your PC's are in an Active Directory domain, you can leverage Active Directory Group Policies to deploy the appropriate settings. Be sure to include the below settings in your Group Policy for the user accounts and workstations that will be running as a Kiosk. After creating this Group Policy, you can test by running gpupdate /force and then restarting the PC.

User Configuration
Administrative Templates
Start Menu and Taskbar
Change Start Menu power button (enabled) - set to "Lock" (I know this sounds weird, but Windows 7 won't completely disable Logoff if the Start Menu power button is defaulting to the Logoff action).
Remove Logoff on the Start Menu (enabled)
Remove and prevent access to the Shut Down, Restart, Sleep and Hibernate commands (enabled)
System
Ctrl+Alt+Del Options
Remove Lock Computer (enabled)
Remove Logoff (enabled)
Computer Configuration
Administrative Templates
System
Logon
Hide entry points for Fast User Switching (enabled)
For Windows PCs not in a Domain Environment

If your PC's are not in an Active Directory domain, then you'll need to make the below changes manually at each Kiosk PC. Note that you may be able to automate the changes via the use of operating system imaging tools and local mandatory user profiles - leave a comment below if you have interest in those steps.

Login at each Kiosk PC using a user account that will ultimately be used to run the Kiosk desktop applications.
Launch the Windows Registry Editor (REGEDIT.EXE) and make the following changes to the registry (note that you may need to temporarily grant local Administrative access to your Kiosk user account to do this if it is already in a very locked down state)
HKEY_CURRENT_USER
SOFTWARE
Microsoft
Windows
CurrentVersion
Policies
Explorer
Thank you for visiting our platform. We hope you found the answers you were looking for. Come back anytime you need more information. We appreciate your visit. Our platform is always here to offer accurate and reliable answers. Return anytime. We're glad you visited Westonci.ca. Return anytime for updated answers from our knowledgeable team.