Need to create local Windows self-help account (kiosk)

djoye

djoye

2[H]4U
Joined
Aug 31, 2004
Messages
3,116
I need to create a Windows account (can be local (preferred) or domain) that just launches a web browser so that users can access self-help. I've seen Windows machines where a domain user could login but there was also a self-help account that just launched a web browser, I assume it's called a 'kiosk account', but I don't find any obvious instructions when searching those terms. I see some Windows 10 instructions, so I'll try those, but I'm going to need this for Windows 7 as well. I'll start figuring this out on my own once I get back to work, but I'm fishing for some answers here since Google didn't turn up anything.

From my current research, it's looking like I'll need additional software to accomplish what I want, I see GPOs mentioned, so could I possibly make a domain account that is heavily restricted for this purpose? I'd rather not create a domain account and I'd rather not buy any additional software, but I don't know what my limitations are just yet. I really don't see why I can't create a local user, hide the Windows UI/shell, then just launch Internet Explorer on login; could probably create a PowerShell script to launch IE, wait, then run a logoff command when the IE process closes.

Any input is appreciated, just brainstorming ahead of time.
 
MInd as well use the guest account

windows explorer startup, really don't feel like doing the whole thing, just got off work.

win 10 powershell code -------------

$Target = "iexplore.exe" while ($Process.Count -lt 1){ Start-Process $Target -ArgumentList "-k" -Wait Start-Sleep -Seconds 3 $Process = Get-Process | Where-Object { $_.ProcessName -eq $Target } }

END ----------------------------------
 
Last edited:
  • Like
Reactions: djoye
like this
You're a brave man if you're going to leave Windows workstations accessible to public. You better isolate that network well :D
 
B00nie said:
You're a brave man if you're going to leave Windows workstations accessible to public. You better isolate that network well :D
Click to expand...
These are workstations onside of our office, not actual public kiosks out in some place like a mall or airport. I've seen these accounts used in other large businesses, basically, users have the ability to log into an unsecured Windows user account on the computer so that they can submit a trouble ticket. This account launches a single application (not the usual Windows interface) so that the user can complete a form and that's it.
 
djoye said:
These are workstations onside of our office, not actual public kiosks out in some place like a mall or airport. I've seen these accounts used in other large businesses, basically, users have the ability to log into an unsecured Windows user account on the computer so that they can submit a trouble ticket. This account launches a single application (not the usual Windows interface) so that the user can complete a form and that's it.
Click to expand...

Funny that you should pay Microsoft for doing such a trivial task on a computer. But I digress.
 
B00nie said:
Funny that you should pay Microsoft for doing such a trivial task on a computer. But I digress.
Click to expand...
These computers are in an office and used daily by the users at their desks. The users have an Active Directory domain user account that they use to log into their Windows computer. Sometimes the users forget their password or lock their account after too many bad password attempts and are then unable to login to Windows. The point of the local kiosk account is to allow the user to switch to the kiosk account to launch a self-help tool to recover their domain user account, log out of the kiosk account, then back into their Windows domain user account. Just like recovering login information to a website, except at the Windows login screen.
 
You must log in or register to reply here.
Back
Top