Need a BLANK Start Menu for Windows 11 Edu. 24H2

Hoyt_1911A1 · 2024-12-12T18:40:38.972Z

Howdy all,

First time posting here so I hope I don’t cause too much trouble.

I work for a small school system with VERY limited I.T. staff and knowledge. The powers that be will not hire qualified personnel so guys like me have to try to use duct tape and bailing wire to keep things working. The one guy that sort of knew a lot of what I am trying to do was “retired”. I am a low level technician that has been asked to look into rolling out Windows 11 (I have built our images for a few years now).

With that out of the way I’ll describe what I have been tasked to do. We have very limited Windows usage here (most everything is Chrome OS now) but have a few select areas where Windows will remain. Currently on our Windows 10 Education workstations we have Desktop, Documents, and Downloads redirected to our file servers and BLANK start menus (XML file redirection). Nothing on them except for the power button and user icon for shutting down and logging off. We only want users launching applications that we have placed shortcuts to on these read only redirected Desktops. I have been instructed to keep this scenario with Windows 11 Education. We do not use Intune or any type of cloud management, just Group Policy from the AD servers. I’m not against creating a custom list of pinned apps but that is a luxury for another day.

I have been able to clean off the “Recommended” and “All Apps” (Start Menu) sections with Group Policy. It seems that it is impossible to remove the “Pinned” section using GP. I have looked into several of the hacks on this site and others but it appears that they have been broken with 24H2. Has anyone found a way to accomplish what I am looking for? I thought about just blocking some of the pins with GP but 24H2 just seems to ignore those settings. For example we have had Microsoft Store blocked with GP since we went to Windows 10 but when I log in as a student or teacher on Win 11 24H2 it is there plain as day and I can open it up and start browsing around.

Thanks in advance for your time and patience.

it-monkey-mike · 2024-12-12T19:39:47.482Z

If your endpoints are running the Education version of Windows 11 you should still be able to blank your start menu & remove the windows store app via GP (Windows Pro will ignore many settings).

Windows Store App = Computer Configuration → Policies → Administrative Templates → Windows Components → Store → Turn off the store application = enabled

Blank the start menu (remove pinned apps): I don’t remember exactly which setting it was (I turned it on accidentally when I was creating my lockdown GPO for Windows 11 and then turned it off), but I believe it is within User Configuration → Policies → Administrative Templates → Start Menu and Taskbar → look for prevent pinning or do not allow pinning. That clears the pins from the taskbar at least.

charlesv · 2024-12-12T19:48:12.612Z

I’ve been meaning to learn the new way to customize the default profile in Windows 11, but I’ve only gotten as far as bookmarking this page: Customize The Start Layout For Managed Windows Devices | Microsoft Learn
You may want to do this on your base image/s. I was in a similar position when Windows 10 rolled out, managing a couple student labs and the faculty machines so we had a couple different images and customizing the default profiles was a huge time saver.

randomparts · 2024-12-12T19:56:45.424Z

I’ve used this with Windows 10 to customize the start menu and taskbar so anyone who logged on, got the same stuff. I don’t know if it’ll work for Windows 11. I haven’t tried it yet.
Start Menu layout customization

For Windows 10 as of 20H2

This will allow you to add or remove shortcuts to everyone’s start menu but still give them the freedom to pin items to the start menu they want. You can also use this to customize the taskbar pins, while still giving users freedom to pin or unpin items.

On a reference computer, setup the start menu and taskbar how you want them to visually look

Run the command in CMD: Export-StartLayout –path C:*filepath*\LayoutModification.xml

The export path can be whatever works best for you but keep the xml file name the same

You can then copy the xml file to the following location

C:\Users\Default\AppData\Local\Microsoft\Windows\Shell

This will mean every user who logs onto the computer will get the same start menu and taskbar layout but also be able to modify it later if they so choose. Users will not get the default Office and Mail apps pinned to their start menu.

Hoyt_1911A1 · 2024-12-12T21:01:34.834Z

IT Monkey Mike:

Windows Store App = Computer Configuration → Policies → Administrative Templates → Windows Components → Store → Turn off the store application = enabled

Thanks for the prompt reply Mike.

This setting: Windows Store App = Computer Configuration → Policies → Administrative Templates → Windows Components → Store → Turn off the store application = enabled

Does disable a lot of the store features but under Windows 11 24H2 the pin is still there at the top of the Start Menu and allows opening of the store. We have had the store disabled in our GPO for some time but Windows 11 thinks it knows better.

The policy you listed for removing pins does have an entry for removing pins from the Taskbar which does work properly but there isn’t one for removing the pins at the top of the Start Menu. That’s the floater in the punch bowl for us right now.

Hoyt_1911A1 · 2024-12-12T21:04:45.179Z

Thanks for the link Charles.

I turns out I had looked through that info but it requires the use of Microsoft’s Intune cloud based management service which we do not have access to. I am hoping to find a way to remove the pinned section from the start menu either on the local master image or through Group Policy, which Microsoft officially states cannot be done:

Important

The JSON file can be applied to devices using the Start policy CSP only. It’s not possible to apply the JSON file using group policy.*

I am hoping against hope to find a way to do this locally in a manner that Microsoft won’t “fix” on the next service release.

Hoyt_1911A1 · 2024-12-12T21:06:27.922Z

Yeah we are doing this now with Windows 10 but unfortunately it does not work with Windows 11.

CharlesHTN · 2024-12-12T21:23:34.474Z

You specifically mention W11 24H2 a few times. Is this specific to 24H2, or were these problems present with earlier versions of W11 for you as well?

I am applying this via GPO to the W11 COMPUTERS OUs where I wish to control what is pinned (note, I am not on 24H2 yet, so if the problem is specific to that, this may not work). My list has a lot of pinned items, but you should be able to pare it down, possibly even removing all of items, leaving just {“pinned List”:[ ]} or something similar.

Any reason not to pin the small number of approved applications on the Start Menu? Personally, I would prefer seeing them pinned to start than on the desktop.

image952×796 40.3 KB

FWIW, here’s a paste of the entire contents of “Value data”:
{“pinnedList”:[{“desktopAppLink”:“%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk”},{“desktopAppLink”:“%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\MS Office\Outlook.lnk”},{“desktopAppLink”:“%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\MS Office\Word.lnk”},{“desktopAppLink”:“%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\MS Office\Excel.lnk”},{“desktopAppLink”:“%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\MS Office\PowerPoint.lnk”},{“desktopAppLink”:“%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk”},{“desktopAppLink”:“%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk”},{“packagedAppId”:“Microsoft.Paint_8wekyb3d8bbwe!App”},{“packagedAppId”:“Microsoft.WindowsNotepad_8wekyb3d8bbwe!App”},{“desktopAppLink”:“%APPDATA%\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk”},{“desktopAppLink”:“%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\MS Office\OneDrive for Business.lnk”},{“packagedAppId”:“Microsoft.ScreenSketch_8wekyb3d8bbwe!App”},{“packagedAppId”:“windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel”},{“packagedAppId”:“Microsoft.WindowsCalculator_8wekyb3d8bbwe!App”},{“packagedAppId”:“Microsoft.WindowsTerminal_8wekyb3d8bbwe!App”}]}

Hoyt_1911A1 · 2024-12-12T21:37:20.213Z

Very interesting Charles. We haven’t moved to Windows 11 at all yet so I don’t have any reference point. I’m not a Group Policy guru so I’m having trouble following your GUI chart for the policy you have set. I apologize for not being able to follow.

Are the registry entries you have listed able to be applied to each user that logs in? If so I think you might have just the thing for us. We are not against pinning items to the Start Menu, but we mainly want the pinned apps that are there GONE. We have redirected Desktops for all our users so that is why I’m not too concerned with customizing the Start Menu. That being said if customizing it with your method removes all the junk Microsoft puts there I’m all for it.

Would you have a minute to list the policy in the Computer GPO that applies the reg key? I imagine you have the key stored on a server share somewhere?

Thanks again for your help I suspect you might have the answer I am looking for if I can wrap my head around it.

Edit: After I reread your post I looked into the registry and the device container is empty. Are you creating the entry called ConfigureStartPins from scratch?

CharlesHTN · 2024-12-13T03:50:16.538Z

Everything shown there is applied via Group Policy (and I highly recommend doing it that way for consistency).

I believe you may not be seeing all those settings because you may need to apply the Windows 11 Admin Templates to your domain. Those can be downloaded here:

https://www.microsoft.com/en-us/download/details.aspx?id=106254

I’ve only applied admin templates a few times and it’s been a while, so I’d suggest finding a YouTube video that explains how to do that (or maybe you’ll find a spiceworks post on that part).

Once applied, the W11 specific GPO settings should show up in Group Policy for you.

I would recommend you create a W11 Organizational Unit in Active Directory and move any W11 test systems into it. Once you create a GPO, you’ll apply it only to this OU (to prevent it from being applied to any production systems).

Remember, GPO settings either apply to COMPUTERS or to USERS. The GPO I included a screenshot of applies to computers, not users (this is a common point of confusion for folks new to Group Policy).

I know that doesn’t answer all your questions but it hopefully points you in the right direction. I’m still early in our W11 rollout and this was one of the first pain points I tried to work on. The W11 start menu by default is quite unruly.

it-monkey-mike · 2024-12-13T12:59:03.088Z

Yeah, I suspect 24H2 broke a lot of stuff.
We’re running 23H2 right now because I noticed 24H2 Ignored many of our GPO settings and we’ll be using Intune “soon.”

Hoyt_1911A1 · 2024-12-13T14:50:52.294Z

Thanks for the follow up Charles,

I should have mentioned we have already done all of the steps you have mentioned as far as I know, but I may be mistaken. I believe my supervisor updated the ADMX files on our AD server over the summer.

I would like to try the registry settings you listed on a local machine first to see if they still work under 24H2. Would you have time to paste the contents of your .reg file so I could tinker with it? I believe I may not have entered the settings you listed correctly. I tried recreating those registry entries manually on my test machine but nothing on the Start Menu changed. If I verify that those registry entries don’t work when entered locally I’ll know not to pursue it in the AD GPO.

Thanks again for everyone’s help.

CharlesHTN · 2024-12-13T17:51:06.574Z

There was no REG file, only a JSON file and a Group Policy Object. You might be able to manually create “ConfigureStartPins” as a under
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\current\device\Start
and paste in the Value data I pasted before. I’m not sure (but I believe that would only work on 22H2 based on what I mention below).

Basically I followed a process to build a “template” start menu on a Windows 11 machine and export that to a JSON file. The “Value data” in my GPO above was the contents of that JSON file.

This worked beautifully, but now I am learning that it only worked on W11 22H2, which is what we were running.

This website details basically how I did it (not my site, but it gives instructions that mirror what I did). It then at the bottom gives a new procedure that works on W11 23H2. It is unclear as to whether 24H2 broke this new procedure or whether it still works. Gotta love Microsoft constantly changing the rules (to try to get people to buy software to manage what they used to manage for free). I would recommend looking at the portion of this site under “2024 Update” and give that a try on a test machine.

Quake.blog - a blog about Quake mapping

Configure Windows 11 Start menu using only Group Policy

If you maintain a fleet of corporate Windows PC's like myself, you may have had to configure the Windows 10 Start menu so it looks the same for everyone by default and has corporate apps pinned as tiles. This consisted of generating an .xml file from...

Hoyt_1911A1 · 2024-12-13T20:12:14.641Z

Thanks again for your help Charles.

Unfortunately copying the start2.bin file no longer seems to work under 24H2. I had heard that it didn’t and tried it on my test machine and sure enough nothing changed on the start menu.

On a side note I dig your site. I played Quake a lot in the late nineties and have played the Unreal Tournament games a lot too. I was VERY impressed with the work ut99.org did on the original Unreal Tournament. Looks a lot like what you have listed for 2004. They even set up online servers for multiplayer. I updated my old UT99 directory (I got that game from a coupon from a 3DFx video card) and hopped online for a few good games on Deck 16.