I'd like to set up a non-domain'd Windows Server 2016 to automatically start a specific graphical application as a specific user at boot such that it is always running -- even after a reboot -- and always accessible by anyone who RDP's into the server as that user.
This answer seems to be close to what I want and might do for our use case:
I just wanted to add a notice that this is still a suitable way to create a non-authenticated "kiosk machine", if you also add
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "ForceAutoLogon"="1"for logging the user automatically in right after logout. If your user is on Domain Guests group the profile will be automatically deleted on every logoff and a fresh profile created based on default profile. You could also change the shell for example if you want to launch a web browser instead of the default explorer.exe. Then, closing browser window will cause deletion of all cache and browsing history.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Shell"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
It sounds to me like that's suggesting this will allow us to set up the server such that it always logs in 1 particular user and starts the program defined by Shell in a kiosk mode. And while I do really like the idea of a kiosk mode in this case, the fact that this method would limit us to achieving the desired behavior with only 1 user makes it feel like it's not the right route. It seems to me that we would ideally be able to have any arbitrary number of programs launch via different users such that you could RDP into any of those user accounts and access their launched-at-boot programs.
I appreciate any direction! Most of my background is in linux server management; my Windows experience is limited to basically some light usage during school
