Following on from the dumpster fire that is Windows 10 start menu and taskbar configuration – The win 11 team have really stepped up and made this even worse… why? because “fuck you thats why” seems to be the best explanation.
Start menu and taskbar config is now 3 different configuration settings
Start menu
The start menu is now a json file stored under “%LocalAppdata%\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\LocalState” – and appears to be encrypted to a level well past my understanding – so it not manually editable… (after all, what enterprise admin would want to control their users start menu right?!?!)
Turns out the Windows 11 start menu stores its persistent state in an AES CBC PKCS7 encrypted JSON whose crypto input parameters feature a salt that utilizes Mersenne Twister PRNG.
Initially thought this may be an anti-tamper measure but the file can be swapped across installs.— Albacore ☁️ (@thebookisclosed) October 10, 2021
in order to customise this for the default user in a TS, we can
- Customise the start menu as we want it to look
- copy out “%LocalAppdata%\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\LocalState\start.bin” to our SCCM package source
- The use a command such as the following in our TS
- xcopy “start.bin” “C:\Users\Default\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\LocalState\” /y
Start Menu folders area
Since this isnt complex enough – another section has been added to the start menu – called “start folders”
In order to keep things consistent, this is configured at a machine level via the registry keys at HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\Start\AllowPinnedFolderDocuments, AllowPinnedFolderDownloads etc
Here is a site which already has the reg entries you need listed – https://www.tenforums.com/tutorials/2192-add-remove-folders-start-list-windows-10-a-5.html
At least these settings are easy to manage – and there are even CSP’s for them – https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-start
TaskBar
The Win 11 taskbar is managed in the same way the Win 10 taskbar is, via an xml
https://docs.microsoft.com/en-us/windows/configuration/customize-taskbar-windows-11
its the same old xml file we used in win 10 – but the “start” section is ignored – and the taskbar section is still used.
the article talks about using group policy or Intune to deploy it – but if we only want it set as the default – and allow users to change it, use the same old way that we did with windows 10 task sequence
Powershell.exe Import-StartLayout -LayoutPath Taskbar.xml -MountPath C:\