我的公司使用公共信息亭运营.这些信息亭运行的是 Windows 8，虽然它们是安全的，但它们肯定不如您在银行看到的信息亭 AKA ATMS 安全.运行 Windows 8 的原因是利用 Microsoft 最近推出的新 Kiosk 功能.但是，如果正在运行或打算运行的软件在 Windows 商店中作为应用程序可用，操作系统似乎只允许在此 KIOSK 模式下运行.

My company operates using public kiosks. These kiosks are running Windows 8 and though they are secure, they are certainly not as secure as the kiosks AKA ATMS you would see at a bank. The reason for running Windows 8 is to take advantage of the new Kiosk feature that Microsoft recently introduced. However, it seems that the OS only allows operation in this KIOSK mode if the software that is being run or intended to be run is available on the Windows Store as an application.

目前无法将所需的软件发布到 Windows 应用商店，但我仍想利用 Kiosk 功能.如何使用信息亭功能并仍然运行所需的应用程序?Kiosk 模式的官方 MS 术语是 Assigned Access.

The software required is not able to be put out to the Windows Store at this moment, but I'd still like to take advantage of the Kiosk feature. How can I use the kiosk feature and still run the desired application? The official MS term for the Kiosk mode is Assigned Access.

我们确实尝试通过授予最少权限的用户访问以及在启动时引导软件来尽可能锁定信息亭.另外，我们尽可能地进行BitLock.但是，启动软件仍然存在延迟，并且确实有人确定网上冲浪很有可能这样做.

We do try to lock down the kiosks as much as possible by giving least permission user access as well as booting the software on startup. In addition, we BitLock whenever possible. However, there is still a delay in booting the software and someone really determined the surf the web could very potentially do so.

我知道 Microsoft 已为 Windows 应用商店应用程序设置了分配访问规则，但我仍在寻找任何潜在的解决方法.即使是真正快速制作 Windows 应用商店应用程序的方法，也仅适用于我的使用.欢迎第三方软件.但是任何可以帮助我们的案例的建议都会受到赞赏.

I am aware that Microsoft had set the Assigned Access rule for a Windows Store app, but I am still looking for any potential workarounds. Even ways to make a Windows Store app really quickly, that is only available for my usage. Third party software is welcome. But any suggestions that can help our case is appreciated.

当然，在 Active Directory、GPEdit 和 Registry 中玩转会更接近我想要实现的目标.我面临的主要问题之一是 Windows 桌面和Metronic UI 将在应用程序加载之前加载，而在 Kiosk 模式下:参见此处 - 启动时间更快.

Surely playing around in Active Directory, GPEdit, and Registry will get closer to what I want to achieve. One of the main problems I am facing is that the Windows Desktop & Metronic UI will load before the application loads, whereas in Kiosk mode: see here - boot time is quicker.

用户利用这个启动时间来检查 &是时候使用攻击了.因此，即使有很好的定制，我仍然面临一个问题，即它永远不会像 MS 那样高效.最后，我会把它留给 MS 以获得最佳结果.

Users use this launch time for time to check & time to use attacks. So even with great customization, I'm left with the problem that it will never be as efficient as MS could make it. In the end, I'd leave that to MS for optimal results.

我敢肯定，很多人都在寻找这个答案，我们不胜感激.

Many people are searching for this answer, I'm sure, and any help is appreciated.

TLDR:如何在没有 Windows 应用商店应用但有软件的情况下使用 Windows 8.1 Kiosk 功能?

TLDR: How do you use the Windows 8.1 Kiosk feature without having a Windows Store App, but do have software?

推荐答案

如果您有 Windows 8 Pro 或 Enterprise，您可以使用组策略 (GP) 来实现.

If you have Windows 8 Pro or Enterprise, you can achieve that with Group Policies (GP).

创建具有所需权限的用户；作为管理员帐户，运行 Microsoft 管理控制台 (mmc.exe)；转到文件 > 添加/删除管理单元...选择组策略对象并按添加按浏览...按钮在用户"选项卡中，选择您刚刚创建的用户按完转到用户配置 > 管理模板 > 系统并编辑自定义用户界面设置将其更改为已启用并在接口文件名字段中输入您的应用程序路径(即C:Program FilesMy Kiosk AppApp.exe")

下次您使用此用户登录时，Windows 不会加载 Explorer.exe，而是加载您的应用程序.这样，您将无法轻松访问桌面.通过 GP，您可以调整您的系统以防止其他事情发生，例如阻止特定应用程序、删除功能等.

Next time you log in using this user, Windows won't load Explorer.exe, but your application instead. This way you won't have easy access to the desktop. Through GP you can tweak your system to prevent other stuff like blocking specific applications, removing features, etc.

您还可以通过注册表强制自动登录.更多信息可以在这里找到:http://deployhappiness.com/group-policy-kiosk-mode-锁定/

You can also force an auto logon through registry. Further information can be found here: http://deployhappiness.com/group-policy-kiosk-mode-locking-down/

希望对你有帮助.