This KB assumes that you already have a working PolicyPak Start Screen (PPSSM) policy that works normally after logging out and back in after the PPSSM policy applies. The purpose of this KB is to provide a possible (and unsupported) workaround for PPSSM customers who use Non-Persistent VDIs and whose users are unable to logout and back in due to the nature of Non-Persistent VDIs who would still like to use PPSSM. The idea is that by killing the explorer.exe process and restarting it at first logon is that we can mimic the logout and log back in action so that the PPSSM policy will apply successfully.
Next set the apply action in the policy to run the following BATCH commands.
Your settings should look similar to the screenshot below:
For the Revert action screen, click Next and do not set a revert action as Triggers do not support Revert actions.
For the Trigger type setting choose “Logon”
Optional: Set the Triger settings wait period for 1 minute after login if desired. Note, you can also uncheck this setting here and then programmatically in your BATCH script set a wait period for seconds if desired, (i.e., to wait 20 seconds before running the next command you could use “SLEEP 20”).
Lastly, save and apply the policy, then test from an endpoint, the result will be that Scripts and Triggers will look for the flag file at EVERY login… one minute after login (using the settings from above). Then, if the flag file is ABSENT… Kill explorer and write the flag file. Note: You will see a very brief flash on the end-user computer for new logins.
IMPORTANT: This policy should be set to apply after the PPSSM policy.