Has anyone successfully got mandatory profiles working with Windows 10 (currently running Win10 Enterprise 1511).

Essentially, I have it 99% of the way there, but whilst the start bar is clickable (which it previously wasn't), it now shows a blank start menu - ignoring either the Mandatory Profile Start Menu, or the XML Start Menu imported via Group Policy.

My steps are based on having a dedicated "mandatory" local account to do all user customisations before copying it up to the netlogon share rather than using the default profile - which works fine but has none of our app customizations built in - unless I start look at importing reg keys etc;

So here are my steps;

Login to the gold image machine as .\mandatory
1. Open Regedit
2. Right Click on HKCU and give the following full permissions logging in as a domain admin first
a. Everyone
b. All Application Pools
c. Authenticated Users
4. Close Regedit
This is essentially instead of doing it via loading the hive - which seems to really help the start menu (I think)

5. Reboot the machine
6. Login as domain administrator run Windows Enabler
7. Copy the profile to \\%domaincontroller%\netlogon\profiles\johnpaul.v5 with everyone as permissions
8. Change a user to use that as their profile
9. Reboot the computer (giving AD enough time to replicate)
10. Login as that user
11. Start Menu is clickable and edge works on the task bar


It does not pull in the start menu xml that we have configured, nor the start menu contained within the mandatory profile, but the start menu is fully clickable!

I think other ways I have read on mandatory profiles about loading the hive from another machine didn't work because the DeviceAccess registry key seems to be permanantley locked even if I give everyone full permission - if I do it locally and then export the full mandatory profile it works.

In anticipation

John Paul