How to create a "temporary" Windows account?

1

HR requested that I prepare a machine / laptop for potential candidates to create a sample app on during interviews.

I'd need the account to "clean" itself after log-off, basically (i.e. delete everything the user does on the local machine when they're done). The user would definitely NOT be a local admin, shouldn't be able to install new apps but have access to what's already installed on the system, and possibly a specific network location where the candidate could store their work for review (or in case of a system crash or something unexpected).

I'm pretty sure I've witnessed such temporary accounts in a Windows environment before, but I can't find any reliable documentation about achieving this. How would one go about creating such an account? Is this a per-machine setting, or can this be somehow defined via GPOs (the latter would be ideal, as then it would be easier to replace the machine / laptop)?

PS. I know there's such a thing as a "guest" account in Windows. But if memory serves, it doesn't clean itself. I'm also not sure on how easy it would be to set up a access to a network location for such an account.

Shaamaan

Posted 2019-08-28T08:55:56.207

Reputation: 354

Because there isn't such a thing. Create it and delete it afterwards. You can get the message that you've been logged on with a "temporary" profile if there are issues during login but it's not what you're looking for. Create a profile, let someone use it and delete it afterwards. – Seth – 2019-08-28T09:06:29.127

Hmm, if memory serves, the built-in "Guest" account is special exactly because it does clean itself... But maybe you want the kind of software that libraries and schools use to "freeze" the entire machine? – user1686 – 2019-08-28T09:08:54.850

1The temporary accounts you witnessed are a fallback behavior that occurs when an account’s profile is corrupted. Not something I’d recommend. – Daniel B – 2019-08-28T12:01:23.610

@Seth I could be wrong, but I'm almost certain I've seen this type of scheme in use at my school back when I was a student. Alas, that was quite a while ago, so my memory might indeed be fuzzy. Wouldn't it be possible to create a script that'd clean the profile and have that run on logoff? In any case, if you feel that it's impossible, feel free to make this into an official answer. If that ends up being the case, I'll definitely accept it. – Shaamaan – 2019-08-28T12:08:08.407

If you run a script just have a script that deletes the whole account and creates a new one. Probably easier than just "cleaning up". Your school was likely using a different approach like freezing the whole machine and discarding changes on reboot. As mentioned by @grawity . There are various solutions for this (hardware and software based). Standard local user accounts don't offer what you're looking for.

– Seth – 2019-08-28T12:30:13.047

Answers

1

Don't have enough reputation to make a comment so I'll post this as an answer.

I think you should look into Shared PC mode. This might be exactly what you're looking for.

sevi

Posted 2019-08-28T08:55:56.207

Reputation: 74

0

To create a sample app and to save things on your network, I suggest using a Standard Account (not Guest). You can make this up on the Local Machine, or, if you have a domain, make this user up in AD. Either way, make sure the user is Standard and NOT Administrator.

Try that. A person (administrator) may need to authorize certain things about the App (but we do not know this at this point)

John

Posted 2019-08-28T08:55:56.207

Reputation: 5 395

Unfortunately a -1 from me. Creating a standard account doesn't solve the requirement of having the Windows profile "clean" itself after use. In case this wasn't a clear requirement I've edited the question. – Shaamaan – 2019-08-28T11:40:30.237

A guest account will clean itself, but will not provide the access you want. Set up a Standard Account (account - 1), delete it after use, and then make account - 2. That is about the only way you can do this – John – 2019-08-28T11:53:31.200

Asked: 2019-08-28T08:55:56.207

Viewed: 64 times

Active: 2019-08-28T11:41:41.030