Answer from Microsoft (support email):

1- Shell Launcher v2 and Assigned Access APIs modify machine-level settings under HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\ShellLauncher.

2- These changes affect all users, so Windows restricts them to SYSTEM or an elevated process with the right privileges.

3- Simply running as an Administrator often isn’t enough because the Assigned Access service enforces the policy.

Options and might work: Split Privilege Model

• Keep your main app running under the user account.

• Create a small helper service running as SYSTEM (or LocalSystem) that listens for requests from your app (via IPC or named pipe).

• When the user selects “Run Windows,” the helper performs:

  • Shell reassignment to explorer.exe using Shell Launcher APIs or PowerShell.

  • Initiates logoff.

• This is the most common pattern for kiosk scenarios.

Use Task Scheduler with Highest Privileges

• Your app can trigger a scheduled task configured to run as SYSTEM.

• The task executes the shell switch and logoff.

This avoids keeping a persistent SYSTEM service but still uses SYSTEM for the sensitive operation.