Menu
CCMEXEC.COM – Enterprise Mobility
  • Home
  • General
  • Configuration Manager
  • Windows 10
  • Windows 11
  • Intune
  • GitHub
  • About
CCMEXEC.COM – Enterprise Mobility

Configure Windows 11 Start Menu folders using PowerShell

Posted on October 21, 2021February 2, 2022 by Jörgen Nilsson

One of my favorite features in Windows 11 is the folders we can enable on the Start Menu. They are discrete and easy to access. Unfortunately, the Start Menu folders are not enabled by default which I would very much approve if they were! These are the folders we are talking about.

They can manually be turned on in Settings > Personalization > Start > Folders as shown below.

We can however enable them using CSP in Windows 11 but there is no way of doing it using Group Policy or registry settings. More information on the CSP can be found here: Policy CSP – Start – Windows Client Management | Microsoft Docs
What we can do is use the MDM WMI Bridge provider to set these settings using PowerShell.
Note: as the MDM WMI Bridge is used the script must be run in System Context. If you want to test it out use PSEXEC for example.
MVP Peter van der Woude has created a great PowerShell script template which can be found here:
Windows 10 MDM Bridge WMI Provider: Settings template – All about Microsoft Endpoint Manager (petervanderwoude.nl) Great work and a real timesaver.

I use the script during OSD to enable the Start Menu folders. They are turned on by the script but the end-user can not turn it off it the like that is the downside. However it does not take up any estate that can be used for anything else so I think it is fine. If the end-user tries to change the values they are greyed out as shown below.


Task Sequence step

I run the script during OSD in my Windows 11 branding group as shown below the script accepts variables for each setting that should be enabled.
The following variables can be used:
-Documents
-Download
-FileExplorer
-HomeGroup
-Music
-Network
-PersonalFolder
-Pictures
-Settings
-Videos
Here is sample screenshot of the step I use in my Task Sequence:

The script is written by my great co-worker Sassan Fanai!
It can also be downloaded from GitHub: MEMCM-OSD-Scripts/Windows11 at master · Ccmexec/MEMCM-OSD-Scripts · GitHub
It can also be used to set the values to Disabled and Not configured.

<#
.SYNOPSIS
    Uses MDM Bridge Provider to configure pinned folders next to the Power button in Windows 11 start menu.
.DESCRIPTION
    Configures the pinned folder next to the Power button in Windows 11 using the MDM Bridge Provider.
    The configured pinned folders will be enforced and can not be disabled by the user (grayed out).
    Credit to Peter van der Woude for his great template for updating MDM policy settings:
    https://www.petervanderwoude.nl/post/windows-10-mdm-bridge-wmi-provider-settings-template/
.PARAMETER AllowPinnedFolder*
    Switch paramters that specifies which folders that should be pinned/unpinned.
    All parameters use default CSP policy name but aliases can be used to shorten their names.
    For example using -AllowPinnedFolderDocuments, -PinDocuments or -Documents will achieve the same results.
.PARAMETER Configure
    Specifies how the folders should be configured: Enabled (default), Disabled or NotConfigured.
.EXAMPLE
    PinStartFolders.ps1 -AllowPinnedFolderDownloads -PinFileExplorer -Settings
.EXAMPLE
    PinStartFolders.ps1 -AllowPinnedFolderDownloads -PinFileExplorer -Settings -Configure NotConfigured
.NOTES
    Version 1.0 (2021-10-11) - Sassan Fanai
    Version 1.1 (2021-10-17) - Sassan Fanai
        Added $Configure parameter

#>
[CmdletBinding()]
param (
    [Alias("PinDocuments","Documents")]
    [switch]$AllowPinnedFolderDocuments,
    [Alias("PinDownloads","Downloads")]
    [switch]$AllowPinnedFolderDownloads,
    [Alias("PinFileExplorer","FileExplorer")]
    [switch]$AllowPinnedFolderFileExplorer,
    [Alias("PinHomeGroup","HomeGroup")]
    [switch]$AllowPinnedFolderHomeGroup,
    [Alias("PinMusic","Music")]
    [switch]$AllowPinnedFolderMusic,
    [Alias("PinNetwork","Network")]
    [switch]$AllowPinnedFolderNetwork,
    [Alias("PinPersonalFolder","PersonalFolder")]
    [switch]$AllowPinnedFolderPersonalFolder,
    [Alias("PinPictures","Pictures")]
    [switch]$AllowPinnedFolderPictures,
    [Alias("PinSettings","Settings")]
    [switch]$AllowPinnedFolderSettings,
    [Alias("PinVideos","Videos")]
    [switch]$AllowPinnedFolderVideos,
    [ValidateSet("Enabled","Disabled","NotConfigured")]
    [string]$Configure = "Enabled"
)

function Update-PolicySetting {
    <#
    .SYNOPSIS
        A simple function to update policy settings by using MDM WMI Bridge
    .DESCRIPTION
        This function provides the capability to adjust policy settings by using the MDM WMI Bridge.
        It supports the capabilities to create, update and remove an instance
    .PARAMETER className
        This parameter is required for the name of the WMI class
    .PARAMETER parentID
        This parameter is required for the name of the parent node of the OMA-URI
    .PARAMETER instanceID
        This parameter is required for the name of the WMI instance, which is the node of the OMA-URI
    .PARAMETER configureProperty
        This parameter is required when configuring a setting and is the name of the property
    .PARAMETER valueProperty
        This parameter is required when configuring a setting and is the value of the property
    .PARAMETER removeInstance
        This switch is used to indicate that the specified variables are used for deleting the WMI instance
    .EXAMPLE
        Update-PolicySetting -className 'MDM_Policy_Config01_Start02' -parentID './Vendor/MSFT/Policy/Config' -instanceID 'Start' -configureProperty 'HideAppList' -valueProperty 1
        This example will run the function and configure a the property to hide the app list in Start
    .EXAMPLE
        Update-PolicySetting -className 'MDM_Policy_Config01_Start02' -parentID './Vendor/MSFT/Policy/Config' -instanceID 'Start' -removeInstance
        This example will run the function and remove the instance of Start
    .NOTES
        Author: Peter van der Woude
        Contact: pvanderwoude@hotmail.com
    #>
        param (
            [Parameter(Mandatory=$true)]$className,
            [Parameter(Mandatory=$true)]$parentID,
            [Parameter(Mandatory=$true)]$instanceID,
            [Parameter(Mandatory=$false)]$configureProperty,
            [Parameter(Mandatory=$false)]$valueProperty,
            [Parameter(Mandatory=$false)][Switch]$removeInstance
        )
        try {
            #Get a specific instance
            $instanceObject = Get-CimInstance -Namespace 'root\cimv2\mdm\dmmap' -ClassName $className -Filter "ParentID='$parentID' and InstanceID='$instanceID'" -ErrorAction Stop
        }
        catch {
            Write-Host $_ | Out-String
        }

        #Verify the action
        if ($removeInstance -eq $false) {
            #Verify if the additional required parameters are provided
            if ($PSBoundParameters.ContainsKey('configureProperty') -and ($PSBoundParameters.ContainsKey('valueProperty'))) {
                #Verify if the instance already exists
                if ($null -eq $instanceObject) {
                    try {
                        #Create a new instance
                        New-CimInstance -Namespace 'root\cimv2\mdm\dmmap' -ClassName $className -Property @{ InstanceID=$instanceID; ParentID=$parentID; $configureProperty=$valueProperty } -ErrorAction Stop
                        Write-Output "Successfully created the instance of '$instanceID'"
                    }
                    catch {
                        Write-Host $_ | Out-String
                    }
                }
                else {
                    try {
                        #Adjust a specific property
                        $instanceObject.$configureProperty = $valueProperty

                        #Modify an existing instance
                        Set-CimInstance -CimInstance $instanceObject -ErrorAction Stop
                        Write-Output "Successfully adjusted the instance of '$instanceID'"
                    }
                    catch {
                        Write-Host $_ | Out-String
                    }
                }
            }
            else {
                Write-Output ">> Make sure to provide a value for configureProperty and valueProperty when creating or adjusting an instance <<"
            }
        }
        elseif ($removeInstance -eq $true) {
            #Verify if the instance already exists
            if ($null -ne $instanceObject) {
                try {
                    #Remove a specific instance
                    Remove-CimInstance -InputObject $instanceObject -ErrorAction Stop
                    Write-Output "Successfully removed the instance of '$instanceID'"
                }
                catch {
                    Write-Host $_ | Out-String
                }
            }
            else {
                Write-Output "No instance available of '$instanceID'"
            }
        }
    }

switch ($Configure) {
    'Enabled' {
        [int]$Value = 1
    }
    'Disabled' {
        [int]$Value = 0
    }
    'NotConfigured' {
        [int]$Value = 65535
    }
}

$PSBoundParameters.Remove('Configure') | Out-Null

if ($PSBoundParameters.Keys.Count -ge 1) {
    $PSBoundParameters.Keys | ForEach-Object {
        Update-PolicySetting -className 'MDM_Policy_Config01_Start02' -parentID './Vendor/MSFT/Policy/Config' -instanceID 'Start' -configureProperty $PSitem -valueProperty $Value
    }
}
else {
    "No folders will be pinned/unpinned. No parameters were specified."
}

12 thoughts on “Configure Windows 11 Start Menu folders using PowerShell”

  1. Pingback: Microsoft Cloud ve Datacenter Management Kasım 2021 Bülten – Sertaç Topal
  2. Sunny Nijjar says:
    January 4, 2022 at 7:34 pm

    Hi Jörgen

    I am trying to use this script in an MDT environment but everytime I try to run this I keep getting the following error:

    The requested operation is not supported

    Any idea how I can resolve this?

    Reply
    1. Jörgen Nilsson says:
      January 5, 2022 at 3:00 pm

      Hi, As we use the PowerShellWMI Bridge you must run the script in System Context. You can try using Psexec.exe which you can use to run it in System Context.

      Regards,
      Jörgen

      Reply
  3. Robert Pascoe says:
    February 2, 2022 at 10:35 am

    Hi Jörgen

    I am trying to run the script via the Powershell ISE, either as the user or running the ISE as administrator & I’m also getting the same error:

    The requested operation is not supported

    Any idea how I can get the script to run?
    Best regards,
    Rob Pascoe

    Reply
    1. Jörgen Nilsson says:
      February 2, 2022 at 10:40 am

      Hi, I have updated the post to make it clear that the script must run in System context. So if you want to test it out you need to use something like Psexec.exe -s to run the script in System context.
      Regards,
      Jörgen

      Reply
  4. Robert Pascoe says:
    February 7, 2022 at 4:42 pm

    Hi, in case it helps others, as it took my a number of hours to figure this out – running in System context (aka NT AUTHORITY\SYSTEM) is different from running as administrator:
    –Download PSTools–
    C:\> PsExec.exe -i -s Powershell.exe
    –In the new window that is opened —
    PS C:\Temp> .\PinStartFolders.ps1 -AllowPinnedFolderDownloads -PinFileExplorer -Settings
    — Settings are now changed —
    Hope this helps others make use of this script as I will!
    Cheers,
    Rob Pascoe

    Reply
  5. Alex says:
    September 28, 2022 at 8:33 pm

    Can you write a script to move start to the left side. Thank you

    Reply
    1. Jörgen Nilsson says:
      October 3, 2022 at 2:12 pm

      Yes will publish it tomorrow!

      Reply
  6. Matt Snead says:
    November 3, 2022 at 1:38 pm

    If this is running in the system context, is it setting these values for all users? Both existing profiles and any future created profiles?

    Reply
    1. Jörgen Nilsson says:
      November 4, 2022 at 4:31 pm

      It will set it for new users. I will write a version that will update existing profiles as well.

      Reply
  7. Sunny Nijjar says:
    January 31, 2024 at 6:31 pm

    Hi Jörgen

    How can I configure this to run via Intune any help or insight would be appreciated

    Reply
  8. blami says:
    February 4, 2024 at 2:17 pm

    Hi Jorgen,
    I came across your article and wanted to add that these can be done through registry. The keys are:

    “`
    New-ItemProperty -Path “HKLM:\Software\Microsoft\PolicyManager\current\device\Start” -Name AllowPinnedFolderPersonalFolder -Value 00000001
    New-ItemProperty -Path “HKLM:\Software\Microsoft\PolicyManager\current\device\Start” -Name AllowPinnedFolderPersonalFolder_ProviderSet -Value 00000001
    “`

    For each folder both AllowPinnedFolder and AllowPinnedFolder_ProviderSet must be created and toggled to 1.

    This requires Explorer restart to take effect.

    Cheers

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

My name is Jörgen Nilsson and I work as a Senior Consultant at Onevinn in Malmö, Sweden. This is my blog where I will share tips and stuff for my own and everyone elses use on Enterprise Mobility and Windows related topics.
All code is provided "AS-IS" with no warranties.

Recent Posts

  • New settings in Intune Security Baseline Windows 11 24H2 -2504
  • Managing extensions in Visual Studio Code
  • Reinstall a required Win32app using remediation on demand
  • Administrator protection in Windows 11 – First look
  • Remediation on demand script – ResetWindowsUpdate
©2025 CCMEXEC.COM – Enterprise Mobility | WordPress Theme by Superb Themes
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Reject Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT