Shared devices – Deployments of apps, WebApps, Store apps, scripts, and configuration profiles work perfectly for the first person logging in, but fail on subsequent users

Has anyone got a RELIABLE solution when managing shared devices?

Summary of issues –

Deployments of apps (exe and MSI), WebApps, Microsoft Store apps, scripts, and configuration profiles work perfectly for the first person logging in.

On secondary user login (and subsequent users), these do not work consistently.

Microsoft Store Apps can be delayed by several hours or multiple reboots before fully installed.

Configuration profiles have major issues applying, and in some instances fail to apply at all.

In particular, I cannot deploy a solution that applies to secondary and subsequent logins.

OST solution –

I have create three different solutions for disabling OST creation.

All three work on initial user login, but not on subsequent users

PowerShell script – Create registry entries to block OST creation

Config Profile – Do not allow an OST to be created

Config Profile – Use Cached Exchange Mode for new and existing Outlook profiles (Disabled)

This issue happens on both Windows 10 Pro devices and Windows 10 Enterprise devices.

It happens when using a DEM account – Device Enrollment Manager as well as autopilot devices.

It happens in my dev environment and my client’s production environment.

Has anyone got a RELIABLE solution when managing shared devices?
I have a workaround for WebApps not deploying reliably (a PowerShell script to create favorites shortcuts to the Public Desktop), but Config Profiles failing is a pretty big issue. If my OST config profiles aren’t applying correctly, does that mean my Device Restriction config profiles are failing too.
I have logged a ticket with Microsoft support and I am waiting for a follow-up from them.