Context
The PDF reader has reached its end-of-life on June 6, 2022 (official announcement)
I was about to change the software by deploying its new major version from the same release channel but I encountered an undesired end-user experience. The deployment has been stopped because of the following behavior.
Issue
The Reader 2017 is being successfully replaced by the Reader 2020. If there’s a standard user logged on the computer, his pdf file association is broken.
Yes, I pulled the carpet under his feet but neither Microsoft, nor Adobe offer a decent solution to handle it and update it smoothly.
The end-user is being prompted.

Easy, it’s documented on this page. This great but it doesn’t fix the broken pdf file association.
I remembered a similar issue that I posted here in 2018.
Unfortunately it doesn’t help anymore. The security mechanism still sees that there’s something wrong under the UserChoice key. It’s reported in the event log and there’s a reset.

The irony here is that it’s Adobe Reader that resets it but to MSEdgePDF (D’Oh!)

Solution
My solution consists in not allowing a reset to be performed.
I’m setting a temporary Deny rule on the .pdf registry key.

The key is deleted by a logoff script (using reg.exe import to avoid an access denied) and the computer GPO that handles file association using the official guidance from Microsoft and Adobe restores everything beautifully at next logon.
Happy days, PowerShell saved the day again 😎