How to setup a Windows 10 single app kiosk using Intune.

Want a fast and easy way to setup a Windows 10 kiosk ? Intune to the rescue!

Kiosk configurations in Intune is assigned to device. In this example we will use a AzureAD account for the kiosk user.

First create a user in AzureAD that you want to use for your kiosk.

AzureAD -> Users -> New User

Now lets create a device group where we want to put all our kiosk devices.

AzureAD -> Groups -> New Group

If you already have a device you can add it to the group now, or you can do it later.

Now we need to find the AUMID of the appx we want to run in kiosk mode. In this example i will use edge.

Log on to a windows 10 machine and open powershell. And paste the following code

$installedapps = get-AppxPackage
$aumidList = @()
foreach ($app in $installedapps)
{
foreach ($id in (Get-AppxPackageManifest $app).package.applications.application.id)
    }
$aumidList += $app.packagefamilyname + "!" + $id
    }
}
$aumidList

You will now get a list of AUMID’s in this example we are looking for edge

As you can see the AUMID for edge is Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge

Now we need to create a profile so we can assign this app to run in kiosk mode.

Intune -> Device Configuration -> Profiles -> Create Profile

Name the profile and select “Windows 10 and later” as platform, then set the profile type to “Device restrictions” next click the “Configure” button.

 

Select “Kiosk (Preview)” then set “Kiosk Mode” to “Single app kiosk” enter your user account and the Application user model ID of the app as we did earlier in this post.

TIP1: If using auto logon you should probably use a local account for the kiosk. But in this example we use an AzureAD account. Any AzureAD account assigned must be written like this “AzureDAusername@domainname.com

TIP2: If you want to run a legacy Win32 application you need to use “Multi app kiosk” as the “Kiosk Mode

Now create this setting and lets assign it to the device group made earlier.

Select the “Kiosk – Edge” profile.

Go to Assignments -> Select groups to include -> Your device group -> Select

Then click “Save

Now wait a little bit and see if it shows up in the Device Configuration -> Profiles -> “Kiosk – Edge” -> Device Status

TIP: If the client doesn’t show up or says pending try to sync it.

This is how it will look at the user side.

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s