Intune multi app kiosk mode using the new Microsoft Edge

Blog » Intune multi app kiosk mode using the new Microsoft Edge

Introduction

This is my notes while playing around with kiosk. I was testing the brand-new Kiosk setting for the new Microsoft Edge and the only result I got out of that was a non-working device. Eventlog saying MDM Session: Failed to get AAD Token for sync session User Token: (Unknown Win32 Error code: 0xcaa10001) Device Token: (Incorrect function.). I must mention that it was right after its release and later tests has worked just fine.

So why make a blog post for kiosk using multi app mode? Well because this method just works!

A huge thanks to Microsoft MVP Peter Klapwijk for making a blogpost for multi kiosk environment which helped me in the right direction.

Requirements

Microsoft Endpoint Manager
Windows 10, version 1809 or later, but recommend 1903 or higher as there are so many random TPM errors on 1809.
Azure AD join only
Physical device with TPM 2.0 (virtual machine is not supported);
For more in-depth information see official docs here and also Michael Niehaus’s deep insight into Autopilot self-deploying mode here

Components in Intune to get multi app kiosk to work

Azure AD group
Autopilot profile
Microsoft Edge application
Kiosk policies
Powershell script
Power Settings

Creating Azure AD Group

Go to Groups

Press New group

Create Group name

Choose membership type

Press Add dynamic query

In the right side – Click Edit

Insert a rule that gather all autopilot enabled devices with the Grouptag ID “Tabulex-SFO-FRE” (You can call it whatever you like. Just make sure to keep changing GroupTag throughout the guide)

Click OK

Click Save

Creating Autopilot profile

Go to Devices

Enroll devices

Press Deployment Profiles

Create profile -> Windows PC

Give it a name

Press next

Set Deployment mode

Apply device name template

Enter a name (we will use KIOSK-M-A-1234 which will be M for Multi, A for App and 4 random numbers)

Press next

Add groups

Search for the group created in the first section

Select it

Press select

Review your settings and press Create

Creating Microsoft Edge application

Go to Apps

Select Windows

Select Add

Select Microsoft Edge

Press select in the bottom

You can reuse your Microsoft Edge if that already exist, but I like to keep it separate. (It is no different from the default Edge installation)

Press Next

Press Add group

Search for the group created in the first section

Select it

Press select

Press Next

Review your settings and press create

Creating Kiosk profile

Go to Devices

Go to Windows

Go to Configuration profiles

Create profile

Choose Platform

Choose Profile type

Search for kiosk

Press template name – Kiosk

Press create

Give it a name

Press next

Select a kiosk mode

Select Add Win32 app

Application name: Microsoft Edge

Executable file: %ALLUSERSPROFILE%MicrosoftWindowsStart MenuProgramsKiosk.lnk

AUMID: MSEdge

Press OK

(You may wonder why we point to a lnk file. It will make sense later in this guide)

Press yes in Autolaunch

Press next

Add groups

Search for the group created in the first section

Select it

Press select

Press Next

Review and press create

Applying powershell script

Download this script

Change URL accordingly to what you need it to show (tip: you can see all Edge kiosk possibilities here and add as you need)

Save the script

Go to Devices

Go to Windows

Go to PowerShell script

Press Add

Add name

Press Next

Add script

Press next

Press Add groups

Search for the group created in the first section

Select it

Press select

Review and press add

Applying Microsoft Edge policies

Go to Devices

Go to Windows

Go to Configuration profiles

Create profile

Choose Platform

Choose Profile type

Press create

Add Name

Press Next

Add settings

Search for “Power”

Tick the 2 results

(If your device goes to hibernate or other sleep states, you can add from the category “power” as well to prevent that)

Enable the settings and set it to 0

Press Next

Press Add groups

Search for the group created in the first section

Select it

Press select

Press Next

Press next

Review settings and press create

Summary

That’s it folks. How to create a Kiosk device that works very nicely with the ongoing Microsoft Edge versions. You can use the Kiosk mode for many purposes, and this just showed how to come around with a single app in a multi app kiosk mode. Here is a video on the end result.