Share via

Windows 11 kiosk with multiple Azure AD users

Alistair Russell 20 Reputation points
2023-09-06T14:08:50.1933333+00:00

Looking for some assistance with deploying single-app kiosk mode with multiple Azure AD shared users.

 

Overview

  • An Intune configuration policy has been created for a single-app kiosk mode using Microsoft Edge.
  • User logon type is set to Azure AD user or group
  • Multiple Azure AD users have been added to the logon list in the policy

 

Experience (Single Azure AD user configured in the policy)

  • Deployment succeeds as expected and device goes into kiosk mode with Microsoft Edge application auto launched

 

Experience (Multiple Azure AD users configured in the policy)

  • Deployment fails to put the device into kiosk mode
  • Following errors are recorded on the device:
  • Event ID 32000 - Invalid account!, ErrorCode(0x80070534)
  • Event ID 32000 - Config element validation failed, ErrorCode(0x80070534)
  • Event ID 32000 - AssignedAccess configuration failed, ErrorCode(0x80070534)
  • Following errors are recorded for the kiosk configuration profile for the device:
  • AssignedAccessConfigurationV4 Error -2016281112 (0x87d1fde8)

 

Additional Information

  • The device is running Windows 11 21H2 (OS Build 22000.2295)
  • Microsoft documentation states this is a known issue when the kiosk policy has an Azure AD Group targeted for login. Their workaround is to add individual users to the list, this however does not work.

 

Thanks

Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
8,381 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,457 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

    1 deleted comment

    Comments have been turned off. Learn more

  2. ZhoumingDuan-MSFT 8,840 Reputation points Microsoft Vendor
    2023-09-07T05:34:10.2733333+00:00

    @Alistair Russell, Thanks for posting in Q&A. 

    From your description, we know that when you sign in to a device in kiosk mode with multiple Azure AD users, you can't set the device to kiosk mode.

    For the issue, I did the same test as your configuration and encountered the same error message, it may be that the xml file you deployed is not correctly recognized by the CSP. We recommend that you open case follow the link below for more help.

    Get support in the Microsoft Intune admin center - Microsoft Intune | Microsoft Learn

    Thanks for your kind understanding.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.