This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 42%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENG%3C/text%3E%3C/svg%3E)
My organization wants to deploy Kiosk computers that will be available to the public in our waiting rooms, but since the public will be using these computers, we ideally want to use a Kiosk profile so that they are basically only able to browse the web. That being said, we have been able to successfully accomplish this in the past when we were mainly still using Windows 10, but now we have moved completely to Windows 11 for security reasons, mostly because our organization needs to be HIPAA compliant and my supervisor is very intent on staying with Windows 11.
Previously, we have been able to push out a Kiosk Edge browser through Intune that had the ability to automatically end the browser session after a certain duration, or manually if you clicked on the End Session button. Now that we have "upgraded" to Windows 11, we have had nothing but constant issues trying to get the same thing back up and running. I am now aware that the Multi app kiosk mode does not work on Windows 11 as of writing this on 4/12/2024, so we are currently stuck with using Single app, full-screen kiosk mode instead, I have taken a screenshot of the current configuration in Intune below.
Currently these configuration settings seem to actually work fine, but I would like to be able to see the navigation bar/URL bar, tabs that are open for the current session. Currently all of these are hidden, and I can't seem to find anywhere in Intune. It should be noted that under the Application type section, you can clearly see Add Kiosk browser, but unfortunately this does not work either, since whenever I try to use it, I get a blue screen with the following error: We weren't able to start your app. Press Ctrl + Alt + Del to sign out or contact your system admin. For more info, search online for error code: 0x80073cf1.
As for the other two options Add Microsoft Edge Legacy browser and Add Store app, I haven't had much luck with either. For the former, I will admit I have not attempted to use it, but it doesn't seem like something that I would want to use, maybe I am wrong, please let me know if I am. For the latter, I don't have the ability to add an Edge Kiosk browser app, so I can't really test it all that much.
I have tried to use the current config and also try and modify registry settings to try and force the URL/navigation bars to show at the top of the screen instead of just being able to see the browser's viewport, but I get an error whenever I try this, I do not currently have the error message on hand, but I think it was something semi-generic, no specific error codes or anything like that.
Additionally, autologon does not seem to work either, as we would like the laptop to automatically login so that our intended users do not need to worry about knowing the credentials in order to use the computer for basic web browsing. This is especially important as our intended users are very technologically illiterate and I would like to avoid needing to go over and show them how to login each time, especially since I am one of the few IT staff for our whole organization and my time is already stretched thin. Specifically, it seems that whenever autologon is configured in the registry, the AutoAdminLogon key changes from a value of 1 to 0 upon reboot, which I believe also triggers the DefaultPassword key to be removed. The DefaultUserName and DefaultDomainName keys stay as they were and do not get changed or deleted. If it matters, all of the previously mentioned registry values were added as strings, or REG_SZ keys. I have also found somewhere online that someone suggested to add a registry key with the name DevicePasswordLessBuildVersion as a REG_DWORD with the value of 2, but this didn't seem to do anything.
The registry location for the autologon keys that I refer to above are located here: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
The registry location for the DevicePasswordLessBuildVersion key that I refer to above is located here: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device
Let me know if there is any other information that I need to include, I've spent way too much time on this issue already, so any help or guidance is most welcome.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Nathan Gelderbloom, Thanks for posting in Q&A. Based on my testing on windows 11 21H2., when I deploy the single app kiosk mode with the similar setting as yours, I find on the device side, the Edge is with address bar and End Session button as well.
For your affected device, what is the windows 11 version? If we upgrade to the latest windows 11 version, will it get the same issue?
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
I did not mention this in my original post, but our organization follows a lot of the recommendations that CIS posts on their benchmarking site (specifically CIS Microsoft Windows 11 Enterprise Benchmark v2.0.0), especially since we are HIPAA compliant. After making my post I have discovered that even though I had made the test device exempt from those policies, some of the policies did not get removed, and thus some of the registry entries related to said policies were still on the device. Also, I doubt that it matters too much, but we are on 23H2 and not 21H2.
As of right now, we are reimaging the laptop to try and start from a clean slate. We have also added the name of the laptop to the dynamic membership rules in such a way where it will never get added to the group that is responsible for pushing out all of the CIS benchmark policies. Crossing my fingers that this work around works. Thank you for confirming that the Kiosk policy still does work. I will reply again when I've finished reimaging the test laptop and have tested the Kiosk configuration.
Unfortunately, even after reimaging the device so that it does not have any of the CIS policies on it, it still does not seem to be cooperative. This is what I see as soon as I log onto the kiosk user, which is something that I have run into previously, as stated in my initial request, it seems to be the same error code too.
Not everything is all doom and gloom though, I did notice that after I upgraded from Windows 10 to Windows 11 during the imaging process, the Kiosk user popped up immediately, and I did not even need to do anything to switch to that user, which was what I needed to do all other previous times. So making a little progress, but not quite there yet.
@Nathan Gelderbloom, Thanks for the reply. From your description, I know the OS is with the latest version and we have removed other policies and reimaged the device, but the Edge seems unable to open with issue. For this issue, I suggest open case to do troubleshooting. Thanks for your understanding.
This was what I was doing for troubleshooting, how else would you suggest that I do it?
@Nathan Gelderbloom, For the error code, after researching, I didn't find any link describe this. So I don't have any other suggestion on it. For this issue, I think it needs to engage windows and Edge support to see if there's any logs they can check to get more finding.
