I am trying to configure the kiosk mode in windows 11 with multiapps using a powershell script. I found an official guide on Microsoft's website but it doesn't work. The most I have achieved with my code is that I don't get an error when I run it but then when I log in with the kiosk user it automatically unlocks before the desktop appears.
kiosk.ps1:
$nameSpaceName="root\cimv2\mdm\dmmap"
$className="MDM_AssignedAccess"
$obj = Get-CimInstance -Namespace $namespaceName -ClassName $className
Add-Type -AssemblyName System.Web
$obj.Configuration = [System.Web.HttpUtility]::HtmlEncode(@"
<?xml version="1.0" encoding="utf-8" ?>
<AssignedAccessConfiguration
xmlns="
http://schemas.microsoft.com/AssignedAccess/2017/config"
xmlns:r1809="
http://schemas.microsoft.com/AssignedAc ... 810/config"
>
<Profiles>
<Profile Id="{564a7931-0289-4d92-bf72-04f4f6db519d}">
<AllAppsList>
<AllowedApps>
<App DesktopAppPath="C:\WINDOWS\SYSTEM32\CMD.EXE" />
</AllowedApps>
</AllAppsList>
<StartLayout>
<![CDATA[<LayoutModificationTemplate xmlns:defaultlayout="
http://schemas.microsoft.com/Start/2014 ... aultLayout" xmlns:start="
http://schemas.microsoft.com/Start/2014/StartLayout" Version="1" xmlns="
http://schemas.microsoft.com/Start/2014 ... dification">
<LayoutOptions StartTileGroupCellWidth="6" />
<DefaultLayoutOverride>
<StartLayoutCollection>
<defaultlayout:StartLayout GroupCellWidth="6">
<start:Group Name="">
<start:DesktopApplicationTile Size="2x2" Column="2" Row="0" DesktopApplicationLinkPath="C:\WINDOWS\SYSTEM32\CMD.EXE" />
</start:Group>
</defaultlayout:StartLayout>
</StartLayoutCollection>
</DefaultLayoutOverride>
</LayoutModificationTemplate>
]]>
</StartLayout>
<Taskbar ShowTaskbar="true"/>
</Profile>
</Profiles>
<Configs>
<Config>
<Account>test1</Account>
<DefaultProfile Id="{564a7931-0289-4d92-bf72-04f4f6db519d}"/>
</Config>
</Configs>
</AssignedAccessConfiguration>
"@)
Set-CimInstance -CimInstance $obj
With the code a desktop should appear with the cmd program only.
Maybe someone has an idea how to improve the code to make it work?
When the kiosk user logs in, only the apps defined in the script should appear.
I am trying to configure the kiosk mode in windows 11 with multiapps using a powershell script. I found an official guide on Microsoft's website but it doesn't work. The most I have achieved with my code is that I don't get an error when I run it but then when I log in with the kiosk user it automatically unlocks before the desktop appears.
kiosk.ps1:
$nameSpaceName="root\cimv2\mdm\dmmap"
$className="MDM_AssignedAccess"
$obj = Get-CimInstance -Namespace $namespaceName -ClassName $className
Add-Type -AssemblyName System.Web
$obj.Configuration = [System.Web.HttpUtility]::HtmlEncode(@"
<?xml version="1.0" encoding="utf-8" ?>
<AssignedAccessConfiguration
xmlns="http://schemas.microsoft.com/AssignedAccess/2017/config"
xmlns:r1809="http://schemas.microsoft.com/AssignedAccess/201810/config"
>
<Profiles>
<Profile Id="{564a7931-0289-4d92-bf72-04f4f6db519d}">
<AllAppsList>
<AllowedApps>
<App DesktopAppPath="C:\WINDOWS\SYSTEM32\CMD.EXE" />
</AllowedApps>
</AllAppsList>
<StartLayout>
<![CDATA[<LayoutModificationTemplate xmlns:defaultlayout="http://schemas.microsoft.com/Start/2014/FullDefaultLayout" xmlns:start="http://schemas.microsoft.com/Start/2014/StartLayout" Version="1" xmlns="http://schemas.microsoft.com/Start/2014/LayoutModification">
<LayoutOptions StartTileGroupCellWidth="6" />
<DefaultLayoutOverride>
<StartLayoutCollection>
<defaultlayout:StartLayout GroupCellWidth="6">
<start:Group Name="">
<start:DesktopApplicationTile Size="2x2" Column="2" Row="0" DesktopApplicationLinkPath="C:\WINDOWS\SYSTEM32\CMD.EXE" />
</start:Group>
</defaultlayout:StartLayout>
</StartLayoutCollection>
</DefaultLayoutOverride>
</LayoutModificationTemplate>
]]>
</StartLayout>
<Taskbar ShowTaskbar="true"/>
</Profile>
</Profiles>
<Configs>
<Config>
<Account>test1</Account>
<DefaultProfile Id="{564a7931-0289-4d92-bf72-04f4f6db519d}"/>
</Config>
</Configs>
</AssignedAccessConfiguration>
"@)
Set-CimInstance -CimInstance $obj
With the code a desktop should appear with the cmd program only.
Maybe someone has an idea how to improve the code to make it work?
When the kiosk user logs in, only the apps defined in the script should appear.