From f77abdee3a4f2bec8dd883ff0b2fa4d9ca5e1fd1 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Sun, 4 Feb 2024 16:12:07 -0500 Subject: [PATCH] Fix bug in login functionality --- .../kiosk/quickstart-restricted-experience.md | 139 +++++++++++++++++- 1 file changed, 138 insertions(+), 1 deletion(-) diff --git a/windows/configuration/kiosk/quickstart-restricted-experience.md b/windows/configuration/kiosk/quickstart-restricted-experience.md index 71bda92793..c4e4978e56 100644 --- a/windows/configuration/kiosk/quickstart-restricted-experience.md +++ b/windows/configuration/kiosk/quickstart-restricted-experience.md @@ -41,13 +41,67 @@ under the "Prerequisites" H2, enter "None" in plain text POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations Content-Type: application/json -{ "id": "00-0000-0000-0000-000000000000", "displayName": "_MSLearn_Example", "description": "Collection of settings for Assigned Access", "roleScopeTagIds": [ "0" ], "@odata.type": "#microsoft.graph.windows10CustomConfiguration", "omaSettings": [ { "@odata.type": "#microsoft.graph.omaSettingString", "displayName": "AssignedAccess_Configuration", "description": null, "omaUri": "./Vendor/MSFT/AssignedAccess/Configuration", "secretReferenceValueId": null, "isEncrypted": true, "value": "< ?xml version=\"1.0\" encoding=\"utf-8\" ?>\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n" }, { "@odata.type": "#microsoft.graph.omaSettingInteger", "displayName": "EnableTouchKeyboardAutoInvokeInDesktopMode", "description": null, "omaUri": "./Device/Vendor/MSFT/Policy/Config/TextInput/EnableTouchKeyboardAutoInvokeInDesktopMode", "secretReferenceValueId": null, "isEncrypted": false, "value": 2, "isReadOnly": false }, { "@odata.type": "#microsoft.graph.omaSettingInteger", "displayName": "HideRecommendedSection", "description": null, "omaUri": "./Device/Vendor/MSFT/Policy/Config/Start/HideRecommendedSection", "secretReferenceValueId": null, "isEncrypted": false, "value": 1, "isReadOnly": false }, { "@odata.type": "#microsoft.graph.omaSettingInteger", "displayName": "DisableSearch", "description": null, "omaUri": "./Device/Vendor/MSFT/Policy/Config/Search/DisableSearch", "secretReferenceValueId": null, "isEncrypted": false, "value": 1, "isReadOnly": false }, { "@odata.type": "#microsoft.graph.omaSettingInteger", "displayName": "TurnOffWindowsCopilot", "description": null, "omaUri": "./User/Vendor/MSFT/Policy/Config/WindowsAI/TurnOffWindowsCopilot", "secretReferenceValueId": null, "isEncrypted": false, "value": 1, "isReadOnly": false } ] } +{ "id": "00-0000-0000-0000-000000000000", "displayName": "_MSLearn_Example", "description": "Collection of settings for Assigned Access", "roleScopeTagIds": [ "0" ], "@odata.type": "#microsoft.graph.windows10CustomConfiguration", "omaSettings": [ { "@odata.type": "#microsoft.graph.omaSettingString", "displayName": "AssignedAccess_Configuration", "description": null, "omaUri": "./Vendor/MSFT/AssignedAccess/Configuration", "secretReferenceValueId": null, "isEncrypted": true, "value": "< ?xml version=\"1.0\" encoding=\"utf-8\" ?>\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n" } ] } ``` #### [:::image type="icon" source="../images/icons/provisioning-package.svg"::: **PPKG**](#tab/ppkg) +```xml + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +``` + Follow the steps in [Apply a provisioning package][WIN-2] to apply the package that you created. +#### [:::image type="icon" source="../images/icons/provisioning-package.svg"::: **PowerShell**](#tab/ppkg) + Configure your devices using PowerShell scripts via the [MDM Bridge WMI Provider](/windows/win32/dmwmibridgeprov/mdm-bridge-wmi-provider-portal). For more information, see [Using PowerShell scripting with the WMI Bridge Provider](/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider). > [!IMPORTANT] @@ -65,6 +119,89 @@ Edit the following sample PowerShell script to: - Change the kiosk user tile name displayed in the sign-in screen with **$userTileName** ```powershell +$eventLogFilterHashTable = @{ + ProviderName = "Microsoft-Windows-AssignedAccess"; + StartTime = Get-Date -Millisecond 0 +} + +$namespaceName="root\cimv2\mdm\dmmap" +$className="MDM_AssignedAccess" +$obj = Get-CimInstance -Namespace $namespaceName -ClassName $className +$obj.Configuration = [System.Net.WebUtility]::HtmlEncode(@" + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +"@) + +$obj = Set-CimInstance -CimInstance $obj -ErrorVariable cimSetError -ErrorAction SilentlyContinue +if($cimSetError) { + Write-Output "An ERROR occurred. Displaying error record and attempting to retrieve error logs...`n" + Write-Error -ErrorRecord $cimSetError[0] + + $timeout = New-TimeSpan -Seconds 30 + $stopwatch = [System.Diagnostics.Stopwatch]::StartNew() + do{ + $events = Get-WinEvent -FilterHashtable $eventLogFilterHashTable -ErrorAction Ignore + } until ($events.Count -or $stopwatch.Elapsed -gt $timeout) # wait for the log to be available + + if($events.Count) { + $events | ForEach-Object { + Write-Output "$($_.TimeCreated) [$($_.LevelDisplayName.ToUpper())] $($_.Message -replace "`n|`r")" + } + } else { + Write-Warning "Timed-out attempting to retrieve event logs..." + } + + Exit 1 +} + +Write-Output "Successfully applied Assigned Access configuration" ``` ---