deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-28 13:17:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/configuration/shell-launcher/configure.md
Paolo Matarazzo 4d1b2a34ac updates
2025-02-27 07:16:39 -05:00

3.7 KiB
Raw Blame History

title, description, ms.date, ms.topic
title description ms.date ms.topic
Configure a kiosk with Shell Launcher Learn how to configure a Windows kiosk with Shell Launcher. 10/31/2024 overview

Configure a kiosk with Shell Launcher

The configuration of Shell Launcher is done using an XML file. The XML file is applied to the device via the Assigned Access CSP, using one of the following options:

  • A Mobile Device Management (MDM) solution, like Microsoft Intune
  • Provisioning packages
  • The MDM Bridge WMI Provider

To learn how to configure the Shell Launcher XML file, see Create a Shell Launcher configuration file.

[!INCLUDE tab-intro]

:::image type="icon" source="../images/icons/intune.svg"::: Intune/CSP

You can configure devices using a custom policy with the AssignedAccess CSP.

  • Setting: ./Vendor/MSFT/AssignedAccess/ShellLauncher
  • Value: content of the XML configuration file

Assign the policy to a group that contains as members the devices that you want to configure.

:::image type="icon" source="../images/icons/provisioning-package.svg"::: PPKG

[!INCLUDE provisioning-package-1]

  • Path: SMISettings/ShellLauncher
  • Value: depends on specific settings

[!INCLUDE provisioning-package-2]

:::image type="icon" source="../images/icons/powershell.svg"::: PowerShell

[!INCLUDE powershell-wmi-bridge-1]

$shellLauncherConfiguration = @"

# content of the XML configuration file

"@

$namespaceName="root\cimv2\mdm\dmmap"
$className="MDM_AssignedAccess"
$obj = Get-CimInstance -Namespace $namespaceName -ClassName $className
$obj.ShellLauncher = [System.Net.WebUtility]::HtmlEncode($shellLauncherConfiguration)
$obj = Set-CimInstance -CimInstance $obj -ErrorVariable cimSetError -ErrorAction SilentlyContinue
if($cimSetError) {
    Write-Output "An ERROR occurred. Displaying error record and attempting to retrieve error logs...`n"
    Write-Error -ErrorRecord $cimSetError[0]

    $timeout = New-TimeSpan -Seconds 30
    $stopwatch = [System.Diagnostics.Stopwatch]::StartNew()
    $eventLogFilterHashTable = @{ LogName='Microsoft-Windows-AssignedAccess/Admin' }
    do{
        $events = Get-WinEvent -FilterHashtable $eventLogFilterHashTable -ErrorAction Ignore
    } until ($events.Count -or $stopwatch.Elapsed -gt $timeout) # wait for the log to be available

    if($events.Count) {
        $events | ForEach-Object {
            Write-Output "$($_.TimeCreated) [$($_.LevelDisplayName.ToUpper())] $($_.Message -replace "`n|`r")"
        }
    } else {
        Write-Warning "Timed-out attempting to retrieve event logs..."
    }

    Exit 1
}

Write-Output "Successfully applied Shell Launcher configuration"

[!INCLUDE powershell-wmi-bridge-2]

Tip

For practical examples, see the Quickstart: configure a kiosk experience with Shell Launcher.

User experience

After the settings are applied, the users that are configured to use Shell Launcher will execute the custom shell after sign-in.

Depending on your configuration, you can have a user to automatically sign in to the device.

Next steps

[!div class="nextstepaction"] Learn how to configure the Shell Launcher XML file:

Create a Shell Launcher configuration file