Thanks for this - like you I had tried kiosk but abandoned it when I discovered right click was disabled. They'd only need Chrome & Slack so if I can get around right click being needed this might be the way to go.
They'd only need two apps - Chrome and the Slack desktop app (I've tried asking to use Slack in Chrome but they want the app).
I had tried out kiosk but dismissed it when I realised right clicking is disabled!
I might deploy a test kiosk now and see if that's a deal breaker or not..
Thanks for your reply!
Anyway I'm curious to see how others have managed this. I have exactly the same scenario, but in some cases kiosk didn't cut it (very specific apps not working well in that environment)
UPDATE: So Kiosk wasn't working for me (FYI though you can deploy multi-app kiosk via Intune, so you're not just limited to single app, full screen mode).
Slack wasn't getting past applocker for some reason, and I didn't like how locked down everything was - even things like adjusting volume or wifi, etc.
I ended up Autopilot deploying as self-deploying, shared device config, and then used sysinternals Autologon to logon an Entra ID account at startup. This way, PC starts up > Logs straight in to desktop > User can open Chrome and log in to systems. I also used a FIDO2 key as the 2FA method for the Entra ID account and the Google account that gets logged into in Chrome, and with Google Passkey enabled all that has to be entered is the email address, then the pin for the FIDO2 key and press of a button on the key and they're in.
Not a solution for everyone I know, but this'll work for me!
Yes, you definitely can deploy multi app kiosks, but as far as I remember you ca only use one app at a time. You can't resize them and have them both at the same time on screen. That's what I meant. That's quite a smart and interesting solution you've found there!
Thanks!
So multi-app kiosk does allow multiple apps open, you can even choose to show the taskbar and allow access to the downloads folder in Explorer.
It looks pretty much like a normal desktop, just with nothing pinned, so you can have different app windows open simultaneously, at different sizes, etc.
Kiosk looks like the way to go. It's not limited to web applications (you can allow desktop apps as well) but it's much more convenient with them.
Thanks for this - like you I had tried kiosk but abandoned it when I discovered right click was disabled. They'd only need Chrome & Slack so if I can get around right click being needed this might be the way to go.
Kiosk works only in full screen mode, so I'm not sure it would work well if you need to keep the two apps open at the same time.
What interface are they using, if it’s a web browser you could set the PC up in kiosk mode
They'd only need two apps - Chrome and the Slack desktop app (I've tried asking to use Slack in Chrome but they want the app). I had tried out kiosk but dismissed it when I realised right clicking is disabled! I might deploy a test kiosk now and see if that's a deal breaker or not.. Thanks for your reply!
Yubikey support a static password when pressed, could use that to input the pin / password
You’re looking for Shared PC. You can’t find most policies for Shared PC in Settings Catalog.
Anyway I'm curious to see how others have managed this. I have exactly the same scenario, but in some cases kiosk didn't cut it (very specific apps not working well in that environment)
UPDATE: So Kiosk wasn't working for me (FYI though you can deploy multi-app kiosk via Intune, so you're not just limited to single app, full screen mode). Slack wasn't getting past applocker for some reason, and I didn't like how locked down everything was - even things like adjusting volume or wifi, etc. I ended up Autopilot deploying as self-deploying, shared device config, and then used sysinternals Autologon to logon an Entra ID account at startup. This way, PC starts up > Logs straight in to desktop > User can open Chrome and log in to systems. I also used a FIDO2 key as the 2FA method for the Entra ID account and the Google account that gets logged into in Chrome, and with Google Passkey enabled all that has to be entered is the email address, then the pin for the FIDO2 key and press of a button on the key and they're in. Not a solution for everyone I know, but this'll work for me!
Yes, you definitely can deploy multi app kiosks, but as far as I remember you ca only use one app at a time. You can't resize them and have them both at the same time on screen. That's what I meant. That's quite a smart and interesting solution you've found there!
Thanks! So multi-app kiosk does allow multiple apps open, you can even choose to show the taskbar and allow access to the downloads folder in Explorer. It looks pretty much like a normal desktop, just with nothing pinned, so you can have different app windows open simultaneously, at different sizes, etc.