Forum Discussion

FloMarks's avatar
FloMarks
Copper Contributor
Apr 13, 2022

Intune doesn't show sync when uses kiosk autostart profile

Goal  We want to use Intune MDM to create kiosk devices with multiple applications. To set up the devices, we use Autopilot with a SelfDeployment profile. The device will be assigned a Kiosk profile...
Intune
Kiosk
Mobile Device Management (MDM)
Synchronize
nhtkid's avatar
nhtkid
Iron Contributor
Interesting.
We run the Zoom Rooms on W10 with Self Deploying enrollment profile and kiosk profile (with default kioskuser0 user only).

We don't have such a problem you described. And we often push out app updates.

Are you doing W32 apps or LOB with MSI?
FloMarks's avatar
FloMarks
Copper Contributor
Apr 13, 2022

Thanks for the answer.

We use Win32 apps the most. So you only use the local kiosk user and don't have a primary user or another account on the device which can trigger the sync?

 

We get the following error every time we sync on such autostart kiosk devices:

 

Failed to get AAD token. len = 34 using client id fc0f3af4-6835-4174-b806-f7db311fd2f3 and resource id 26a4ae64-5862-427f-a9b0-044e62572a4f, errorCode = 3399548929]LOG]!><time="14:43:11.1117969" date="4-7-2022" component="IntuneManagementExtension" context="" type="1" thread="20" file="">
<![LOG[Need user interaction to continue.]LOG]!><time="14:43:11.1117969" date="4-7-2022" component="IntuneManagementExtension" context="" type="1" thread="20" file="">
<![LOG[AAD User check is failed, exception is Intune Management Extension Error.
Exception: Microsoft.Management.Services.IntuneWindowsAgent.AgentCommon.TokenAquireException: Attempt to get token, but failed.

 

nhtkid 

  • nhtkid's avatar
    nhtkid
    Iron Contributor
    Apr 14, 2022
    Interesting! why you are getting AAD user error? How did you configure your kiosk profile?

    We only utilize the default kiosk user. We select "Auto logon" as the log-on type under the kiosk profile, not the local user, not the AAD user.

    And all assignments should go to the device groups.
    • FloMarks's avatar
      FloMarks
      Copper Contributor
      Apr 14, 2022

      nhtkid 

      Mr_Helaas 

      Thanks for the answers!

       

      All our configuration profiles, apps and scripts are assigned to devices and not to users.

      This is our kiosk profile with the autologon function:

      <?xml version="1.0" encoding="utf-8" ?>
<AssignedAccessConfiguration
    xmlns="http://schemas.microsoft.com/AssignedAccess/2017/config"
    xmlns:rs5="http://schemas.microsoft.com/AssignedAccess/201810/config"
	>
	<Profiles>
		<Profile Id="{9A2A490F-10F6-4764-974A-43B19E722C23}">
			<AllAppsList>
				<AllowedApps>
					<App DesktopAppPath="%ProgramFiles(x86)%\Microsoft\Edge\Aplication\msedge.EXE" />
					<App DesktopAppPath="%ProgramFiles(x86)%\TeamViewer\TeamViewer.EXE" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\CDViewer.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\concentr.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\cpviewer.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\Ctx64Injector64.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\CtxBrowserInt.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\CtxCFRUI.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\CtxTwnPA.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\HdxBrowser.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\HdxRtcEngine.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\icaconf.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\migrateN.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\NMHost.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\pcl2bmp.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\PdfPrintHelper.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\RawPrintHelper.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\redirector.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\SetIntegrityLevel.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\ssonsvr.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\WebHelper.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\wfcrun32.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\wfcwow64.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\wfica32.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\XpsNativePrintHelper.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\XPSPrintHelper.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\AuthManager\AuthManSvr.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\AuthManager\PrimaryAuthModule.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\AuthManager\storebrowse.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\Browser\Browser.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\Browser\CtxWebBrowser.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\Browser\HdxBrowserCef.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\Citrix Screen Casting for Windows\WinDocker.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\CitrixBrowser\CitrixBrowser.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\CitrixBrowser\CitrixBrowser_proxy.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\CitrixBrowser\native_bridge.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\CitrixBrowser\92.1.1.33\chrome_pwa_launcher.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\CitrixBrowser\92.1.1.33\notification_helper.exe.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\Drivers64\usbinst.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\Receiver\Ceip.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\Receiver\CitrixReceiverUpdater.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\Receiver\ConfigurationWizard.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\Receiver\PrefPanel.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\Receiver\Receiver.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\Receiver\SRProxy.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\Receiver\UpdaterService.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\Receiver\FeatureFlag\CWAFeatureFlagUpdater.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\Receiver\CrashReporting\crashpad_handler.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\Receiver\DiagnosticTools\CdfCollector.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\Receiver\DiagnosticTools\DiagnosticTool.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\SelfServicePlugin\CemAutoEnrollHelper.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\SelfServicePlugin\CleanUp.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\SelfServicePlugin\NPSPrompt.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\SelfServicePlugin\SelfService.exe" rs5:AutoLaunch="true" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\SelfServicePlugin\SelfServiceUninstaller.exe" />
					<App DesktopAppPath="%ProgramFiles(x86)%\Citrix\ICA Client\x64\ssoncom.exe" />
				</AllowedApps>
			</AllAppsList>
			<StartLayout>
                <![CDATA[<LayoutModificationTemplate xmlns:defaultlayout="http://schemas.microsoft.com/Start/2014/FullDefaultLayout" xmlns:start="http://schemas.microsoft.com/Start/2014/StartLayout" Version="1" xmlns="http://schemas.microsoft.com/Start/2014/LayoutModification">
                      <LayoutOptions StartTileGroupCellWidth="6" />
                      <DefaultLayoutOverride>
                        <StartLayoutCollection>
                          <defaultlayout:StartLayout GroupCellWidth="6">
                          	<start:Group Name="">
                          		<start:DesktopApplicationTile Size="2x2" Column="0" Row="0" DesktopApplicationLinkPath="%AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk" />
                          		<start:DesktopApplicationTile Size="2x2" Column="2" Row="0" DesktopApplicationLinkPath="%AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Citrix Workspace.lnk" />
                          		<start:DesktopApplicationTile Size="2x2" Column="4" Row="0" DesktopApplicationLinkPath="%AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk" />
                          	</start:Group>
                          </defaultlayout:StartLayout>
                        </StartLayoutCollection>
                      </DefaultLayoutOverride>
                    </LayoutModificationTemplate>
                ]]>
            </StartLayout>
            <Taskbar ShowTaskbar="true"/>
        </Profile>
    </Profiles>
    <Configs>
    	<Config>
 <AutoLogonAccount rs5:DisplayName="Kiosk"/>
            <DefaultProfile Id="{9A2A490F-10F6-4764-974A-43B19E722C23}"/>
    	</Config>
    </Configs>
</AssignedAccessConfiguration>

       

      • nhtkid's avatar
        nhtkid
        Iron Contributor
        Apr 20, 2022
        Looks similar to ours.

        We are also running Multi-App Kiosk mode with the Auto Logon, which just uses the default Kiosk user.

Resources