Nov 29 2018 09:32 PM - edited Nov 29 2018 09:36 PM
Hi everyone,
I'm not sure if I'm missing something here and please correct me if what I'm doing is not possible or by design.
I'm setting up an Android tablet for single application use in Kiosk mode. I'm using a QR code to enrol the device and get it configured. Everything is working perfectly *except* no device password is being applied and I can specifically see the password policies failing to apply.
I've configured the device password in the same policy that deploys the single use app. So... Device Configuration -> Profiles -> Platform = Android Enterprise, Profile Type = Device Restrictions (Device Owner). I've enforced to at least use a numeric pin, minimum lenght = 4, Keyguard = Not configured.
My question ultimately is ..... is it possible to configure a device/screen lock password/pin on a kiosk device? My use case here is the device is for single app use, by a trusted person. The person will know the pin to unlock the device, but the device does not have any other purpose than running this one application, and the device should not be used for anything else other than running this one application.
I can see all the settings I've configured applying successfully, except the device password ones.
Any advise on if this is possible and if so, where I can start troubleshooting?
Dec 03 2018 05:33 AM
SolutionThis is by design in Android Enterprise - Dedicated Devices (Kiosk) mode. You can configure the PIN/password via compliance or configuration policy but it doesn't get enforced as there is no Company Portal on the device in this scenario. The solution is to include in your documentation and processes that the owner/technician sets up a PIN after device is setup.
Dec 03 2018 08:12 PM
Thank you very much for replying Shuchi. This is good to know.
Mar 01 2019 04:14 AM
Aug 07 2019 03:22 AM
Aug 14 2019 04:27 PM
@Durrante I would expect it to work in that scenario. Forcing a PIN complexity is a very big deal for user assigned devices.
Aug 15 2019 05:50 AM
If you use a 3rd party app to set a PIN, the policies to indeed get enforced - you just need to get the initial PIN there.
We wrote our own little app to do this function and is pushed down to the clients as part of the profile.
Aug 15 2019 05:59 AM
@Brett James , so there's no way of setting a pin requirement via Intune natively?
Oct 22 2019 08:56 AM
@Noel FaircloughAnd @microsoft
I am in a "worst case scenario" with passcode forcing:
Quite a few lessons learned there, but no way to get my device back for know while I have global admin on our tenant.... Any help welcomed.
Jul 22 2020 04:23 PM
Sep 17 2020 04:15 AM - edited Sep 17 2020 04:16 AM
@Shuchi Mehta How does one set up PIN on device after device setup? (kiosk)
Sep 17 2020 04:23 AM
@Eaglebeek76 In my use case, I have the policy configured to Exit Kiosk Mode with a PIN. So, once you exit Kiosk Mode (by pressing back button on screen multiple times) you can get to the settings app on device and then Set the screen lock as PIN.
Sep 17 2020 04:30 AM
@Shuchi Mehta Before I try this, how does one reenter kiosk mode?
Sep 17 2020 04:35 AM
@Eaglebeek76 you would swipe up (or go to apps) and search for Managed Home screen app. Once you click on that it takes you back to the Kiosk Mode/screen.
Dec 03 2018 05:33 AM
SolutionThis is by design in Android Enterprise - Dedicated Devices (Kiosk) mode. You can configure the PIN/password via compliance or configuration policy but it doesn't get enforced as there is no Company Portal on the device in this scenario. The solution is to include in your documentation and processes that the owner/technician sets up a PIN after device is setup.