OneDrive won't sign out users on Android multi-user kiosk mode

Copper Contributor

Hello,

 

We are trying to configure multiple tablets to be used at a multi-user level in kiosk mode. The devices we're working on are running Android 11 and are model SM-T220. We have enrolled these devices with the Corporate-owned dedicated device enrollment profile and have created a specific configuration profile for the tablets' intended use. One issue we are running into is when a user is logged out and another signs in, the old user's OneDrive account continues to stay logged in where it can be accessed when another user signs in. Looking to see how access to other users' OneDrive accounts can be made inaccessible when logged in with another account. 

Thank you,

Jess

12 Replies
Hi,
The same for Microsoft Sharepoint...
Yes, it seems login for OneDrive and SharePoint is tied (when you log into one, it logs you into the other as well), so the issue carries over. We tried looking into device/app configurations but haven't been able to find anything to solve this.

Did you ever find a resolution? I have a ticket open with Unified Support and they were able to replicate the issue on their end. You'd think they'd test their own apps before clearing this out of preview. 

@newnewluna 

We found a workaround by adding links to the browser pages for OneDrive and SharePoint to the home page as the signout for Edge works, but this would require the tablets to always be connected to wifi, which isn't always an option in our case. No workable solution has been found or offered.

Thank you, i'll give that a shot.
Just wanted to give you guys an update. I figured out the issue and got OneDrive to clear. The individual users signing into the kiosk need to be a part of a group that has an app protection policy applied. That's the only way the app configurations get applied. Let me know if that makes sense.

@newnewluna Can you share which setting in "App protection policies" actually signs the user out? Thanks in advance!

It's not that there's an app protection policy that signs the user out. It's that an App Protection Policy needs to be applied to a user, so that the App Configuration sharedDeviceMode = true applies on app configuration you have.

Let me know if you need more information on Shared Device Mode.

@newnewluna In the app configuration policies for android, i do not have an option to set sharedDeviceMode = true. For IOS the option is available (see attached image), however, we are using andriod.

 

If its not to much trouble, can you provide additional information or configuration screenshots

 

Thank you

you have to type it in manually and it works, have you tried? It's case sensitive I believe.

@newnewluna 

Ok. I got it to work. Thanks for your help and time! 


For those who still cant figure it out...see attached screenshots and information below.
I am still testing some of the settings . if you have any recommendations ill take it.


1. One device group assigned to app configuration policy and configuration profiles
2. User group assigned to app protection policies
3. For the app configuration policies -> configuration settings select json and use the below

{
"kind": "androidenterprise#managedConfiguration",
"productId": "app:com.microsoft.skydrive",
"managedProperty": [
{
"key": "sharedDeviceMode",
"valueBool": true
}
]
}

Hello,

I'm trying to do the same thing,Android multi-user kiosk mode. is this still in use on your devices?

OneDirve on multi-session is operationnal ?

Regards,

@khachik1610