Windows Lockdown/ Kiosk

Content

  • Introduction

  • Kiosk Setting

  • User Setting

Introduction

Windows Lockdown/ Kiosk is a standalone tool for device management. Based on the standard client PC’s Kiosk configuration functions.

Note: Internet Explorer will go out of support on Windows 10. Please see more detail information of the Microsoft Website. We recommend you transition to Microsoft Edge, and also we demo is using it.

Runtime requirements

  • Microsoft Windows 10 LTSC x64 asks for at least 4GB of RAM

Client Device tool Lite Revision History

DeviceChecking

Create User and login

After Kiosk service is running, click DeviceChecking icon on desktop, it should automatically jump to the user creation page to open a browser and go tolocalhost:9033/admin/login.

Login: Input Username: admin, Password: admin, click Sign in to login WindowsLockdown / Kiosk.

Kiosk Setting

Kiosk uses the assigned access feature to run a single APP above the lock screen. When the kiosk account signs in, the APP is launched automatically.

Kiosk Mode

  • Shell Launcher

(1) UAC is enabled by default and please turn on Custom Shell manually.

(2) Select User: admin. In Application mode, explorer.exe is the Windows Program Manager and runs in the background of Windows 10 at all times.

(3) User to select option in dropdown list. MS Edge and MS IE shall runs URL program.

(3) Enable/ Disable UAC, please refer below Link: https://articulate.com/support/article/how-to-turn-user-account-control-on-or-off-in-windows-10

Table 1

  • Logon

(1) Fill in User name and Password, and then Save. The system shall automatically log on after next reboot.

(2) Domain: need setup a Active Directory Domain Services. Example as below that setup few simple steps to add client PC to AD DA.

Table 2

  • Boot Option

(1) Log on customization:

Table 3

First logon animation is enabled

Auto logo UI is enabled

Blocked shutdown resolver (BSDR) is enabled

Note: If your PC is running faster or no more apps are running, you cannot see as below pop-up window.

(2) Ctrl + Alt + Del Screen Option

Table 4

Notice:

Change a password, Administrator allow users to change their password.

1. To enable Kiosk mode, the Change a password function automatically disabled. User hit the key combination Ctrl + Alt + Del, the Change a password should always be displayed on the screen but function does not work.

2. To disable Kiosk mode, the Change a password function automatically enabled. User can change their password.

General Settings

  • General

  • Notification

Turn on Open Action Center and Open Notification, Save and reboot the system manually. Enter the desktop and wait few second for EdgeX APP is running. Sliding your finger in from the right side of screen. You can see as below photo that Action Center and Notification function is available.

Table 5

  • USB Storage Control Turn on/ off below function, and then reboot the system manually. The following three options are available.

Table 6

Keyboard

Enable the touch keyboard and no USB keyboard attached, make sure the virtual keyboard works find before you use our utility.

  • Virtual Keyboard

  • Keyboard Filter

Open DeviceChecking > Kiosk Setting > Keyboard, Predefined keys should appear.

Table 7

Note: Keyboard Scan Code Table - Microsoft

https://download.microsoft.com/download/1/6/1/161ba512-40e2-4cc9-843a-923143f3456c/scancode.doc

Unified Write Filter

Unified write filter (UWF), please refer to the link below: http://woshub.com/using-unified-write-filter-uwf-windows-10/

Note: Please disabled UWF first when you need to try other functions.

  1. Click Advanced Settings button to setup Overlay Setting, File Exclustion, and Registry Exclusion. Please refer to the link below: https://learn.microsoft.com/en-us/windows-hardware/customize/enterprise/uwfoverlay

2. Example: set Disk overlay size is 2048 MB.

3. You can check the UWF status using this command: uwfmgr.exe get-config.

4. Setup File Exclusion, when a file or folder is in the exclusion list for a volume, all writes to that file or folder bypass UWF filtering.

5. Registry Exclusion supports below list for a volume, excluding a registry key from filtering also excludes all subkeys from filtering.

6. After setup "Advanced Settings". To enable Disk Protection disk.

7. Turn on Enable Disk Write Filter, then click Save button

8. Reboot your device.

Table 8

App Locker

App Locker, please refer to the link below: Working with AppLocker rules (Windows) - Windows security | Microsoft Learn

  1. Click App Locker button to enable this function.

  2. AppLocker helps you control which apps users can run.

Table 9

User Setting

Admin

Click User Setting > Alarm Setting > Admin. Edit Name, Nickname, and Password.

PreviousDevice Diagnostic DashboardNextRetail System Manager

Last updated