Windows 10 Pro Enterprise Education Windows 10 Mobile
Windows 10 Pro Enterprise Education Windows 10 Mobile Enterprise Restrict the device experience for a specific user account to a single universal windows application. Example: • Kiosk type single-function devices Restrict the device experience for one or more functional roles to a curated set of applications and settings. Examples: • Kiosk type single-function devices • Corporate owned lockdown devices for single user • Corporate owned shared devices for multiple users with different roles
Assigned access lets you restrict a specific user account to using only one universal windows app.
high Kiosk app (above lock view) Lock screen app Kiosk app (under lock view) Desktop z order low
• • • Secure Use Provide Manage Add • Test • • Do not MSDN link
Intended for corporate owned task oriented devices Role is a curated lockdown experience Multiple roles can be defined by IT admin Custom login and role switching experience
• • • Start simple Add comments Validate Allow device reset Test
Windows. Embedded. Device. Lockdown APIs Class Method Description Device. Lockdown. Profile Apply. Lockdown. Profile. Async Activates the restrictions associated with the specified user role ID. Get. Current. Lockdown. Profile Gets the user role ID that is currently in use by the device. Get. Lockdown. Profile. Information Gets the information object about a specific user role. Get. Supported. Lockdown. Profiles Gets the list of supported user role IDs. Class Property Description Device. Lockdown. Profile. Information Name Gets the user descriptor string of current profile
protected override void On. Navigated. To(Navigation. Event. Args e) { try { // If the current role is Guid. Empty, then the user is not signed in. Guid current. Role = Device. Lockdown. Profile. Get. Current. Lockdown. Profile(); if (current. Role == Guid. Empty) { Sign. In. Status. Text = "You are not signed in. "; can. Sign. Out = false; } else { Device. Lockdown. Profile. Information current. Profile = Device. Lockdown. Profile. Get. Lockdown. Profile. Information(current. Role); Sign. In. Status. Text = "You are signed in as " + current. Profile. Name; can. Sign. Out = true; } Sign. Out. Button. Is. Enabled = can. Sign. Out; Load. Application. Users(); } catch (System. IO. File. Not. Found. Exception) { root. Page. Notify. User( "Assigned Access is not configured on this device. " , Notify. Type. Error. Message); } }
private void Load. Application. Users() { // Add the available roles. foreach (Guid role. Id in Device. Lockdown. Profile. Get. Supported. Lockdown. Profiles()) { Device. Lockdown. Profile. Information profile = Device. Lockdown. Profile. Get. Lockdown. Profile. Information(role. Id); User. Roles. Items. Add( new List. Box. Item() { Content = profile. Name, Tag = role. Id }); } // If there are roles available, then pre-select the first one and enable the Sign In button. if (User. Roles. Items. Count > 0) { User. Roles. Selected. Index = 0; Sign. In. Button. Is. Enabled = true; } }
private async Task Sign. In. Async() { // Extract the name and role of the item the user selected. List. Box. Item selected. Item = (List. Box. Item)User. Roles. Selected. Item; string selected. Name = (string)selected. Item. Content; Guid selected. Role = (Guid)selected. Item. Tag; // Note that successfully applying the profile will result in the termination of all running apps, including this sample. await Device. Lockdown. Profile. Apply. Lockdown. Profile. Async(selected. Role); }
private async Task Sign. Out. Async() { // Apply the Default role, which is represented by Guid. Empty. // The Default role is the one that is used when nobody is signed in. // Note that successfully applying the profile will result in the termination of all running apps, including this sample. await Device. Lockdown. Profile. Apply. Lockdown. Profile. Async(Guid. Empty); }
<? xml version="1. 0" encoding="utf-8"? > <Package xmlns="http: //schemas. microsoft. com/appx/manifest/foundation/windows 10 " xmlns: mp="http: //schemas. microsoft. com/appx/2014/phone/manifest " xmlns: uap="http: //schemas. microsoft. com/appx/manifest/uap/windows 10 " xmlns: rescap="http: //schemas. microsoft. com/appx/manifest/foundation/windows 10/restrictedcapabilities " Ignorable. Namespaces="uap mp rescap">. . . <Dependencies> <Target. Device. Family Name="Windows. Mobile" Min. Version="10. 0. 10240. 0" Max. Version. Tested="10. 0. 10586. 0" /> </Dependencies>. . . <Capabilities> <rescap: Capability Name="enterprise. Device. Lockdown" /> </Capabilities> </Package>
Set up a kiosk on Windows 10 Pro, Enterprise, or Education Kiosk apps for assigned access: Best practices Configure Windows 10 Mobile using Lockdown XML Set up a kiosk on Windows 10 Mobile or Windows 10 Mobile Enterprise Windows. Embedded. Device. Lockdown namespace Github - Device lockdown with Azure login sample Enterprise. Assigned. Access CSP Channel 9 Microsoft Virtual Academy
- Slides: 23