Android Kiosks in Intune – Part 1
This is a 3-part recipe for making Android Kiosk devices with Intune.
- In the first part, I will explain what a Kiosk device is and give you a list of ingredients you will need to complete this recipe.
- Secondly, I will give you the Intune method of creating a Kiosk profile.
- Finally I will show you how to enroll an Android device into intune using a QR code and show you what it end up looking like.
- Let’s dive into part 1:
But first Coffee. Now let me explain what a “Kiosk” device is. Well suppose you own a coffee shop, and your point of sales (POS) machine is an iPad or an Android Tablet that only runs the POS application so your staff can input orders for barista, tally up bills (checks for the folk in the US) and print out receipts. Try as they might to play Candy Crush, they can’t. The device is locked down to only run that single POS app.
Another example of a kiosk device. If you’ve been to the airport to catch a flight, you might have seen the self service check-in stands? These computers are often no more than a tablet bolted into the stand providing you access to the application which will check you in, maybe scan your passport and print a boarding pass. Again, locked down to a single function, or in some cases multi-functions.
One final example is that courier company that delivers your Organic vegetables to your door – the guys arrives with an Android phone and a stylus. He presents it to you after scanning a barcode with the camera and asks you to “sign” for your delivery. The device also has a GPS sensor and has been tracking the route the driver took to deliver your parcel. All this information is then sent back to the head office or distribution center for analysis. This is another example of a Kiosk device.
Now there are companies out there that specialise in creating these kiosk devices for your company if you are the Coffee shop owner, the Airline company or the Organic Food company, but they require certain hardware and are very expensive.
Microsoft Intune is a cloud service that provides mobile device management, mobile application management, and PC management capabilities. Intune’s mobile productivity management capabilities help organizations provide their employees access to corporate data, applications, and resources, while helping to protect their corporate information. Microsoft Intune is included in Microsoft 365 E3, E5 as well as EM+S E3, E5 or can be bought seperately.
Microsoft Intune Announced support for Android Kiosk Devices in July 2018
Ingredients:
- An Azure tenant with Intune
- An Android device (Android OS version 5.1 and above.)
- A “Managed Google Play Account”
- An Enrollment Profile in Intune
- An Azure AD Security Group Dynamically populated with devices associated with the enrollment profile.
- Microsoft Managed Home Screen Application from the Managed Google Play (Approved)
- QR Scanner (Downloaded automatically. To launch a QR reader on the Android device, tap multiple times on the first screen you see after a wipe)
- Enrollment Profile Token QR code.
- Apps must be approved in the Managed Google Play store
- All apps you want on the device need to be assigned to the device group as well as listed in the Mutli
- App or Apps Approved and Assigned to your device group in Intune. (Single Kiosk or Multi-Kiosk modes)
- Assign the Managed Home Screen App to the Device group. Does not need to be selected in the Kiosk multi mode app list though
Some of these ingredients have you asking questions, like what is a Managed Google Play account? Or what is a Dynamically populated Azure AD group? Well in the next part, I will explain how to create them and hopefully you will understand a little more.
