Amazon AWS WorkSpaces Kiosk Mode
So recently I have been working on a solution for creating a way for some of our users during a POC to access AWS WorkSpaces with some HP T520 thin clients of which can run Windows 10 IOT, of which is a post in itself but I know this may well be more useful to people even doing this with traditional PCs and Windows 10. I am not going to cover launching this application in start up etc or via GPO as again I may do this in the other post but I found quite quickly that I couldn’t get the client to persist in full screen. So first I headed to Google and the AWS documentation and there was nothing at the time of writing this
I found this quite shocking so the engineer in me came out and so did my managers, quite quickly we found /fullscreen didn’t work and I thought hang on they love their APIs I wonder if -fullscreen works… Guess what its does! This is a great way to force it each time even if the user switches out especially on the thin clients with the write filters. There also appears to be another large list of switches of which I don’t have them all working but it does appear SSO might be on its way and forcing/passing through user credentials could be useful in some cases. If anyone gets these working do let me know!
I have done a video of this too and hope to keep working on an exportable GPO or PowerShell cmdlet that can turn old clients into Kiosks
6 Comments
Shabaz Darr
Hi,
did you ever post regarding setting up kiosk mode for AWS Workspaces? I have a requirement to setup kiosk mode on Windows 10 client devices who want to by pass the Windows login so it launches the Workspace client and asks them to login directly to that. Would appreciate any advice?
Shabaz Darr
Not sure my last comment was published….Did you have any joy getting AWS Workspaces to work in Kiosk mode? We have Windows 10 client devices and need them to run in Kiosk mode where Workspaces is the only app they can use?
Gareth
Hi Shabaz,
We have put this project on hold at the moment but I did demo this internally with Windows IOT on a thin client but if you are using Windows Windows 10 Enterprise, Education, and Pro have a look at the guide below
https://docs.microsoft.com/en-us/windows-hardware/customize/enterprise/create-a-kiosk-image#shell-launcher
The HP client had a nice tool but there is nothing stopping you using lock down mode and then getting the user to log in there. The good thing with lockdown is it means if machine reboots it goes back to the state the admin rolled it out in
Another way you can do it is via GPO like this
https://docs.microsoft.com/en-us/windows/configuration/kiosk-single-app
Shabaz Darr
Thanks for the reply Gareth and information. I already read the links you suggested and although they were some help I am still missing something.
Basically I’ve got auto login working with it launching the AWS Workspace App automatically, however I am struggling to lock down the rest of the OS. I am looking for a thin client sort of experience
Gareth
Hi Shabaz,
Maybe an easier option is using assigned access as a quick win. This will only ever let that app run
https://www.howtogeek.com/173562/how-to-easily-put-a-windows-pc-into-kiosk-mode-with-assigned-access/
This bit of software looks similar to what we have done with the HP bundled app https://www.mirabyte.com/en/products/frontface-lockdown-tool/ maybe worth testing that out on a virtual machine
Shabaz Darr
Just a further update on this I have managed to get the Windows 10 OS fully locked down now with it auto logging in and launching the Workspaces Application! Just basically went through Group Policy and used that to lock everything down.
Thanks again for your advice and feedback, was very much appreciated and helpful