How to Configure Multi-user profile settings in SureLock with Azure AD?

A multi-user profile in SureLock offers a facility of using a single device by multiple users which results in flexibility and cost reduction. 42Gears now offers a Multi-User Profile Settingswith Azure AD on the SureLock Kiosk Lockdown. This results in a single configured device that can be used by multiple users at different times. Each user will have unique login access to the device and will be able to access only assigned applications and device settings. Each profile will be governed by pre-defined admin settings policies for easier management.

The admin can follow the below steps to configure Multi-User Profile in SureLock with Azure AD.

1. Install and launch SureLock (minimum version requirement is v21.11.55)
2. Tap 5 times on the screen and enter the password to access the SureLock Admin settings.

Multi-User Profile Settings

1. Go to the SureLock Settings and navigate to Multi-User Profile Settings option
2. Enable the option Multi-User Profile and tap on Server Configuration
3. In the Server Configurations, select Azure AD as the server from the drop-down menu
   Note: The admin needs to have an active Azure account with users created.
4. Further, the admin needs to input the Client ID and Tenant ID (fetched from the Azure AD portal) in the designated fields on the device and the corresponding Profile Meta Tag should also be entered.
5. Once all the required data is entered click on the Validate button.
6. Further, it will prompt the user to enter the Azure login credentials and gives an Authentication Successful message upon entering the valid credentials.
   Note: If the credentials are wrong, it shows an Authentication failed message.
7. Now, click on Save.

 Profile Management

1. Click on Profile Management and create a Profile with the name corresponding to the Meta Tag Value.
2. Further, click on Add button to add the desired applications and settings to the profile.
   Note: If the corresponding profile is not created, the default profile should be launched.

3. Now, click on Done to go back to the SureLock Homescreen.
4. Tap on the LAUNCH button to login and enter the Azure AD credentials
5. A profile corresponding to the Meta Tag value will get launched
6. The user can log out by clicking the back button from the home screen.

Notes:

1. The user needs to enter the credentials every time he taps on the Launch button to Sign In.
2. Users can make use of the Microsoft Authenticator application, by enabling Login via Authenticator App and also make use of the Single Sign-on feature.
3. If the meta tag and values do not match the console, then the default profile will be launched upon logging in.