Configuring Global Kiosk Settings
The Configuration page lets you configure global settings for MetaDefender Kiosk.
Protect closing the Kiosk
It is highly recommended to set exit credentials to protect the Kiosk scanning User Interface from being closed by users.
Two options exist to protect exiting the Kiosk UI:
Exit password
Select this options to require users to enter a password when exiting the Kiosk. After selecting this checkbox, two fields appear: New password and Confirm password.
Kiosk Administrator's credentials
Select this option to allow AD users, that are assigned as administrative users of the Management Console, to close the Kiosk UI. Upon attempting to close the UI, a prompt will be displayed to enter AD credentials.
Configuring session log files
You can save session log files as a text or PDF file, and choose to save log files to a specific location on the system or to the processed media. By default, MetaDefender Kiosk saves session log files to the Log folder in the MetaDefender Kiosk installation directory.
To save session log files:
Select the Save as Text File or Save as PDF radio button, depending on the output type of the session log files you prefer.
Select the destination to save the session logs
- By default, Kiosk will automatically save the session logs to the local Kiosk's log folder. The admin can change to a different location by providing Directory Path
- In addition, the admin can also configure to save session logs to Source Media and Destination Media
Display the MetaDefender URL used in the session log allows for the MetaDefender URL, that was used for the session, to be displayed in the log file. This is useful when configuring a backup Core server and determining which server was used for a particular session.
Note: The save options are independent from each other. You can save session logs locally and/or save it to the processed media or disable session log files altogether.
Auto Export Logs
The session and/or file history can be configured to be automatically exported to a specified directory path in CSV format. By default, the history will be exported to the Kiosk's log directory. The frequency dictates how often the automatic export will run.
Setting advanced configuration options
You can set advanced configuration options by expanding the Advanced Configuration section of the Configuration page.
Allow preloading of passwords for encrypted files
This allows users to provide passwords of encrypted archives before scanning. The Kiosk application detects encrypted files and asks users to provide passwords in advance so that the scanning can proceed without waiting for user input.
Email Settings
The admin can configure SMTP server to support for email sending at session termination. It's advised to use SMTP mail server, not relay. The username and password are authenticated to login to mail server. Any sender configured to appear as a From field in the email header must be an email address that the username has permission to send as. See Email Session Report or Visitor Management for email header settings
To configure oAuth email authentication with Microsoft 365 (Graph API), please refer to this guide.
The admin can verify if the email configuration is correct by providing existing email addresses as [From Address] and [To Address] and proceeding SEND. [From Address] must be an email that the username has permission to send as.
Email Template
The email template allows Kiosk admin to prepare common email content in HTML format. It will apply for email part in the workflow creation. This template aims to email signature with a company logo. The logo attached in the template should be a low resolution not exceeding 100KB and only one.
The email template does not apply for testing email.
Disk Image Files
The administrator can configure Kiosk to scan 3 types of disk images:
- Virtual Hard Disks refer .VHD or .VHDX files
- Virtual Machines refer .VMDK files
- Arcronis Disk backups refers to .TIB or .TIBX files. The path of the Acronis executable is necessary. For example: C:\Program Files\Acronis\CommandLineTool\acrocmd.exe
Contents within a disk backup created by Acronis can be processed when Acronis backup software is installed on the system.
When enabling Kiosk to process the contents in a backup, the path to the Acronis command line executable must be provided (e.g. C:\Program Files\Acronis\CommandLineTool\acrocmd.exe).
This will allow the disk backup to be mounted to the system for Kiosk to access.
The disk backup will be unmounted once the Kiosk session is finished.
See Configuration Field Descriptions and Default Settings for more details about the options.
Multiple Partitions
| Option | Single Windows Partition | Only Windows Partitions | Mixed Windows and Non Windows Partitions | Only Mac / Linux Partitions |
|---|---|---|---|---|
| Block all media with multiple partitions | SCAN ONE | BLOCKED | BLOCKED | BLOCKED |
| Process files on all accessible partitions | SCAN ALL | SCAN ALL | SCAN ALL | SCAN ALL |
The SCAN ALL action will mount every partition it can successfully mount. All partitions will be scanned by "Process All." The file browser will have the ability to select files on any partition.
Managing the display language
You can also change the default language displayed in MetaDefender Kiosk from the Choose Language drop-down menu. Options include English, Arabic, Hebrew, Korean, Vietnamese, German, Japanese, Spanish and French . If you wish to add a language to the MetaDefender Kiosk UI or edit the translations of any of the existing languages, click View and edit languages .
Pop Up Detection
Enabling pop up detection will allow Kiosk to detect any windows/pop ups open on the underlying desktop and notify the user. Any pop up that triggers the detection will be logged to the Application Log on the WebMC, along with the process that owns it. Time Open Threshold indicates how long a pop should be open until Kiosk notifies that a pop up needs attention. Process Allowlist specifies any process whose pop ups will be ignored from triggering the detection. Notification Action indicates what action Kiosk will take to notify the user:
- Display warning - a warning will be displayed indicating that there is a pop up that requires attention
- Display warning and disable Kiosk - warning displayed with the addition of canceling any running session and disallowing any new session to be started until the Administrator attends to the pop up. This requires closing the UI, handling the pop up and starting Kiosk again.
Screensaver
Kiosk screensaver helps protect the LCD lifetime or to play company introduction video or ads. Kiosk disables Windows system screensaver and support an alternative in the settings. By default, a built-in screensaver is selected. The admin can select desired video or image from an URL or local sources.
To change the screensaver settings, navigate to Configuration, select Kiosk UI, expand Customize Theme. Select the source of the screensaver video or image
- Browse file: Click on the clip icon to select and upload a local media file to use as screensaver
- Use URL: Provide the URL links to the media files. Kiosk must have permissions to access and play the media file.
- Disable screensaver while processing files: When enabled, Kiosk will not play screensaver at the file scanning and scan result screens.
Supported media types:
- Video: MP4, 3GP, MKV, MOV, OGV, MPEG-4, WebM
- Image: JPG, PNG, ICO, GIF, SVG, WEBP
This list is fully supported when uploading with Google Chrome browser, other browsers can make some of the media types cannot be previewed.
If the video or URL is invalid, the default will be played instead.
In OCM mode, [Browse file] is disabled.
Starting from version 4.6.1, the customized screensaver can be retained during the upgrading process.
If Self Scan is triggered while the screen saver is active, the screen saver remains running.