8.3. Configuring Global Kiosk Settings

The Configuration page lets you configure global settings for MetaDefender Kiosk.


Setting an exit password

Select the Exit Password checkbox to require users to enter a password when exiting MetaDefender Kiosk.
After selecting this checkbox, two fields appear: New password and Confirm password .

Configuring session log files

You can save session log files as a text or PDF file, and choose to save log files to a specific location on the system or to the processed media.
By default, MetaDefender Kiosk saves session log files to the Log folder in the MetaDefender Kiosk installation directory.


To save session log files:

  1. To save session log files to the local system, select the Save session log file to local system checkbox. Note: This checkbox is selected by default. To disable this feature, deselect this checkbox.

    1. To have the session log files save to the Log folder in the in the MetaDefender Kiosk installation directory, do nothing.

    2. To enter a specific location other than the Log folder, enter the path of the folder in the text box provided.

  2. To save session log files to the media being processed, select the Save session log file to processed media checkbox. This setting will not apply to read-only media, such as CDs or DVDs.

  3. Select the Save as Text File or Save as PDF radio button, depending on the output type of the session log files you prefer.

  4. Display the MetaDefender URL used in the session log allows for the MetaDefender URL, that was used for the session, to be displayed in the log file. This is useful when configuring a backup Core server and determining which server was used for a particular session.

Note: The save options are independent from each other. You can save session logs locally and/or save it to the processed media or disable session log files altogether.

Auto Export Logs

The session and/or file history can be configured to be automatically exported to a specified directory path in CSV format.
By default, the history will be exported to the Kiosk's log directory.
The frequency dictates how often the automatic export will run.

Enabling user authentication

To configure user authentication, click the View and configure user authentication link on the page.
Select the checkbox to enable user authentication.

If you enable user authentication, you can choose between using the default MetaDefender Kiosk authentication or using a custom authentication module that has been installed on that MetaDefender Kiosk.
For more information, see 11.1. Custom Authentication Module.
If you are using the default MetaDefender Kiosk authentication you can choose between authenticating against the local Active Directory (Windows user login), remote Active Directory servers, or not enabling authenticated login.


Windows user login

If Windows user login is enabled, you can choose whether to restrict the users by domain.
If selected, only users on the same domain as the system are allowed to use MetaDefender Kiosk.
If this is not selected, users will be able to enter authentication information for users on any domain as well as local system users.


Remote Active Directory

If Remote Active Directory authentication is enabled, the address of the remote Active Directory server, as well as user credentials to authenticate against the server are required.
These credentials will be used to retrieve the list of users from the remote AD server for the purposes of assigning users to specific workflows.


Multiple Active Directories can be configured.
Click "New Server" to add a server to the list and "Delete server" on the right hand side to delete the specific entry.
The "Status" indicator will show in real time whether Kiosk is able to connect to the AD server.
For "Server address", input can either be the IP or DNS name of the AD server; "<ip or dns name>:<port>".
The default port 389 (636 if SSL is enabled) will be used if one is not supplied.

Once SSL enabled, the server address should be in FQDN (Full Qualified Domain Name) format, for example:


Setting advanced configuration options

You can set advanced configuration options by expanding the Advanced Configuration section of the Configuration page.


Note: For the email settings, it's advised to use SMTP mail server, not relay.

Testing email configuration

The admin can verify if the email configuration is correct by providing an existing email address and proceeding SEND



Acronis disk backups

Contents within a disk backup created by Acronis can be processed when Acronis backup software is installed on the system.
When enabling Kiosk to process the contents in a backup, the path to the Acronis command line executable must be provided (e.g. "C:\Program Files\Acronis\CommandLineTool\acrocmd.exe").
This will allow the disk backup to be mounted to the system for Kiosk to access.
The disk backup will be unmounted once the Kiosk session is finished.

Multiple Partitions

Multiple Partitions



Only 1 Windows Partition

Only Windows Partitions

Mixed Windows and Non Windows Partitions

Only Mac / Linux Partitions

Block all media with multiple partitions





Process files on all accessible partitions





The SCAN ALL action will mount every partition it can successfully mount.
All partitions will be scanned by "Process All."
The file browser will have the ability to select files on any partition.

Managing the display language

You can also change the default language displayed in MetaDefender Kiosk from the Choose Language drop-down menu.
Options include English, Arabic, Hebrew, Korean, Vietnamese, German, Japanese, Spanish and French .
If you wish to add a language to the MetaDefender Kiosk UI or edit the translations of any of the existing languages, click View and edit languages .

Session Report Email configuration

SMTP settings for emailing session logs at the end of a session are in the "Email" section.
Here you can enter the host, port, username and password and whether or not to enable SSL.
The sender, recipient, and the message of the email is configured per 4.10. Email Session Report.

Pop Up Detection

Enabling pop up detection will allow Kiosk to detect any windows/pop ups open on the underlying desktop and notify the user.
Any pop up that triggers the detection will be logged to the Application Log on the WebMC, along with the process that owns it.
Time Open Threshold indicates how long a pop should be open until Kiosk notifies that a pop up needs attention.
Process Whitelist allows to specify any process whose pop ups will be ignored from triggering the detection.
Notification Action indicates what action Kiosk will take to notify the user:

  • Display warning - a warning will be displayed indicating that there is a pop up that requires attention

  • Display warning and disable Kiosk - warning displayed with the addition of canceling any running session and disallowing any new session to be started until the Administrator attends to the pop up. This requires closing the UI, handling the pop up and starting Kiosk again.

images/download/attachments/4881318/pop_up_warning.png images/download/attachments/4881318/kiosk_disabled.png