The SharedPC configuration service provider is used to configure settings for Shared PC usage.
What is Shared PC mode:
A Windows 10 PC in shared PC mode is designed to be management- and maintenance-free with high reliability. In shared PC mode, only one user can be signed in at a time. When the PC is locked, the currently signed in user can always be signed out at the lock screen. Users who sign-in are signed in as standard users, not admin users.
Create a Custom Configuration (Windows 10 Desktop and Mobile and later) Policy
Settings name:
./Vendor/MSFT/SharedPC/EnableSharedPCMode
Settings description:
EnableSharedPCMode
Data type:
Boolean
OMA-URL:
./Vendor/MSFT/SharedPC/EnableSharedPCMode
Value:
True
./Vendor/MSFT/SharedPC/SetEduPolicies
Settings description:
SetEduPolicies
Data type:
Boolean
OMA-URL:
./Vendor/MSFT/SharedPC/SetEduPolicies
Value:
True
Settings name:
./Vendor/MSFT/SharedPC/SetPowerPolicies
Settings description:
SetPowerPolicies
Data type:
Boolean
OMA-URL:
./Vendor/MSFT/SharedPC/SetPowerPolicies
Value:
True
Settings name:
./Vendor/MSFT/SharedPC/MaintenanceStartTime
Settings description:
MaintenanceStartTime
Data type:
Interger
OMA-URL:
./Vendor/MSFT/SharedPC/MaintenanceStartTime
Value:
12
Settings name:
./Vendor/MSFT/SharedPC/SignInOnResume
Settings description:
SignInOnResume
Data type:
Bootlean
OMA-URL:
./Vendor/MSFT/SharedPC/SignInOnResume
Value:
True
Settings name:
./Vendor/MSFT/SharedPC/SleepTimeout
Settings description:
SleepTimeout
Data type:
Integer
OMA-URL:
./Vendor/MSFT/SharedPC/SleepTimeout
Value:
7200
Settings name:
./Vendor/MSFT/SharedPC/EnableAccountManager
Settings description:
EnableAccountManager
Data type:
Bootlean
OMA-URL:
./Vendor/MSFT/SharedPC/EnableAccountManager
Value:
True
Settings name:
./Vendor/MSFT/SharedPC/AccountModel
Settings description:
AccountModel
Data type:
Integer
OMA-URL:
./Vendor/MSFT/SharedPC/AccountModel
Value:
1
Settings name:
./Vendor/MSFT/SharedPC/DeletionPolicy
Settings description:
AccountModel
Data type:
Integer
OMA-URL:
./Vendor/MSFT/SharedPC/DeletionPolicy
Value:
1
Settings name:
./Vendor/MSFT/SharedPC/DiskLevelDeletion
Settings description:
DiskLevelDeletion
Data type:
Integer
OMA-URL:
./Vendor/MSFT/SharedPC/DiskLevelDeletion
Value:
20
Settings name:
./Vendor/MSFT/Policy/Config/Update/AllowAutoUpdate
Settings description:
AllowAutoUpdate
Data type:
Integer
OMA-URL:
./Vendor/MSFT/Policy/Config/Update/AllowAutoUpdate
Value:
4
Settings name:
./Vendor/MSFT/Policy/Config/Privacy/LetAppsAccessContacts
Settings description:
LetAppsAccessContacts
Data type:
Integer
OMA-URL:
./Vendor/MSFT/Policy/Config/Privacy/LetAppsAccessContacts
Value:
4
To get Office 365 to work on a shared PC – we need to enable the “Shared Computer Licensing” This can be done by:
Office 365 installation settings:
How it looks like in configuration.xml
<Configuration><Add OfficeClientEdition=”32” Channel=”Current” ><Product ID=”O365ProPlusRetail” ><Language ID=”en-us” /></Product></Add><Updates Enabled=”TRUE” Channel=”Current” /><Display Level=”Full” AcceptEULA=”True” /><Property Name=”AUTOACTIVATE” Value=”1” /><Property Name=”FORCEAPPSHUTDOWN” Value=”TRUE” /><Property Name=”SharedComputerLicensing” Value=”1” /><Logging Level=”Off” /></Configuration>
Cloud First 
Hi. Is it possible to combine these CSP-settings with the Kiosk mode in Intune?
I haven’t got it to work
I don ‘t think so – is there a reason for that?
I’d like to combine guest accounts with the multi-app kiosk mode. How’d you recommend that I do?
Thanks for your post, any idea why I have an error on “./Vendor/MSFT/Policy/Config/Update/AllowAutoUpdate”.
I cannot find anything for this setting @ https://docs.microsoft.com/en-us/windows/client-management/mdm/sharedpc-csp.
I asume its for Windows updates.
It is a old blogpost, I can see alot has changed – I think I have to update it again. Normally I just use the buildin feature of Intune for Education.
Hi, I have been testing Shared PC Mode but run into a problem. When a user who hasnt got EMS licence assigned to them logs into the Shared PC, the PC loses its Shared PC configuration and when that user logs out the PC goes back to normal Azure AD Joined PC with Windows Hello at login….
When an EMS licenced users logs in the Shared PC Mode settings come back again.
Is this by design ? Does this mean you cant deploy Shared PC mode unless 100% of users have EMS licence ?
I have not tested it – will test and get back to you
I had raised this with Microsoft Support as well and they have replied today to say that all users need to have at least Intune licence so it appears this is by design….
It is odd though because it means if just one user isn’t licenced and logs in the Shared mode is switched off for the next user ( who may be licenced user and who wouldn’t be used to seeing the Windows Hello login process ).
Question: Which of these settings would allow the login screen to remember the last user who logged in?
Once SharedPC mode is enabled the users must type in their AAD entire emails address at every login. I understand why it is designed this way as SharedPC mode, but I would like to disable this function. I do not need the ability to switch users, just for the login screen to save email of the last login and only type password for auth.
Could this possibly be the result of EnableAccountManager or AccountModel CSP? I’m having a hard time finding what these actually do.
Thanks!