User profile for user: PaulBoerdonk
PaulBoerdonk Author
User level: Level 1
9 points

iPads in Kiosk mode stuck on lock screen after each iOS updates

Hi all,


We’re running into an issue with our Apple iPad Minis, which are managed by Intune. The devices are configured with a Kiosk profile that runs a navigation application, and we’ve set them to require no PIN.

There is only one active device restrictions policy applied to these devices, which enforces the Kiosk mode — no additional policies are in place.


So far, so good, but there’s one major problem:

  • After every iOS update, the devices get stuck on the iOS lock screen.
  • The lock screen does not respond to any input (touch doesn’t work).
  • The only way to regain access is to reboot the device — either via a hard reboot or remotely through Intune.


This behavior occurs consistently after each iPadOS update.


Has anyone experienced this issue before? And is there a way to prevent or fix it so the devices don’t require manual intervention after every update?


Thanks in advance!

iPad mini

Posted on Sep 3, 2025 12:50 AM

Reply
Question marked as Top-ranking reply
User profile for user: PaulBoerdonk
PaulBoerdonk Author
User level: Level 1
9 points

Posted on Sep 19, 2025 2:46 AM

Hi all,


Quick update on this topic.


I couldn't find a direct fix within Intune or Apple's settings, so I've developed a reliable workaround to automatically resolve the issue. I wanted to share the concept for anyone else experiencing the same problem.


The solution is an automated PowerShell script that runs as a Runbook in Azure Automation. This script periodically checks my Kiosk iPads and reboots them automatically if it detects they have been updated, which resolves the frozen lock screen issue.


Here’s a high-level overview of how it works:


  • Scheduled Trigger: The runbook is scheduled to run automatically every hour


  • State Persistence: The script uses an Azure Automation Variable to store a list of all my target iPads and their last known iPadOS version. Think of this as its "memory."


  • Authentication: On each run, the script authenticates to the Microsoft Graph API using a registered Enterprise Application (App Registration) in Entra ID with a certificate for secure, non-interactive sign-in.


  • Device Check: It fetches all devices from a specific Entra ID group I created for these iPads.


  • Version Comparison: For each iPad in the group, it compares the current iPadOS version (retrieved via the Graph API) with the version stored in its "memory" from the last run.


  • Remote Reboot Action:
    • If the current version is different from the stored version, it means the device has been updated. The script then sends a remote reboot command (Restart-MgDeviceManagementManagedDeviceNow) to that specific device via the Graph API.
    • If the versions are the same, no action is taken.


  • Update State: After checking all devices, the script saves the current list of devices and their OS versions back to the Azure Automation Variable, updating its "memory" for the next run.


As an optional extra, I've configured it to send a notification to a Microsoft Teams channel with a list of all the devices that were automatically rebooted.


This approach has been working perfectly for me and has eliminated the need for manual intervention after every iPadOS update.


Hope this helps anyone else struggling with this frustrating issue!


Best regards,

Paul

View in context
16 replies

iPads in Kiosk mode stuck on lock screen after each iOS updates

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up