deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-15 02:13:43 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Update kiosk configuration and documentation

Browse Source
This commit is contained in:
Paolo Matarazzo
2024-02-01 15:08:27 -05:00
parent 17658aa2c4
commit 0169e5f83c
5 changed files with 116 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
windows/configuration/start/configure.md Normal file
View File

@ -0,0 +1,60 @@
---
title: Configure Start menu
description: Learn about the available options to configure the Windows Start menu and how to configure them via Configuration Service Providers (CSP) or group policy (GPO).
ms.topic: how-to
ms.date: 01/30/2024
---
# Configure Start menu
To configure the Windows Start menu in your organization, you can use one of the following options:
- Configuration Service Provider (CSP): this option is commonly used for devices managed by a Mobile Device Management (MDM) solution, like Microsoft Intune. The [Policy CSP][WIN-1] is used to configure Start, and to report the status of its configuration to the MDM solution
- Group policy (GPO): this option can be used for devices that are joined to an Active Directory domain and aren't managed by a device management solution. Group policy can also be used for devices that aren't joined to an Active Directory domain, using the local group policy editor
## Start policy settings
This section describes the policy settings to configure Start via configuration service provider (CSP) and group policy (GPO).
### Policy settings list
The list of settings is sorted alphabetically and organized in two categories:
- **Common settings**:
- **Other**:
Select one of the tabs to see the list of available settings:
#### [:::image type="icon" source=""::: **Common settings**](#tab/common)
The following table lists the Start policy settings, indicating if they're applicable via configuration service provider (CSP) and/or group policy (GPO). Select the setting name for more details.
|Policy name| CSP | GPO |
|-|-|-|
|[Allow standard user encryption](#allow-standard-user-encryption)|✅|❌|
|[Choose default folder for recovery password](#choose-default-folder-for-recovery-password)|❌|✅|
|[Choose drive encryption method and cipher strength](#choose-drive-encryption-method-and-cipher-strength)|✅|✅|
|[Configure recovery password rotation](#configure-recovery-password-rotation)|✅|❌|
|[Disable new DMA devices when this computer is locked](#disable-new-dma-devices-when-this-computer-is-locked)|❌|✅|
|[Prevent memory overwrite on restart](#prevent-memory-overwrite-on-restart)|❌|✅|
|[Provide the unique identifiers for your organization](#provide-the-unique-identifiers-for-your-organization)|✅|✅|
|[Require device encryption](#require-device-encryption)|✅|❌|
|[Validate smart card certificate usage rule compliance](#validate-smart-card-certificate-usage-rule-compliance)|❌|✅|
[!INCLUDE [allow-standard-user-encryption](includes/allow-standard-user-encryption.md)]
[!INCLUDE [choose-default-folder-for-recovery-password](includes/choose-default-folder-for-recovery-password.md)]
[!INCLUDE [choose-drive-encryption-method-and-cipher-strength](includes/choose-drive-encryption-method-and-cipher-strength.md)]
[!INCLUDE [configure-recovery-password-rotation](includes/configure-recovery-password-rotation.md)]
[!INCLUDE [disable-new-dma-devices-when-this-computer-is-locked](includes/disable-new-dma-devices-when-this-computer-is-locked.md)]
[!INCLUDE [prevent-memory-overwrite-on-restart](includes/prevent-memory-overwrite-on-restart.md)]
[!INCLUDE [provide-the-unique-identifiers-for-your-organization](includes/provide-the-unique-identifiers-for-your-organization.md)]
[!INCLUDE [require-device-encryption](includes/require-device-encryption.md)]
[!INCLUDE [validate-smart-card-certificate-usage-rule-compliance](includes/validate-smart-card-certificate-usage-rule-compliance.md)]
#### [:::image type="icon" source="images/os-drive.svg"::: **Other**](#tab/os)
---
<!--links-->
[WIN-1]: /windows/client-management/mdm/policy-csp

31
windows/configuration/start/start-layout-xml-desktop.md
View File

@ -14,20 +14,14 @@ appliesto:
On Windows 10 for desktop editions, the customized Start works by:
- Windows 10 checks the chosen base default layout, such as the desktop edition and whether Cortana is supported for the country/region.
- Windows 10 reads the LayoutModification.xml file and allows groups to be appended to Start. The groups have the following constraints:
- Two groups that are six columns wide, or equivalent to the width of three medium tiles.
- Two medium-sized tile rows in height. Windows 10 ignores any tiles that are pinned beyond the second row.
- No limit to the number of apps that can be pinned. There's a theoretical limit of 24 tiles per group (four small tiles per medium square x 3 columns x 2 rows).
- Two groups that are six columns wide, or equivalent to the width of three medium tiles.
- Two medium-sized tile rows in height. Windows 10 ignores any tiles that are pinned beyond the second row.
- No limit to the number of apps that can be pinned. There's a theoretical limit of 24 tiles per group (four small tiles per medium square x 3 columns x 2 rows).
>[!NOTE]
>To use the layout modification XML to configure Start with roaming user profiles, see [Deploying Roaming User Profiles](/windows-server/storage/folder-redirection/deploy-roaming-user-profiles#step-7-optionally-specify-a-start-layout-for-windows-10-pcs).
## LayoutModification XML
IT admins can provision the Start layout using a LayoutModification.xml file. This file supports several mechanisms to modify or replace the default Start layout and its tiles. The easiest method for creating a LayoutModification.xml file is by using the Export-StartLayout cmdlet; see [Customize and export Start layout](customize-and-export-start-layout.md) for instructions.
@ -39,7 +33,7 @@ The XML schema for `LayoutModification.xml` requires the following order for tag
1. LayoutOptions
1. DefaultLayoutOverride
1. RequiredStartGroupsCollection
1. AppendDownloadOfficeTile OR AppendOfficeSuite (only one Office option can be used at a time)
1. AppendDownloadOfficeTile - OR - AppendOfficeSuite (only one Office option can be used at a time)
1. AppendOfficeSuiteChoice
1. TopMFUApps
1. CustomTaskbarLayoutCollection
@ -52,11 +46,13 @@ Comments are not supported in the `LayoutModification.xml` file.
>[!NOTE]
>To make sure the Start layout XML parser processes your file correctly, follow these guidelines when working with your LayoutModification.xml file:
>
>- Do not leave spaces or white lines in between each element.
>- Do not add comments inside the StartLayout node or any of its children elements.
>- Do not add multiple rows of comments.
The following table lists the supported elements and attributes for the LayoutModification.xml file.
> [!NOTE]
> RequiredStartGroupsCollection and AppendGroup syntax only apply when the Import-StartLayout method is used for building and deploying Windows images.
@ -81,15 +77,11 @@ The following table lists the supported elements and attributes for the LayoutMo
New devices running Windows 10 for desktop editions will default to a Start menu with two columns of tiles unless boot to tablet mode is enabled. Devices with screens that are under 10" have boot to tablet mode enabled by default. For these devices, users see the full screen Start on the desktop. You can adjust the following features:
- Boot to tablet mode can be set on or off.
- Set full screen Start on desktop to on or off.
To do this, add the LayoutOptions element in your LayoutModification.xml file and set the FullScreenStart attribute to true or false.
- Specify the number of columns in the Start menu to 1 or 2.
To do this, add the LayoutOptions element in your LayoutModification.xml file and set the StartTileGroupsColumnCount attribute to 1 or 2.
- Boot to tablet mode can be set on or off
- Set full screen Start on desktop to on or off
To do this, add the LayoutOptions element in your LayoutModification.xml file and set the FullScreenStart attribute to true or false
- Specify the number of columns in the Start menu to 1 or 2
To do this, add the LayoutOptions element in your LayoutModification.xml file and set the StartTileGroupsColumnCount attribute to 1 or 2
The following example shows how to use the LayoutOptions element to specify full screen Start on the desktop and to use one column in the Start menu:
@ -221,7 +213,6 @@ You can use the **start:DesktopApplicationTile** tag to pin a Windows desktop ap
Column="2"/>
```
You can also use the **start:DesktopApplicationTile** tag as one of the methods for pinning a Web link to Start. The other method is to use a Microsoft Edge secondary tile.
To pin a legacy `.url` shortcut to Start, you must create a `.url` file (right-click on the desktop, select **New** > **Shortcut**, and then type a Web URL). You must add this `.url` file in a legacy Start Menu directory before first boot; for example, `%APPDATA%\Microsoft\Windows\Start Menu\Programs\` or the all users profile `%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\`.