Remove image and update navigation in assigned-access documentation

windows/configuration/assigned-access/configure.md

@@ -46,8 +46,6 @@ Here are the steps to configure a kiosk using the Settings app:
     - Which URL should be open when the kiosk accounts signs in
     - When Microsoft Edge should restart after a period of inactivity (if you select to run as a public browser)
 
-    :::image type="content" source="images/settings-choose-app.png" alt-text="Screenshot of the dialog box asking to select an app." border="false":::
-
 1. Select **Close**
 
 - UWP

windows/configuration/assigned-access/index.md

@@ -75,40 +75,3 @@ There are several kiosk configuration methods that you can choose from, dependin
 
 >[!NOTE]
 >For devices running Windows client Enterprise and Education, you can also use [Windows Defender Application Control](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control) or [AppLocker](lock-down-windows-10-applocker.md) to lock down a device to specific apps.
-
-
-<!--
-
-> [!NOTE]
-> The use of multiple monitors is supported for multi-app kiosk mode in Windows 11.
-
-
-
-A kiosk device typically runs a single application, and users are prevented from accessing any features or functions on the device outside of the app.
-
-The Assigned Access feature is intended for dedicated devices, like kiosks. When the multi-app Assigned Access configuration is applied on the device, [certain policies](kiosk-policies.md) are enforced system-wide, impacting other users on the device. Deleting the kiosk configuration removes the Assigned Access lockdown profiles associated with the users, but it can't revert all the enforced policies (for example, the Start layout). To clear all the policy settings enforced by Assigned Access, you must reset Windows.
-
-<!--troubleshooting
-Event Viewer
-Run "eventvwr.msc"
-Navigate to "Applications and Services Logs"
-There are 2 areas of your interests:
-"Microsoft-Windows-AssignedAccess"
-"Microsoft-Windows-AssignedAccessBroker"
-Before any repro, it's recommended to enable "Operational" channel to get the most of logs.
-TraceLogging
-<TBD>
-
-Registry Key
-These locations contain the latest Assigned Access Configuration:
-
-HKLM\SOFTWARE\Microsoft\Windows\AssignedAccessConfiguration
-HKLM\SOFTWARE\Microsoft\Windows\AssignedAccessCsp
-These locations contain the latest "evaluated" configuration for each sign-in user:
-
-"HKCU\SOFTWARE\Microsoft\Windows\AssignedAccessConfiguration" (If it doesn't exist, it means no Assigned Access to be enforced for this user.)
-
-> [!NOTE]
-> If the application calls `KeyCredentialManager.IsSupportedAsync` when it is running in assigned access mode and it returns false on the first run, invoke the settings screen and select an appropriate PIN to use with Windows Hello. This is the settings screen that is hidden by the application running in assigned access mode. You can only use Windows Hello if you first leave assigned access mode, select your convenience pin, and then go back into assigned access mode again.
-
--->

windows/configuration/assigned-access/overview.md

@@ -87,3 +87,33 @@ Assigned Access uses the *Lock framework*. When an Assigned Access user signs in
 ## Test your Assigned Access experience
 
 It's recommended to thoroughly test the Assigned Access kiosk configuration, ensuring that your devices provide a good user experience.
+
+> [!NOTE]
+> The use of multiple monitors is supported for multi-app kiosk mode in Windows 11.
+
+The Assigned Access feature is intended for dedicated devices, like kiosks. When the multi-app Assigned Access configuration is applied on the device, [certain policies](kiosk-policies.md) are enforced system-wide, impacting other users on the device. Deleting the kiosk configuration removes the Assigned Access lockdown profiles associated with the users, but it can't revert all the enforced policies (for example, the Start layout). To clear all the policy settings enforced by Assigned Access, you must reset Windows.
+
+## Troubleshooting
+
+Event Viewer
+Run "eventvwr.msc"
+Navigate to "Applications and Services Logs"
+There are 2 areas of your interests:
+"Microsoft-Windows-AssignedAccess"
+"Microsoft-Windows-AssignedAccessBroker"
+Before any repro, it's recommended to enable "Operational" channel to get the most of logs.
+TraceLogging
+
+Registry Key
+These locations contain the latest Assigned Access Configuration:
+
+HKLM\SOFTWARE\Microsoft\Windows\AssignedAccessConfiguration
+HKLM\SOFTWARE\Microsoft\Windows\AssignedAccessCsp
+These locations contain the latest "evaluated" configuration for each sign-in user:
+
+"HKCU\SOFTWARE\Microsoft\Windows\AssignedAccessConfiguration" (If it doesn't exist, it means no Assigned Access to be enforced for this user.)
+
+> [!NOTE]
+> If the application calls `KeyCredentialManager.IsSupportedAsync` when it is running in assigned access mode and it returns false on the first run, invoke the settings screen and select an appropriate PIN to use with Windows Hello. This is the settings screen that is hidden by the application running in assigned access mode. You can only use Windows Hello if you first leave assigned access mode, select your convenience pin, and then go back into assigned access mode again.
+
+-->

windows/configuration/assigned-access/quickstart-kiosk.md

@@ -46,8 +46,6 @@ Here are the steps to configure a kiosk using the Settings app:
     - Which URL should be open when the kiosk accounts signs in
     - When Microsoft Edge should restart after a period of inactivity (if you select to run as a public browser)
 
-    :::image type="content" source="images/settings-choose-app.png" alt-text="Screenshot of the dialog box asking to select an app." border="false":::
-
 1. Select **Close**
 
 #### [:::image type="icon" source="../images/icons/intune.svg"::: **Intune/CSP**](#tab/intune)

windows/configuration/assigned-access/recommendations.md

@@ -218,7 +218,6 @@ How to edit the registry to have an account sign in automatically:
 > [!WARNING]
 > Assigned access can be configured via WMI or CSP to run its applications under a domain user or service account, rather than a local account.  However, use of domain user or service accounts introduces risks that an attacker subverting the Assigned Access application might gain access to sensitive domain resources that have been inadvertently left accessible to any domain account. We recommend that customers proceed with caution when using domain accounts with assigned access, and consider the domain resources potentially exposed by the decision to do so.
 
-
 ## Interactions and interoperability
 
 The following table describes some features that have interoperability issues we recommend that you consider when running assigned access.

windows/configuration/assigned-access/toc.yml

@@ -17,7 +17,7 @@ items:
         href: configure.md
       - name: Create an Assigned Access configuration file
         href: configuration-file.md
-      - name: Prepare a device for kiosk configuration
+      - name: Recommendations
         href: recommendations.md
   - name: Reference
     items: