renamed feature

education/windows/TOC.yml

@@ -36,8 +36,8 @@ items:
           href: edu-themes.md
         - name: Configure Stickers
           href: edu-stickers.md
-        - name: Configure federated authentication
+        - name: Configure federated sign-in
-          href: edu-federated-authentication.md
+          href: edu-federated-sign-in.md
         - name: Configure Take a Test on a single PC
           href: take-a-test-single-pc.md
         - name: Configure a Test on multiple PCs

education/windows/edu-federated-sign-in.md

@@ -1,6 +1,6 @@
 ---
-title: Federated authentication for Windows 11 SE
+title: Configure federated sign-in for Windows devices
-description: Description of federated authentication feature for Windows 11 SE and how to configure it via Intune
+description: Description of federated sign-in feature for Windows 11 SE and how to configure it via Intune
 ms.date: 09/15/2022
 ms.prod: windows
 ms.technology: windows
@@ -16,33 +16,33 @@ appliesto:
 ---
 
 <!-- MAXADO-6286399 -->
-# Configure federated authentication for Windows 11 SE
+# Configure federated sign-in for Windows 11 SE
 
-Starting in **Windows 11 SE, version 22H2**, you can configure federated authentication, enabling your users to sign in using a third-party identity provider (IdP).
+Starting in **Windows 11 SE, version 22H2**, you can enable your users to sign-in using a third-party identity provider (IdP). This feature is called **federated sign-in**. Federated sign-in is a great way to simplify the sign-in process for your users. Instead of having to remember a username and password, they can sign-in using their existing credentials from their IdP. For example, students and educators can use picture passwords or QR code badges to sign-in.
-The sign-in experience on Windows SE devices can be simplified based on the options offered by the IdP. For example, rather than logging in with a traditional username and password, students and educators can use picture passwords or QR code badges.
 
-## Benefits of federated authentication
+## Benefits of federated sign-in
 
-With federated authentication, students can sign-in in less time, and with less friction.
+With federated sign-in, students can sign-in in less time, and with less friction.
 Fewer credentials to remember and a simplified sign-in process, enable students to be more engaged and focused on learning.
 
 ## Prerequisites
 
-To implement federated authentication, the following prerequisites must be met:
+To implement federated sign-in, the following prerequisites must be met:
 
 1. An Azure AD tenant, with one or multiple domains federated to a third-party IdP. For more information, see [Use a SAML 2.0 Identity Provider (IdP) for Single Sign On][AZ-1]
 1. Individual IdP accounts created: each user will require an account defined in the third-party IdP platform
 1. Individual Azure AD accounts created: each user will require a matching account defined in Azure AD. These accounts are commonly created through automation, with a provisioning process offered by the IdP
 1. Licenses assigned to the Azure AD user accounts. It's recommended to assign licenses to a dynamic group: when new users are provisioned in Azure AD, the licenses are automatically assigned. For more information, see [Assign licenses to users by group membership in Azure Active Directory][AZ-2]
-1. Enable federated authentication on the Windows devices that the users will be using
+1. Enable federated sign-in on the Windows devices that the users will be using
     > [!IMPORTANT]
     > This feature is exclusively available for Windows 11 SE, version 22H2.
+1. The Windows devices must have *shared PC mode* disabled
 
-## Enable federated authentication on Windows devices
+## Enable federated sign-in on Windows devices
 
 Can be done in Intune or with a provisioning package.
 
-To configure federated authentication using Microsoft Intune, use a [custom profile][MEM-1]:
+To configure federated sign-in using Microsoft Intune, use a [custom profile][MEM-1]:
 
 1. Sign in to the <a href="https://endpoint.microsoft.com/" target="_blank">Microsoft Endpoint Manager admin center</a>
 1. Select **Devices** > **Configuration profiles** > **Create profile**
@@ -57,15 +57,16 @@ To configure federated authentication using Microsoft Intune, use a [custom prof
 1. Select **Next**
 1. In **Configuration settings**, select **Add** and enter the following properties, repeating the process for each row and selecting **Save**:
 
-    [!div class="mx-tdCol2BreakAll"]
+    [!div class="mx-tdBreakAll"]
     | Name | OMA-URI | Data type | Value |
     |--|--|--|--|
     | `EnableWebSignInForPrimaryUser` | `./Vendor/MSFT/Policy/Config/FederatedAuthentication/EnableWebSignInForPrimaryUser` | Integer | 1 |
     | `ConfigureWebSignInAllowedUrls` | `./Vendor/MSFT/Policy/Config/Authentication/ConfigureWebSignInAllowedUrls` | String | Semicolon separated list of domains, for example: `samlidp.clever.com;clever.com;mobile-redirector.clever.com` |
     | `IsEducationEnvironment` | `./Vendor/MSFT/Policy/Config/Education/IsEducationEnvironment` | Integer | 1 |
     | `ConfigureWebCamAccessDomainNames` | `./Vendor/MSFT/Policy/Config/Authentication/ConfigureWebCamAccessDomainNames` | String | This setting is optional, and it should be configured if you need to use the webcam during the sign-in process. Specify the list of domains that are allowed to use the webcam during the sign-in process, separated by a semicolon. For example: `clever.com` |
+    | `EnableSharedPCMode` | `./Vendor/MSFT/SharedPC/EnableSharedPCMode` | Boolean | False |
 
-   :::image type="content" source="images/edu-federated-authentication-settings.png" alt-text="Custom policy showing the settings to be configured to enable federated authentication" lightbox="images/edu-federated-authentication-settings.png" border="true":::
+   :::image type="content" source="images/edu-federated-authentication-settings.png" alt-text="Custom policy showing the settings to be configured to enable federated sign-in" lightbox="images/edu-federated-authentication-settings.png" border="true":::
 1. Select **Review + Save**
 1. Select **Next**
 1. In **Scope tags**, assign any applicable tags (optional)
@@ -75,16 +76,17 @@ To configure federated authentication using Microsoft Intune, use a [custom prof
 1. In **Applicability Rules**, select **Next**
 1. In **Review + create**, review your settings and select **Create**
 
-## How to use federated authentication
+## How to use federated sign-in
 
 Once the devices are configured, a new sign-in experience becomes available.
 
-:::image type="content" source="./images/federated-auth.gif" alt-text="Windows 11 SE sign-in using federated authentication through Clever and QR code badge." border="true":::
+:::image type="content" source="./images/federated-auth.gif" alt-text="Windows 11 SE sign-in using federated sign-in through Clever and QR code badge." border="true":::
 
 ## Known issues
 
 - Network and Accessibility menus aren't available in the web sign-in flow.  They can be accessed on the standard Windows sign-in page. While in the web sign-in flow, press <kbd>Ctrl</kbd>+<kbd>Alt</kbd>+<kbd>Delete</kbd> and the classic Windows sign-in UI will be shown, along with the buttons that launch those menus.  
 - This feature won't work without access to network, as the authentication is done via a third-party provider over the network. Always make sure that there's a valid network connection, before trying to launch the web sign-in flow.
+- The federated sign-in flow is not displayed if devices have *shared PC mode* enabled
 
 ## Troubleshooting
 

education/windows/edu-themes.md

@@ -13,6 +13,7 @@ manager: aaroncz
 ms.collection: education
 appliesto:
 - ✅ <b>Windows 11 22H2</b>
+- ✅ <b>Windows 11 SE 22H2</b>
 ---
 
 # Configure education themes for Windows 11

education/windows/index.yml

@@ -53,8 +53,8 @@ landingContent:
           url: edu-themes.md
         - text: Configure Stickers
           url: edu-stickers.md
-        - text: Configure federated authentication
+        - text: Configure federated sign-in
-          url: edu-federated-authentication.md
+          url: edu-federated-sign-in.md
       - linkListType: video
         links:
         - text: Deploy Windows 11 SE using Set up School PCs