From 472e1f45dca93eb47068df04450557c2eba60d78 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Wed, 28 Feb 2024 13:43:37 -0500
Subject: [PATCH] Add configuration to assigned access profiles

---
 .../assigned-access-configuration-file.md     | 60 +++++--------------
 ...cess-example-file-explorer-restrictions.md |  4 +-
 .../assigned-access-example-global-profile.md |  2 +-
 .../assigned-access-example-two-profiles.md   |  4 +-
 .../assigned-access-example-usergroup.md      |  2 +-
 .../shell-launcher-configuration-file.md      |  8 +--
 6 files changed, 25 insertions(+), 55 deletions(-)

diff --git a/windows/configuration/assigned-access/assigned-access-configuration-file.md b/windows/configuration/assigned-access/assigned-access-configuration-file.md
index ed986ff4dd..b1a1dcd7a0 100644
--- a/windows/configuration/assigned-access/assigned-access-configuration-file.md
+++ b/windows/configuration/assigned-access/assigned-access-configuration-file.md
@@ -20,15 +20,6 @@ Let's start by looking at the basic structure of the XML file. An Assigned Acces
 > [!NOTE]
 > A profile has no effect if it's not associated to a user account.
 
-```text
-Assigned Access
-|___ Profiles
-|   |___ Profile
-|       |___ KioskApp
-|       |___ TaskBar
-|___ Configs
-```
-
 Here's a basic example of an Assigned Access configuration file, with one profile and one config:
 
 ```xml
@@ -36,12 +27,12 @@ Here's a basic example of an Assigned Access configuration file, with one profil
 <AssignedAccessConfiguration xmlns="http://schemas.microsoft.com/AssignedAccess/2017/config">
     <Profiles>
         <Profile Id="GUID">
-            ...
+            <!-- Add configuration here as needed -->
         </Profile>
     </Profiles>
     <Configs>
         <Config>
-            ...
+            <!-- Add configuration here as needed -->
         </Config>
     </Configs>
 </AssignedAccessConfiguration>
@@ -54,7 +45,7 @@ A configuration file can contain one or more profiles. Each profile is identifie
 ```xml
 <Profiles>
     <Profile Id="{EDB3036B-780D-487D-A375-69369D8A8F78}">
-        ...
+        <!-- Add configuration here as needed -->
     </Profile>
 </Profiles>
 ```
@@ -106,13 +97,13 @@ Restricted user experience example:
     <Profile Id="{EDB3036B-780D-487D-A375-69369D8A8F78}" Name="Microsoft Learn example">
         <AllAppsList>
             <AllowedApps>
-                [...]
+                <!-- Add configuration here as needed -->
             </AllowedApps>
         </AllAppsList>
         <StartPins>
         </StartPins>
         <TaskbarLayout>
-            [...]
+            <!-- Add configuration here as needed -->
         </TaskbarLayout>
     </Profile>
 </Profiles>
@@ -129,11 +120,11 @@ Restricted user experience example:
     <Profile Id="{EDB3036B-780D-487D-A375-69369D8A8F78}" Name="Microsoft Learn example">
         <AllAppsList>
             <AllowedApps>
-                [...]
+                <!-- Add configuration here as needed -->
             </AllowedApps>
         </AllAppsList>
         <rs5:FileExplorerNamespaceRestrictions>
-            [...]
+            <!-- Add configuration here as needed -->
         </rs5:FileExplorerNamespaceRestrictions>
         <StartLayout>
         </StartLayout>
@@ -450,59 +441,38 @@ Microsoft Entra accounts must be specified with the format: `AzureAD\{UPN}`. `Az
 
 Group accounts are specified using `<UserGroup>`. Nested groups aren't supported. For example, if *User A* is member of *Group A*, *Group A* is member of *Group B*, and *Group B* is used in `<Config/>`, *User A* doesn't have the kiosk experience.
 
-:::row:::
-:::column span="2":::
-#### Scenario
-:::column-end:::
-:::column span="2":::
-#### XML snippet
-:::column-end:::
-:::row-end:::
-:::row:::
-:::column span="2":::
-**Local group**
+##### Local group
 
 Specify the group type as `LocalGroup` and add the group name in the `Name` attribute.
-:::column-end:::
-:::column span="2":::
+
 ```xml
 <Config>
   <UserGroup Type="LocalGroup" Name="groupname" />
   <DefaultProfile Id="{GUID}"/>
 </Config>
 ```
-:::column-end:::
-:::row-end:::
-:::row:::
-:::column span="2":::
-**Active Directory group**
+
+#### Active Directory group
 
 Both security and distribution groups are supported. Specify the group type as <strong>ActiveDirectoryGroup</strong>. Use the domain name as the prefix in the name attribute.
-:::column-end:::
-:::column span="2":::
+
 ```xml
 <Config>
   <UserGroup Type="ActiveDirectoryGroup" Name="contoso\groupname" />
   <DefaultProfile Id="{GUID}"/>
 </Config>
 ```
-:::column-end:::
-:::row-end:::
-:::row:::
-:::column span="2":::
-**Microsoft Entra group**
+
+#### Microsoft Entra group
 
 Use the object ID of the Microsoft Entra group. You can find the object ID on the overview page for the group in **Users and groups** > **All groups**. Specify the group type as `AzureActiveDirectoryGroup`. The kiosk device must have internet connectivity when users that belong to the group sign-in.
-:::column-end:::
-:::column span="2":::
+
 ```xml
 <Config>
   <UserGroup Type="AzureActiveDirectoryGroup" Name="Group_GUID" />
   <DefaultProfile Id="{GUID}"/>
 </Config>
 ```
-:::column-end:::
-:::row-end:::
 
 ### Global profile
 
diff --git a/windows/configuration/assigned-access/includes/assigned-access-example-file-explorer-restrictions.md b/windows/configuration/assigned-access/includes/assigned-access-example-file-explorer-restrictions.md
index 15dc156dfd..caec7c0e1c 100644
--- a/windows/configuration/assigned-access/includes/assigned-access-example-file-explorer-restrictions.md
+++ b/windows/configuration/assigned-access/includes/assigned-access-example-file-explorer-restrictions.md
@@ -14,12 +14,12 @@ ms.topic: include
     xmlns:v3="http://schemas.microsoft.com/AssignedAccess/2020/config">
     <Profiles>
         <Profile Id="{9A2A490F-10F6-4764-974A-43B19E722C23}">
-            ...
+            <!-- Add configuration here -->
             <rs5:FileExplorerNamespaceRestrictions>
                 <rs5:AllowedNamespace Name="Downloads"/>
                 <v3:AllowRemovableDrives/>
             </rs5:FileExplorerNamespaceRestrictions>
-            ...
+            <!-- Add configuration here -->
         </Profile>
     </Profiles>
     <Configs>
diff --git a/windows/configuration/assigned-access/includes/assigned-access-example-global-profile.md b/windows/configuration/assigned-access/includes/assigned-access-example-global-profile.md
index e44a9c4155..a88faae206 100644
--- a/windows/configuration/assigned-access/includes/assigned-access-example-global-profile.md
+++ b/windows/configuration/assigned-access/includes/assigned-access-example-global-profile.md
@@ -14,7 +14,7 @@ ms.topic: include
     xmlns:v5="http://schemas.microsoft.com/AssignedAccess/2022/config">
     <Profiles>
         <Profile Id="{9A2A490F-10F6-4764-974A-43B19E722C23}">
-          ...
+          <!-- Add configuration here -->
         </Profile>
     </Profiles>
     <Configs>
diff --git a/windows/configuration/assigned-access/includes/assigned-access-example-two-profiles.md b/windows/configuration/assigned-access/includes/assigned-access-example-two-profiles.md
index 01ec4607e9..bec7a3e076 100644
--- a/windows/configuration/assigned-access/includes/assigned-access-example-two-profiles.md
+++ b/windows/configuration/assigned-access/includes/assigned-access-example-two-profiles.md
@@ -18,10 +18,10 @@ ms.topic: include
     <Profile Id="{9A2A490F-10F6-4764-974A-43B19E722C23}">
       <AllAppsList>
         <AllowedApps>
-          ...
+          <!-- Add configuration here as needed -->
         </AllowedApps>
       </AllAppsList>
-      ...
+      <!-- Add configuration here as needed -->
     </Profile>
   </Profiles>
   <Configs>
diff --git a/windows/configuration/assigned-access/includes/assigned-access-example-usergroup.md b/windows/configuration/assigned-access/includes/assigned-access-example-usergroup.md
index 1105ab6962..e450460ade 100644
--- a/windows/configuration/assigned-access/includes/assigned-access-example-usergroup.md
+++ b/windows/configuration/assigned-access/includes/assigned-access-example-usergroup.md
@@ -13,7 +13,7 @@ ms.topic: include
     xmlns:rs5="http://schemas.microsoft.com/AssignedAccess/201810/config">
 
     <Profiles>
-        ...
+        <!-- Add configuration here as needed -->
     </Profiles>
 
     <Configs>
diff --git a/windows/configuration/assigned-access/shell-launcher-configuration-file.md b/windows/configuration/assigned-access/shell-launcher-configuration-file.md
index a6cec53879..70d097cd29 100644
--- a/windows/configuration/assigned-access/shell-launcher-configuration-file.md
+++ b/windows/configuration/assigned-access/shell-launcher-configuration-file.md
@@ -28,10 +28,10 @@ You can start your file by pasting the following XML code into a text editor, an
     xmlns="http://schemas.microsoft.com/ShellLauncher/2018/Configuration"
     xmlns:V2="http://schemas.microsoft.com/ShellLauncher/2019/Configuration">
     <Profiles>
-        ...
+        <!-- Add configuration here as needed -->
     </Profiles>
     <Configs>
-        ...
+        <!-- Add configuration here as needed -->
     </Configs>
 </ShellLauncherConfiguration>
 ```
@@ -43,7 +43,7 @@ If you want to define a default profile, you can use the `DefaultProfile` elemen
 ```xml
 <Profiles>
     <DefaultProfile>
-        ...
+        <!-- Add configuration here as needed -->
     </DefaultProfile>
 </Profiles>
 ```
@@ -53,7 +53,7 @@ Each profile is identified by a unique identifier `Profile Id`, for example:
 ```xml
 <Profiles>
     <Profile Id="{EDB3036B-780D-487D-A375-69369D8A8F78}">
-        ...
+        <!-- Add configuration here as needed -->
     </Profile>
 </Profiles>
 ```