Remove unnecessary content and update configuration file in assigned-access

windows/configuration/assigned-access/assigned-access-configuration-file.md

@@ -26,7 +26,7 @@ Here's a basic example of an Assigned Access configuration file, with one profil
 <?xml version="1.0" encoding="utf-8" ?>
 <AssignedAccessConfiguration xmlns="http://schemas.microsoft.com/AssignedAccess/2017/config">
     <Profiles>
-        <Profile Id="GUID">
+        <Profile Id="{GUID}">
             <!-- Add configuration here as needed -->
         </Profile>
     </Profiles>
@@ -386,10 +386,10 @@ The following example shows how to specify an account to sign in automatically,
 ```
 
 >[!NOTE]
-> On Microsoft Entra joined and domain joined devices, local user accounts aren't disaplyed on the sign-in screen by default. To display the local accounts on the sign-in screen, enable the policy setting:
+> On Microsoft Entra joined and domain joined devices, local user accounts aren't displayed on the sign-in screen by default. To display the local accounts on the sign-in screen, enable the policy setting:
 >
 >- GPO: **Computer Configuration** > **Administrative Templates** > **System** > **Logon** > **Enumerate local users on domain-joined computers**
->- CSP: `./Device/Vendor/MSFT/Policy/Config/WindowsLogon/`[`EnumerateLocalUsersOnDomainJoinedComputers`](/windows/client-management/mdm/policy-csp-windowslogon#enumeratelocalusersondomainjoinedcomputers)
+>- CSP: `./Device/Vendor/MSFT/Policy/Config/WindowsLogon/`[EnumerateLocalUsersOnDomainJoinedComputers](/windows/client-management/mdm/policy-csp-windowslogon#enumeratelocalusersondomainjoinedcomputers)
 
 >[!IMPORTANT]
 >When Exchange Active Sync (EAS) password restrictions are active on the device, the autologon feature doesn't work. This behavior is by design. For more informations, see [How to turn on automatic logon in Windows](/troubleshoot/windows-server/user-profiles-and-logon/turn-on-automatic-logon).
@@ -398,6 +398,10 @@ The following example shows how to specify an account to sign in automatically,
 
 Individual accounts are specified using `<Account>`.
 
+> [!IMPORTANT]
+> Before applying the Assigned Access configuration, make sure the specified user account is available on the device, otherwise it fails.
+>
+> For both domain and Microsoft Entra accounts, as long as the device is Active Directory joined or Microsoft Entra joined, the account can be discovered in the domain forest or tenant that the device is joined to. For local accounts, it is required that the account exist before you configure the account for assigned access.
 
 #### Local user
 
@@ -432,11 +436,6 @@ Microsoft Entra accounts must be specified with the format: `AzureAD\{UPN}`. `Az
 </Config>
 ```
 
-> [!IMPORTANT]
-> Before applying the Assigned Access configuration, make sure the specified user account is available on the device, otherwise it fails.
->
-> For both domain and Microsoft Entra accounts, as long as the device is Active Directory joined or Microsoft Entra joined, the account can be discovered in the domain forest or tenant that the device is joined to. For local accounts, it is required that the account exist before you configure the account for assigned access.
-
 ### Group accounts
 
 Group accounts are specified using `<UserGroup>`. Nested groups aren't supported. For example, if *User A* is member of *Group A*, *Group A* is member of *Group B*, and *Group B* is used in `<Config/>`, *User A* doesn't have the kiosk experience.

windows/configuration/assigned-access/assigned-access-overview.md

@@ -354,22 +354,27 @@ When you use the **Provision kiosk devices** wizard in Windows Configuration Des
 
 [Learn how to apply a provisioning package.](../provisioning-packages/provisioning-apply-package.md)
 
-## Set up a kiosk or digital sign using Microsoft Intune or other MDM service
 
-App type:
+## User experience
 
-- UWP
+To test the kiosk, sign in with the Assigned Access user account you specified in the configuration to check out the multi-app experience.
 
-OS:
+>[!NOTE]
+>The kiosk configuration setting will take effect the next time the Assigned Access user signs in. If that user account is signed in when you apply the configuration, make sure the user signs out and signs back in to validate the experience.
 
-- Windows 10 Pro version 1709+, Ent, Edu
-- Windows 11
+When Assigned Access is configured, different policy settings are applied to the device to provide a secured, locked-down experience. For more information, see [assigned-access-policy-settings](assigned-access-policy-settings.md).
 
-Account type:
+Optionally, run Event Viewer (eventvwr.exe) and look through logs under **Applications and Services Logs** > **Microsoft** > **Windows** > **Provisioning-Diagnostics-Provider** > **Admin**.
 
-- Local standard user
-- Microsoft Entra ID
+### App launching and switching experience
 
+In the multi-app mode, to maximize the user productivity and streamline the experience, an app will be always launched in full screen when the users click the tile on the Start. The users can minimize and close the app, but cannot resize the app window.
+
+The users can switch apps just as they do today in Windows. They can use the Task View button, Alt + Tab hotkey, and the swipe in from the left gesture to view all the open apps in task view. They can click the Windows button to show Start, from which they can open apps, and they can switch to an opened app by clicking it on the taskbar.
+
+### Auto-trigger touch keyboard
+
+The touch keyboard is automatically triggered when there's an input needed and no physical keyboard is attached on touch-enabled devices. You don't need to configure any other setting to enforce this behavior.
 
 ## Sign out of assigned access
 
@@ -393,13 +398,6 @@ Digital signage can be a useful and exciting business tool. Use digital signs to
 
 For digital signage, simply select a digital sign player as your kiosk app. You can also use [Microsoft Edge in kiosk mode](/DeployEdge/microsoft-edge-configure-kiosk-mode) or the Kiosk Browser app, and configure it to show your online content.
 
->[!TIP]
->Kiosk Browser can also be used in [single-app kiosks](kiosk-single-app.md) and [multi-app kiosk](lock-down-windows-10-to-specific-apps.md) as a web browser. For more information, see [Guidelines for web browsers](guidelines-for-assigned-access-app.md#guidelines-for-web-browsers).
-
-Kiosk Browser must be downloaded for offline licensing using Microsoft Store for Business. You can deploy Kiosk Browser to devices running Windows 11, and Windows 10 version 1803+.
-
->[!NOTE]
->If you haven't set up your Microsoft Store for Business yet, check out [the prerequisites](/microsoft-store/prerequisites-microsoft-store-for-business) and then [sign up](/microsoft-store/sign-up-microsoft-store-for-business).
 
 This procedure explains how to configure digital signage using Kiosk Browser on a device running Windows client that has already been set up (completed the first-run experience).
 

windows/configuration/assigned-access/index.md

@@ -18,15 +18,6 @@ Organization may want to set up special purpose devices, such as a device in the
     :::column-end:::
 :::row-end:::
 
-:::row:::
-    :::column span="1":::
-    :::image type="content" source="images/restricted-user-experience.png" alt-text="Icon representing a restricted user experience." border="false":::
-    :::column-end:::
-    :::column span="3":::
-    #### Restricted user experience
-    :::column-end:::
-:::row-end:::
-
 This experience runs a single application in full screen, and people using the device can only use that app. When the designated kiosk account signs in, the kiosk app launches automatically. If the kiosk app is closed, it will automatically restart. This experience is sometimes referred to as *single-app kiosk*.
 
 Windows offers two different features to configure a kiosk experience:
@@ -87,27 +78,6 @@ There are several kiosk configuration methods that you can choose from, dependin
 >[!NOTE]
 >For devices running Windows client Enterprise and Education, you can also use [Windows Defender Application Control](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control) or [AppLocker](lock-down-windows-10-applocker.md) to lock down a device to specific apps.
 
-## User experience
-
-To test the kiosk, sign in with the Assigned Access user account you specified in the configuration to check out the multi-app experience.
-
->[!NOTE]
->The kiosk configuration setting will take effect the next time the Assigned Access user signs in. If that user account is signed in when you apply the configuration, make sure the user signs out and signs back in to validate the experience.
-
-When Assigned Access is configured, different policy settings are applied to the device to provide a secured, locked-down experience. For more information, see [assigned-access-policy-settings](assigned-access-policy-settings.md).
-
-Optionally, run Event Viewer (eventvwr.exe) and look through logs under **Applications and Services Logs** > **Microsoft** > **Windows** > **Provisioning-Diagnostics-Provider** > **Admin**.
-
-### App launching and switching experience
-
-In the multi-app mode, to maximize the user productivity and streamline the experience, an app will be always launched in full screen when the users click the tile on the Start. The users can minimize and close the app, but cannot resize the app window.
-
-The users can switch apps just as they do today in Windows. They can use the Task View button, Alt + Tab hotkey, and the swipe in from the left gesture to view all the open apps in task view. They can click the Windows button to show Start, from which they can open apps, and they can switch to an opened app by clicking it on the taskbar.
-
-### Auto-trigger touch keyboard
-
-The touch keyboard is automatically triggered when there's an input needed and no physical keyboard is attached on touch-enabled devices. You don't need to configure any other setting to enforce this behavior.
-
 
 <!--