From 803a89be76216331eda7c042fd9c6d5a6f10817b Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Thu, 25 Jan 2024 09:10:46 -0500
Subject: [PATCH] Delete unused images and update documentation

---
 .../cortana-at-work-feedback.md               |  10 +-
 .../cortana-at-work-scenario-1.md             |  21 +-
 .../cortana-at-work-scenario-3.md             |  10 +-
 .../cortana-at-work-scenario-4.md             |  14 +-
 .../cortana-at-work-scenario-5.md             |  10 +-
 .../cortana-at-work-scenario-6.md             |  10 +-
 windows/configuration/docfx.json              |   4 +
 ...ation-user-model-id-of-an-installed-app.md |   1 -
 .../guidelines-for-assigned-access-app.md     |   8 -
 .../kiosk/kiosk-additional-reference.md       |  14 +-
 .../configuration/kiosk/kiosk-mdm-bridge.md   |  12 +-
 windows/configuration/kiosk/kiosk-methods.md  |  25 +-
 windows/configuration/kiosk/kiosk-policies.md | 102 +++----
 windows/configuration/kiosk/kiosk-prepare.md  | 266 +++++++++---------
 .../kiosk/kiosk-shelllauncher.md              | 250 ++++++++--------
 .../configuration/kiosk/kiosk-single-app.md   |   9 +-
 windows/configuration/kiosk/kiosk-validate.md |  92 +++---
 windows/configuration/kiosk/kiosk-xml.md      | 157 +++++------
 .../kiosk/lock-down-windows-10-applocker.md   |   8 +-
 .../lock-down-windows-10-to-specific-apps.md  |   6 -
 .../lock-down-windows-11-to-specific-apps.md  | 251 ++++++++---------
 .../kiosk/lockdown-features-windows-10.md     |   6 +-
 .../kiosk/setup-digital-signage.md            |  11 +-
 ...can-use-configuration-service-providers.md |   9 +-
 .../provision-pcs-for-initial-deployment.md   |  30 +-
 .../provision-pcs-with-apps.md                |  12 +-
 .../provisioning-apply-package.md             |   9 +-
 .../provisioning-command-line.md              |   7 -
 .../provisioning-create-package.md            |   6 -
 .../provisioning-how-it-works.md              |   7 -
 .../provisioning-install-icd.md               |   6 -
 .../provisioning-packages.md                  |  25 +-
 .../provisioning-powershell.md                |   6 -
 .../provisioning-script-to-install-app.md     |  17 +-
 .../provisioning-uninstall-package.md         |   6 -
 .../shared-pc/set-up-shared-or-guest-pc.md    |   7 -
 .../shared-pc/shared-devices-concepts.md      |   7 -
 .../shared-pc/shared-pc-technical.md          |   7 -
 .../customize-and-export-start-layout.md      |   9 +-
 .../customize-start-menu-layout-windows-11.md |   9 +-
 ...-10-start-screens-by-using-group-policy.md |   7 +-
 ...reens-by-using-mobile-device-management.md |   9 +-
 ...-by-using-provisioning-packages-and-icd.md |   8 +-
 .../start/start-layout-xml-desktop.md         |  19 +-
 .../start/start-secondary-tiles.md            |  10 +-
 ...supported-csp-start-menu-layout-windows.md |   9 +-
 ...ws-10-start-layout-options-and-policies.md |   8 +-
 .../wcd/wcd-accountmanagement.md              |  30 +-
 windows/configuration/wcd/wcd-accounts.md     |  34 +--
 .../configuration/wcd/wcd-admxingestion.md    | 114 ++++----
 .../configuration/wcd/wcd-assignedaccess.md   |  32 +--
 windows/configuration/wcd/wcd-browser.md      |  80 +++---
 windows/configuration/wcd/wcd-cellular.md     |  64 ++---
 windows/configuration/wcd/wcd-changes.md      |  24 +-
 windows/configuration/wcd/wcd-cleanpc.md      |  18 +-
 windows/configuration/wcd/wcd-connections.md  |  39 ++-
 .../configuration/wcd/wcd-countryandregion.md |  16 +-
 .../wcd/wcd-desktopbackgroundandcolors.md     |  14 +-
 .../configuration/wcd/wcd-developersetup.md   |  24 +-
 .../wcd/wcd-deviceupdatecenter.md             |  12 +-
 windows/configuration/wcd/wcd-dmclient.md     |  18 +-
 .../configuration/wcd/wcd-editionupgrade.md   |  32 +--
 .../wcd/wcd-firewallconfiguration.md          |  18 +-
 .../configuration/wcd/wcd-firstexperience.md  |  15 +-
 windows/configuration/wcd/wcd-folders.md      |  14 +-
 windows/configuration/wcd/wcd-hotspot.md      |   8 +-
 windows/configuration/wcd/wcd-kioskbrowser.md |  24 +-
 windows/configuration/wcd/wcd-licensing.md    |  22 +-
 windows/configuration/wcd/wcd-location.md     |  16 +-
 windows/configuration/wcd/wcd-maps.md         |  34 +--
 windows/configuration/wcd/wcd-networkproxy.md |  32 +--
 .../configuration/wcd/wcd-networkqospolicy.md |  20 +-
 .../configuration/wcd/wcd-personalization.md  |  32 +--
 windows/configuration/wcd/wcd-policies.md     | 222 +++++++--------
 windows/configuration/wcd/wcd-privacy.md      |  22 +-
 .../wcd/wcd-provisioningcommands.md           |  23 +-
 windows/configuration/wcd/wcd-sharedpc.md     |  38 +--
 windows/configuration/wcd/wcd-smisettings.md  |  63 ++---
 windows/configuration/wcd/wcd-start.md        |  25 +-
 windows/configuration/wcd/wcd-startupapp.md   |  17 +-
 .../wcd/wcd-startupbackgroundtasks.md         |  14 +-
 .../wcd/wcd-storaged3inmodernstandby.md       |  16 +-
 .../wcd/wcd-surfacehubmanagement.md           |  27 +-
 windows/configuration/wcd/wcd-takeatest.md    |  38 +--
 windows/configuration/wcd/wcd-time.md         |  24 +-
 .../wcd/wcd-unifiedwritefilter.md             |  64 ++---
 .../wcd/wcd-usberrorsoemoverride.md           |  19 +-
 windows/configuration/wcd/wcd-weakcharger.md  |  37 ++-
 .../wcd/wcd-windowshelloforbusiness.md        |  21 +-
 windows/configuration/wcd/wcd-wlan.md         |  12 +-
 90 files changed, 1368 insertions(+), 1646 deletions(-)

diff --git a/windows/configuration/cortana-at-work/cortana-at-work-feedback.md b/windows/configuration/cortana-at-work/cortana-at-work-feedback.md
index 13367f11d1..6b969902d1 100644
--- a/windows/configuration/cortana-at-work/cortana-at-work-feedback.md
+++ b/windows/configuration/cortana-at-work/cortana-at-work-feedback.md
@@ -7,14 +7,14 @@ ms.topic: article
 
 # Send feedback about Cortana back to Microsoft
 <!--Using include for Cortana in Windows deprecation -->
-[!INCLUDE [Deprecation of Cortana in Windows](./includes/cortana-deprecation.md)] 
+[!INCLUDE [Deprecation of Cortana in Windows](./includes/cortana-deprecation.md)]
 
-To provide feedback on an individual request or response, select the item in the conversation history and then select **Give feedback**. The Feedback Hub application is launched, where you can provide more information to help diagnose reported issues. 
+To provide feedback on an individual request or response, select the item in the conversation history and then select **Give feedback**. The Feedback Hub application is launched, where you can provide more information to help diagnose reported issues.
 
-:::image type="content" source="images/screenshot1.png" alt-text="Screenshot: Send feedback page"::: 
+:::image type="content" source="images/screenshot1.png" alt-text="Screenshot: Send feedback page":::
 
-To provide feedback about the application in general, go to the **Settings** menu by selecting the three dots in the top left of the application, and select **Feedback**. The Feedback Hub is launched, where more information on the issue can be provided. 
+To provide feedback about the application in general, go to the **Settings** menu by selecting the three dots in the top left of the application, and select **Feedback**. The Feedback Hub is launched, where more information on the issue can be provided.
 
-:::image type="content" source="images/screenshot12.png" alt-text="Screenshot: Select Feedback to go to the Feedback Hub"::: 
+:::image type="content" source="images/screenshot12.png" alt-text="Screenshot: Select Feedback to go to the Feedback Hub":::
 
 In order for enterprise users to provide feedback, admins must unblock the Feedback Hub in the [Azure portal](https://portal.azure.com/). Go to the **Enterprise applications section** and enable **Users can allow apps to access their data**.
diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-1.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-1.md
index caf0d5bd5b..8d9ac8b9bf 100644
--- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-1.md
+++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-1.md
@@ -7,24 +7,21 @@ ms.topic: article
 
 # Test scenario 1 - Sign into Microsoft Entra ID, enable the wake word, and try a voice query
 <!--Using include for Cortana in Windows deprecation -->
-[!INCLUDE [Deprecation of Cortana in Windows](./includes/cortana-deprecation.md)] 
+[!INCLUDE [Deprecation of Cortana in Windows](./includes/cortana-deprecation.md)]
 
 >[!NOTE]
->The wake word has been re-enabled in the latest version of Cortana in Windows. If you're on Windows 10, version 2004, be sure that you've updated to build 19041.329 or later to use the wake word with Cortana. For earlier builds, you can still click on the microphone button to use your voice with Cortana. 
+>The wake word has been re-enabled in the latest version of Cortana in Windows. If you're on Windows 10, version 2004, be sure that you've updated to build 19041.329 or later to use the wake word with Cortana. For earlier builds, you can still click on the microphone button to use your voice with Cortana.
 
-1. Select the **Cortana** icon in the task bar and sign in using your Microsoft Entra account. 
+1. Select the **Cortana** icon in the task bar and sign in using your Microsoft Entra account.
+2. Select the &quot;…&quot; menu and select **Talking to Cortana**.
+3. Toggle **Wake word** to **On** and close Cortana.
+4. Say **Cortana, what can you do?**
 
-2. Select the &quot;…&quot; menu and select **Talking to Cortana**. 
+   When you say **Cortana**, Cortana will open in listening mode to acknowledge the wake word.
 
-3. Toggle **Wake word** to **On** and close Cortana. 
+   :::image type="content" source="images/screenshot4.png" alt-text="Screenshot: Cortana listening mode":::
 
-4. Say **Cortana, what can you do?** 
-
-   When you say **Cortana**, Cortana will open in listening mode to acknowledge the wake word. 
-
-   :::image type="content" source="images/screenshot4.png" alt-text="Screenshot: Cortana listening mode"::: 
-
-   Once you finish saying your query, Cortana will open with the result. 
+   Once you finish saying your query, Cortana will open with the result.
 
 >[!NOTE]
 >If you've disabled the wake word using MDM or Group Policy, you will need to manually activate the microphone by selecting Cortana, then the mic button.
diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-3.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-3.md
index 0f298d04c4..b98b0a5ad1 100644
--- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-3.md
+++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-3.md
@@ -7,14 +7,14 @@ ms.topic: article
 
 # Test scenario 3 - Set a reminder
 <!--Using include for Cortana in Windows deprecation -->
-[!INCLUDE [Deprecation of Cortana in Windows](./includes/cortana-deprecation.md)] 
+[!INCLUDE [Deprecation of Cortana in Windows](./includes/cortana-deprecation.md)]
 
-This scenario helps you set up, review, and edit a reminder. For example, you can remind yourself to send someone a link to a document after a meeting. 
+This scenario helps you set up, review, and edit a reminder. For example, you can remind yourself to send someone a link to a document after a meeting.
 
-1. Select the **Cortana** icon in the taskbar and type **Remind me to send a link to the deck at 3:05pm** and press **Enter**. 
+1. Select the **Cortana** icon in the taskbar and type **Remind me to send a link to the deck at 3:05pm** and press **Enter**.
 
-Cortana will create a reminder in Microsoft To Do and will remind you at the appropriate time. 
+Cortana will create a reminder in Microsoft To Do and will remind you at the appropriate time.
 
-:::image type="content" source="images/screenshot6.png" alt-text="Screenshot: Cortana set a reminder"::: 
+:::image type="content" source="images/screenshot6.png" alt-text="Screenshot: Cortana set a reminder":::
 
 :::image type="content" source="images/screenshot7.png" alt-text="Screenshot: Cortana showing reminder on page":::
diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-4.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-4.md
index 1e9652275f..bf80e7200d 100644
--- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-4.md
+++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-4.md
@@ -5,19 +5,19 @@ ms.date: 10/05/2017
 ms.topic: article
 --- 
 
-# Test scenario 4 - Use Cortana to find free time on your calendar for your upcoming meetings. 
+# Test scenario 4 - Use Cortana to find free time on your calendar for your upcoming meetings
 
 <!--Using include for Cortana in Windows deprecation -->
-[!INCLUDE [Deprecation of Cortana in Windows](./includes/cortana-deprecation.md)] 
+[!INCLUDE [Deprecation of Cortana in Windows](./includes/cortana-deprecation.md)]
 
-This scenario helps you find out if a time slot is free on your calendar. 
+This scenario helps you find out if a time slot is free on your calendar.
 
-1. Select the  **Cortana**  icon in the taskbar. 
+1. Select the  **Cortana**  icon in the taskbar.
 
-2. Click on the **Cortana** icon in the taskbar, and then click in the **Search** bar. 
+2. Click on the **Cortana** icon in the taskbar, and then click in the **Search** bar.
 
-3. Type **Am I free at 3 PM tomorrow?** 
+3. Type **Am I free at 3 PM tomorrow?**
 
-Cortana will respond with your availability for that time, and nearby meetings. 
+Cortana will respond with your availability for that time, and nearby meetings.
 
 :::image type="content" source="images/screenshot8.png" alt-text="Screenshot: Cortana showing free time on a calendar":::
diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-5.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-5.md
index d1a8806d94..f3857f21f5 100644
--- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-5.md
+++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-5.md
@@ -7,14 +7,14 @@ ms.topic: article
 
 # Test scenario 5 - Test scenario 5 - Find out about a person
 <!--Using include for Cortana in Windows deprecation -->
-[!INCLUDE [Deprecation of Cortana in Windows](./includes/cortana-deprecation.md)] 
+[!INCLUDE [Deprecation of Cortana in Windows](./includes/cortana-deprecation.md)]
 
-Cortana can help you quickly look up information about someone or the org chart. 
+Cortana can help you quickly look up information about someone or the org chart.
 
-1. Select the  **Cortana**  icon in the taskbar. 
+1. Select the  **Cortana**  icon in the taskbar.
 
-2. Type or select the mic and say, **Who is name of person in your organization's?** 
+2. Type or select the mic and say, **Who is name of person in your organization's?**
 
-:::image type="content" source="images/screenshot9.png" alt-text="Screenshot: Cortana showing name of person in your organization"::: 
+:::image type="content" source="images/screenshot9.png" alt-text="Screenshot: Cortana showing name of person in your organization":::
 
 Cortana will respond with information about the person. You can select the person to see more information about them in Microsoft Search.
diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md
index 0420a9cf29..ab8776d4ac 100644
--- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md
+++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md
@@ -7,14 +7,14 @@ ms.topic: article
 
 # Test scenario 6 - Change your language and perform a quick search with Cortana
 <!--Using include for Cortana in Windows deprecation -->
-[!INCLUDE [Deprecation of Cortana in Windows](./includes/cortana-deprecation.md)] 
+[!INCLUDE [Deprecation of Cortana in Windows](./includes/cortana-deprecation.md)]
 
-Cortana can help employees in regions outside the US search for quick answers like currency conversions, time zone conversions, or weather in their location. 
+Cortana can help employees in regions outside the US search for quick answers like currency conversions, time zone conversions, or weather in their location.
 
-1. Select the  **Cortana**  icon in the taskbar. 
+1. Select the  **Cortana**  icon in the taskbar.
 
-2. Select the **…** menu, then select **Settings**, **Language**, then select **Español (España)**. You'll be prompted to restart the app. 
+2. Select the **…** menu, then select **Settings**, **Language**, then select **Español (España)**. You'll be prompted to restart the app.
 
-3. Once the app has restarted, type or say **Convierte 100 Euros a Dólares**. 
+3. Once the app has restarted, type or say **Convierte 100 Euros a Dólares**.
 
 :::image type="content" source="images/screenshot10.png" alt-text="Screenshot: Cortana showing a change your language and showing search results in Spanish":::
diff --git a/windows/configuration/docfx.json b/windows/configuration/docfx.json
index d226141219..5615c05ca1 100644
--- a/windows/configuration/docfx.json
+++ b/windows/configuration/docfx.json
@@ -93,6 +93,10 @@
         "ue-v//**/*.md": "aaroncz",
         "ue-v//**/*.yml": "aaroncz"
       },
+      "ms.reviewer":{
+        "kiosk//**/*.md": "sybruckm",
+        "start//**/*.md": "ericpapa"
+      },
       "ms.collection":{
         "cortana-at-work//**/*.md": "tier3",
         "wcd//**/*.md": "must-keep",
diff --git a/windows/configuration/kiosk/find-the-application-user-model-id-of-an-installed-app.md b/windows/configuration/kiosk/find-the-application-user-model-id-of-an-installed-app.md
index 0aa9874fff..c1fde94111 100644
--- a/windows/configuration/kiosk/find-the-application-user-model-id-of-an-installed-app.md
+++ b/windows/configuration/kiosk/find-the-application-user-model-id-of-an-installed-app.md
@@ -1,6 +1,5 @@
 ---
 title: Find the Application User Model ID of an installed app
-ms.reviewer: sybruckm
 description: To configure assigned access (kiosk mode), you need the Application User Model ID (AUMID) of apps installed on a device.
 ms.topic: article
 ms.date: 12/31/2017
diff --git a/windows/configuration/kiosk/guidelines-for-assigned-access-app.md b/windows/configuration/kiosk/guidelines-for-assigned-access-app.md
index eea2439621..554eb73963 100644
--- a/windows/configuration/kiosk/guidelines-for-assigned-access-app.md
+++ b/windows/configuration/kiosk/guidelines-for-assigned-access-app.md
@@ -2,19 +2,11 @@
 title: Guidelines for choosing an app for assigned access
 description: The following guidelines may help you choose an appropriate Windows app for your assigned access experience.
 ms.topic: article
-ms.reviewer: sybruckm
 ms.date: 12/31/2017
 --- 
 
 # Guidelines for choosing an app for assigned access (kiosk mode) 
 
-
-**Applies to** 
-
-- Windows 10
-- Windows 11 
-
-
 You can use assigned access to restrict customers at your business to using only one Windows app so your device acts like a kiosk.  Administrators can use assigned access to restrict a selected user account to access a single Windows app. You can choose almost any Windows app for assigned access; however, some apps may not provide a good user experience. 
 
 The following guidelines may help you choose an appropriate Windows app for your assigned access experience. 
diff --git a/windows/configuration/kiosk/kiosk-additional-reference.md b/windows/configuration/kiosk/kiosk-additional-reference.md
index 95e5d10453..839efdaeb9 100644
--- a/windows/configuration/kiosk/kiosk-additional-reference.md
+++ b/windows/configuration/kiosk/kiosk-additional-reference.md
@@ -1,22 +1,14 @@
 ---
 title: More kiosk methods and reference information (Windows 10/11)
 description: Find more information for configuring, validating, and troubleshooting kiosk configuration.
-ms.reviewer: sybruckm 
 
 ms.topic: reference
 ms.date: 12/31/2017
 --- 
 
-# More kiosk methods and reference information 
+# More kiosk methods and reference information
 
-
-**Applies to** 
-
-- Windows 10 Pro, Enterprise, and Education
-- Windows 11 
-
-
-## In this section 
+## In this section
 
 Topic | Description
 --- | ---
@@ -28,4 +20,4 @@ Topic | Description
 [Use AppLocker to create a Windows client kiosk](lock-down-windows-10-applocker.md) | Learn how to use AppLocker to configure a Windows client kiosk device running Enterprise or Education so that users can only run a few specific apps.
 [Use Shell Launcher to create a Windows client kiosk](kiosk-shelllauncher.md) |  Using Shell Launcher, you can configure a kiosk device that runs a Windows application as the user interface.
 [Use MDM Bridge WMI Provider to create a Windows client kiosk](kiosk-mdm-bridge.md) | Environments that use Windows Management Instrumentation (WMI) can use the MDM Bridge WMI Provider to configure the MDM_AssignedAccess class.
-[Troubleshoot kiosk mode issues](/troubleshoot/windows-client/shell-experience/kiosk-mode-issues-troubleshooting) | Tips for troubleshooting multi-app kiosk configuration.
\ No newline at end of file
+[Troubleshoot kiosk mode issues](/troubleshoot/windows-client/shell-experience/kiosk-mode-issues-troubleshooting) | Tips for troubleshooting multi-app kiosk configuration.
diff --git a/windows/configuration/kiosk/kiosk-mdm-bridge.md b/windows/configuration/kiosk/kiosk-mdm-bridge.md
index cca8302015..453e7ddee4 100644
--- a/windows/configuration/kiosk/kiosk-mdm-bridge.md
+++ b/windows/configuration/kiosk/kiosk-mdm-bridge.md
@@ -1,19 +1,13 @@
 ---
 title: Use MDM Bridge WMI Provider to create a Windows 10/11 kiosk (Windows 10/11)
 description: Environments that use Windows Management Instrumentation (WMI) can use the MDM Bridge WMI Provider to configure the MDM_AssignedAccess class.
-ms.reviewer: sybruckm 
-
+appliesto:
+- ✅ <a href=/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
 ms.topic: article
 ms.date: 12/31/2017
 --- 
 
-# Use MDM Bridge WMI Provider to create a Windows client kiosk 
-
-
-**Applies to** 
-
-- Windows 10 Pro, Enterprise, and Education
-- Windows 11 
+# Use MDM Bridge WMI Provider to create a Windows client kiosk
 
 Environments that use [Windows Management Instrumentation (WMI)](/windows/win32/wmisdk/wmi-start-page) can use the [MDM Bridge WMI Provider](/windows/win32/dmwmibridgeprov/mdm-bridge-wmi-provider-portal) to configure the MDM_AssignedAccess class. For more information about using a PowerShell script to configure AssignedAccess, see [PowerShell Scripting with WMI Bridge Provider](/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider).  
 
diff --git a/windows/configuration/kiosk/kiosk-methods.md b/windows/configuration/kiosk/kiosk-methods.md
index bb5d1002ca..3b6b847451 100644
--- a/windows/configuration/kiosk/kiosk-methods.md
+++ b/windows/configuration/kiosk/kiosk-methods.md
@@ -1,6 +1,5 @@
 ---
 title: Configure kiosks and digital signs on Windows 10/11 desktop editions
-ms.reviewer: sybruckm
 description: In this article, learn about the methods for configuring kiosks and digital signs on Windows 10 or Windows 11 desktop editions. 
 
 ms.topic: article
@@ -12,11 +11,6 @@ ms.date: 12/31/2017
 >[!WARNING]
 >Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here. 
 
-**Applies to** 
-
-- Windows 10
-- Windows 11 
-
 Some desktop devices in an enterprise serve a special purpose. For example, a PC in the lobby that customers use to see your product catalog. Or, a PC displaying visual content as a digital sign. Windows client offers two different locked-down experiences for public or specialized use: 
 
 - **A single-app kiosk**: Runs a single Universal Windows Platform (UWP) app in full screen above the lock screen. People using the kiosk can see only that app. When the kiosk account (a local standard user account) signs in, the kiosk app launches automatically, and you can configure the kiosk account to sign in automatically as well. If the kiosk app is closed, it will automatically restart. 
@@ -70,12 +64,10 @@ There are several kiosk configuration methods that you can choose from, dependin
 ## Methods for a single-app kiosk running a UWP app 
 
 You can use this method | For this edition | For this kiosk account type 
-
 --- | --- | ---
 [Assigned access in Settings](kiosk-single-app.md#local) | Pro, Ent, Edu | Local standard user
 [Assigned access cmdlets](kiosk-single-app.md#powershell)  | Pro, Ent, Edu | Local standard user
 [The kiosk wizard in Windows Configuration Designer](kiosk-single-app.md#wizard)  | Pro (version 1709), Ent, Edu | Local standard user, Active Directory, Microsoft Entra ID 
-
 [Microsoft Intune or other mobile device management (MDM)](kiosk-single-app.md#mdm) | Pro (version 1709), Ent, Edu | Local standard user, Microsoft Entra ID
 [Shell Launcher](kiosk-shelllauncher.md) v2 | Ent, Edu | Local standard user, Active Directory, Microsoft Entra ID 
 
@@ -84,10 +76,8 @@ You can use this method | For this edition | For this kiosk account type
 ## Methods for a single-app kiosk running a Windows desktop application 
 
 You can use this method | For this edition | For this kiosk account type 
-
 --- | --- | ---
 [The kiosk wizard in Windows Configuration Designer](kiosk-single-app.md#wizard) | Ent, Edu | Local standard user, Active Directory, Microsoft Entra ID 
-
 [Microsoft Intune or other mobile device management (MDM)](kiosk-single-app.md#mdm) | Pro (version 1709), Ent, Edu | Local standard user, Microsoft Entra ID
 [Shell Launcher](kiosk-shelllauncher.md) v1 and v2 | Ent, Edu | Local standard user, Active Directory, Microsoft Entra ID 
 
@@ -96,7 +86,6 @@ You can use this method | For this edition | For this kiosk account type
 ## Methods for a multi-app kiosk 
 
 You can use this method | For this edition | For this kiosk account type 
-
 --- | --- | ---
 [XML in a provisioning package](lock-down-windows-10-to-specific-apps.md) | Pro, Ent, Edu | Local standard user, Active Directory, Microsoft Entra ID
 [Microsoft Intune or other MDM](lock-down-windows-10-to-specific-apps.md) | Pro, Ent, Edu | Local standard user, Microsoft Entra ID
@@ -106,14 +95,14 @@ You can use this method | For this edition | For this kiosk account type
 
 Method | App type | Account type | Single-app kiosk | Multi-app kiosk
 --- | --- | --- | :---: | :---:
-[Assigned access in Settings](kiosk-single-app.md#local) | UWP | Local account | ✔️  |
-[Assigned access cmdlets](kiosk-single-app.md#powershell) | UWP | Local account | ✔️ |
-[The kiosk wizard in Windows Configuration Designer](kiosk-single-app.md#wizard) | UWP, Windows desktop app | Local standard user, Active Directory, Microsoft Entra ID | ✔️  |
-[XML in a provisioning package](lock-down-windows-10-to-specific-apps.md)  | UWP, Windows desktop app | Local standard user, Active Directory, Microsoft Entra ID | ✔️  | ✔️
-Microsoft Intune or other MDM [for full-screen single-app kiosk](kiosk-single-app.md#mdm) or [for multi-app kiosk with desktop](lock-down-windows-10-to-specific-apps.md) | UWP, Windows desktop app | Local standard user, Microsoft Entra ID | ✔️ | ✔️
-[Shell Launcher](kiosk-shelllauncher.md) |Windows desktop app | Local standard user, Active Directory, Microsoft Entra ID | ✔️ | 
+[Assigned access in Settings](kiosk-single-app.md#local) | UWP | Local account | ✅  |
+[Assigned access cmdlets](kiosk-single-app.md#powershell) | UWP | Local account | ✅ |
+[The kiosk wizard in Windows Configuration Designer](kiosk-single-app.md#wizard) | UWP, Windows desktop app | Local standard user, Active Directory, Microsoft Entra ID | ✅  |
+[XML in a provisioning package](lock-down-windows-10-to-specific-apps.md)  | UWP, Windows desktop app | Local standard user, Active Directory, Microsoft Entra ID | ✅  | ✅
+Microsoft Intune or other MDM [for full-screen single-app kiosk](kiosk-single-app.md#mdm) or [for multi-app kiosk with desktop](lock-down-windows-10-to-specific-apps.md) | UWP, Windows desktop app | Local standard user, Microsoft Entra ID | ✅ | ✅
+[Shell Launcher](kiosk-shelllauncher.md) |Windows desktop app | Local standard user, Active Directory, Microsoft Entra ID | ✅ | 
 
-[MDM Bridge WMI Provider](kiosk-mdm-bridge.md) | UWP, Windows desktop app | Local standard user, Active Directory, Microsoft Entra ID |  | ✔️ 
+[MDM Bridge WMI Provider](kiosk-mdm-bridge.md) | UWP, Windows desktop app | Local standard user, Active Directory, Microsoft Entra ID |  | ✅ 
 
 
 >[!NOTE]
diff --git a/windows/configuration/kiosk/kiosk-policies.md b/windows/configuration/kiosk/kiosk-policies.md
index 7389d1296f..dfc103c48d 100644
--- a/windows/configuration/kiosk/kiosk-policies.md
+++ b/windows/configuration/kiosk/kiosk-policies.md
@@ -1,75 +1,61 @@
 ---
 title: Policies enforced on kiosk devices (Windows 10/11)
 description: Learn about the policies enforced on a device when you configure it as a kiosk.
-ms.reviewer: sybruckm 
-
 ms.topic: article
 ms.date: 12/31/2017
 --- 
 
-# Policies enforced on kiosk devices 
+# Policies enforced on kiosk devices
 
+It isn't recommended to set policies enforced in assigned access kiosk mode to different values using other channels, as the kiosk mode has been optimized to provide a locked-down experience.
 
-**Applies to** 
+When the assigned access kiosk configuration is applied on the device, certain policies are enforced system-wide, and will impact other users on the device.
 
-- Windows 10 Pro, Enterprise, and Education
-- Windows 11 
+## Group Policy
 
- 
+The following local policies affect all **non-administrator** users on the system, regardless whether the user is configured as an assigned access user or not.  These users include local users, domain users, and Microsoft Entra users.
 
-It isn't recommended to set policies enforced in assigned access kiosk mode to different values using other channels, as the kiosk mode has been optimized to provide a locked-down experience. 
-
-When the assigned access kiosk configuration is applied on the device, certain policies are enforced system-wide, and will impact other users on the device. 
-
-
-## Group Policy 
-
-The following local policies affect all **non-administrator** users on the system, regardless whether the user is configured as an assigned access user or not.  These users include local users, domain users, and Microsoft Entra users. 
-
-| Setting |	Value |
-| --- | --- |
-Remove access to the context menus for the task bar	| Enabled
-Clear history of recently opened documents on exit |	Enabled
-Prevent users from customizing their Start Screen |	Enabled
-Prevent users from uninstalling applications from Start |		Enabled
-Remove Run menu from Start Menu	 |	Enabled
-Disable showing balloon notifications as toast |		Enabled
-Do not allow pinning items in Jump Lists |		Enabled
-Do not allow pinning programs to the Taskbar |		Enabled
-Do not display or track items in Jump Lists from remote locations |		Enabled
-Remove Notifications and Action Center |		Enabled
-Lock all taskbar settings |		Enabled
-Lock the Taskbar	 |	Enabled
-Prevent users from adding or removing toolbars |		Enabled
-Prevent users from resizing the taskbar	 |	Enabled
-Remove frequent programs list from the Start Menu |		Enabled
-Remove Pinned programs from the taskbar	 |	Enabled
-Remove the Security and Maintenance icon	 |	Enabled
-Turn off all balloon notifications |		Enabled
-Turn off feature advertisement balloon notifications	 |	Enabled
-Turn off toast notifications |		Enabled
-Remove Task Manager |		Enabled
-Remove Change Password option in Security Options UI |		Enabled
-Remove Sign Out option in Security Options UI	 |	Enabled
-Remove All Programs list from the Start Menu	 |	Enabled - Remove and disable setting
-Prevent access to drives from My Computer	 |	Enabled - Restrict all drives 
+| Setting | Value |
+|--|--|
+| Remove access to the context menus for the task bar | Enabled |
+| Clear history of recently opened documents on exit | Enabled |
+| Prevent users from customizing their Start Screen | Enabled |
+| Prevent users from uninstalling applications from Start | Enabled |
+| Remove Run menu from Start Menu | Enabled |
+| Disable showing balloon notifications as toast | Enabled |
+| Do not allow pinning items in Jump Lists | Enabled |
+| Do not allow pinning programs to the Taskbar | Enabled |
+| Do not display or track items in Jump Lists from remote locations | Enabled |
+| Remove Notifications and Action Center | Enabled |
+| Lock all taskbar settings | Enabled |
+| Lock the Taskbar | Enabled |
+| Prevent users from adding or removing toolbars | Enabled |
+| Prevent users from resizing the taskbar | Enabled |
+| Remove frequent programs list from the Start Menu | Enabled |
+| Remove Pinned programs from the taskbar | Enabled |
+| Remove the Security and Maintenance icon | Enabled |
+| Turn off all balloon notifications | Enabled |
+| Turn off feature advertisement balloon notifications | Enabled |
+| Turn off toast notifications | Enabled |
+| Remove Task Manager | Enabled |
+| Remove Change Password option in Security Options UI | Enabled |
+| Remove Sign Out option in Security Options UI | Enabled |
+| Remove All Programs list from the Start Menu | Enabled - Remove and disable setting |
+| Prevent access to drives from My Computer | Enabled - Restrict all drives |
 
 >[!NOTE]
->When **Prevent access to drives from My Computer** is enabled, users can browse the directory structure in File Explorer, but they cannot open folders and access the contents. Also, they cannot use the **Run** dialog box or the **Map Network Drive** dialog box to view the directories on these drives. The icons representing the specified drives still appear in File Explorer, but if users double-click the icons, a message appears explaining that a setting prevents the action. This setting does not prevent users from using programs to access local and network drives. It does not prevent users from using the Disk Management snap-in to view and change drive characteristics. 
+>When **Prevent access to drives from My Computer** is enabled, users can browse the directory structure in File Explorer, but they cannot open folders and access the contents. Also, they cannot use the **Run** dialog box or the **Map Network Drive** dialog box to view the directories on these drives. The icons representing the specified drives still appear in File Explorer, but if users double-click the icons, a message appears explaining that a setting prevents the action. This setting does not prevent users from using programs to access local and network drives. It does not prevent users from using the Disk Management snap-in to view and change drive characteristics.
 
- 
+## MDM policy
 
-## MDM policy 
+Some of the MDM policies based on the [Policy configuration service provider (CSP)](/windows/client-management/mdm/policy-configuration-service-provider) affect all users on the system (that is, system-wide impact).
 
-
-Some of the MDM policies based on the [Policy configuration service provider (CSP)](/windows/client-management/mdm/policy-configuration-service-provider) affect all users on the system (that is, system-wide impact). 
-
-Setting	| 	Value	| System-wide
- --- | --- | ---
-[Experience/AllowCortana](/windows/client-management/mdm/policy-csp-experience#experience-allowcortana)		| 0 - Not allowed	| 	Yes
-[Start/AllowPinnedFolderSettings](/windows/client-management/mdm/policy-csp-start#start-allowpinnedfoldersettings)	| 	0 - Shortcut is hidden and disables the setting in the Settings app	| 	Yes
-Start/HidePeopleBar		| 1 - True (hide)	| 	No
-[Start/HideChangeAccountSettings](/windows/client-management/mdm/policy-csp-start#start-hidechangeaccountsettings)		| 1 - True (hide) | Yes
-[WindowsInkWorkspace/AllowWindowsInkWorkspace](/windows/client-management/mdm/policy-csp-windowsinkworkspace#windowsinkworkspace-allowwindowsinkworkspace)	| 	0 - Access to ink workspace is disabled and the feature is turned off	| 	Yes
-[Start/StartLayout](/windows/client-management/mdm/policy-csp-start#start-startlayout)	| Configuration dependent	| 	No
-[WindowsLogon/DontDisplayNetworkSelectionUI](/windows/client-management/mdm/policy-csp-windowslogon#windowslogon-dontdisplaynetworkselectionui)	| 	&lt;Enabled/&gt;	| 	Yes
+| Setting | Value | System-wide |
+|--|--|--|
+| [Experience/AllowCortana](/windows/client-management/mdm/policy-csp-experience#experience-allowcortana) | 0 - Not allowed | Yes |
+| [Start/AllowPinnedFolderSettings](/windows/client-management/mdm/policy-csp-start#start-allowpinnedfoldersettings) | 0 - Shortcut is hidden and disables the setting in the Settings app | Yes |
+| Start/HidePeopleBar | 1 - True (hide) | No |
+| [Start/HideChangeAccountSettings](/windows/client-management/mdm/policy-csp-start#start-hidechangeaccountsettings) | 1 - True (hide) | Yes |
+| [WindowsInkWorkspace/AllowWindowsInkWorkspace](/windows/client-management/mdm/policy-csp-windowsinkworkspace#windowsinkworkspace-allowwindowsinkworkspace) | 0 - Access to ink workspace is disabled and the feature is turned off | Yes |
+| [Start/StartLayout](/windows/client-management/mdm/policy-csp-start#start-startlayout) | Configuration dependent | No |
+| [WindowsLogon/DontDisplayNetworkSelectionUI](/windows/client-management/mdm/policy-csp-windowslogon#windowslogon-dontdisplaynetworkselectionui) | &lt;Enabled/&gt; | Yes |
diff --git a/windows/configuration/kiosk/kiosk-prepare.md b/windows/configuration/kiosk/kiosk-prepare.md
index f2ac235565..60c01e1e0a 100644
--- a/windows/configuration/kiosk/kiosk-prepare.md
+++ b/windows/configuration/kiosk/kiosk-prepare.md
@@ -1,282 +1,270 @@
 ---
 title: Prepare a device for kiosk configuration on Windows 10/11 | Microsoft Docs
 description: Learn how to prepare a device for kiosk configuration. Also, learn about the recommended kiosk configuration changes.
-ms.reviewer: sybruckm 
 
 ms.topic: article
 ms.date: 12/31/2017
---- 
+---
 
-# Prepare a device for kiosk configuration 
+# Prepare a device for kiosk configuration
 
-
-**Applies to** 
-
-- Windows 10 Pro, Enterprise, and Education
-- Windows 11 
-
- 
-
-## Before you begin 
+## Before you begin
 
 - [User account control (UAC)](/windows/security/identity-protection/user-account-control/user-account-control-overview) must be turned on to enable kiosk mode.
 - Kiosk mode isn't supported over a remote desktop connection. Your kiosk users must sign in on the physical device that's set up as a kiosk.
-- For kiosks in public-facing environments with auto sign-in enabled, you should use a user account with the least privileges, such as a local standard user account. 
+- For kiosks in public-facing environments with auto sign-in enabled, you should use a user account with the least privileges, such as a local standard user account.
 
-  Assigned access can be configured using Windows Management Instrumentation (WMI) or configuration service provider (CSP). Assigned access runs an application using a domain user or service account, not a local account. Using a domain user or service accounts has risks, and might allow an attacker to gain access to domain resources that are accessible to any domain account. When using domain accounts with assigned access, proceed with caution. Consider the domain resources potentially exposed by using a domain account. 
+  Assigned access can be configured using Windows Management Instrumentation (WMI) or configuration service provider (CSP). Assigned access runs an application using a domain user or service account, not a local account. Using a domain user or service accounts has risks, and might allow an attacker to gain access to domain resources that are accessible to any domain account. When using domain accounts with assigned access, proceed with caution. Consider the domain resources potentially exposed by using a domain account.
 
-- MDM providers, such as [Microsoft Intune](/mem/intune/fundamentals/what-is-intune), use the configuration service providers (CSP) exposed by the Windows OS to manage settings on devices. In this article, we mention these services. If you're not managing your devices using an MDM provider, the following resources may help you get started: 
+- MDM providers, such as [Microsoft Intune](/mem/intune/fundamentals/what-is-intune), use the configuration service providers (CSP) exposed by the Windows OS to manage settings on devices. In this article, we mention these services. If you're not managing your devices using an MDM provider, the following resources may help you get started:
 
   - [Endpoint Management at Microsoft](/mem/endpoint-manager-getting-started)
   - [What is Microsoft Intune](/mem/intune/fundamentals/what-is-intune) and [Microsoft Intune planning guide](/mem/intune/fundamentals/intune-planning-guide)
-  - [What is Configuration Manager?](/mem/configmgr/core/understand/introduction) 
+  - [What is Configuration Manager?](/mem/configmgr/core/understand/introduction)
 
-## Configuration recommendations 
+## Configuration recommendations
 
-For a more secure kiosk experience, we recommend that you make the following configuration changes to the device before you configure it as a kiosk: 
+For a more secure kiosk experience, we recommend that you make the following configuration changes to the device before you configure it as a kiosk:
 
-- **Hide update notifications**. Starting with Windows 10 version 1809, you can hide notifications from showing on the devices. To enable this feature, you have the following options: 
+- **Hide update notifications**. Starting with Windows 10 version 1809, you can hide notifications from showing on the devices. To enable this feature, you have the following options:
 
-  - **Use Group policy**: `Computer Configuration\Administrative Templates\Windows Components\Windows Update\Display options for update notifications` 
+  - **Use Group policy**: `Computer Configuration\Administrative Templates\Windows Components\Windows Update\Display options for update notifications`
 
-  - **Use an MDM provider**: This feature uses the [Update/UpdateNotificationLevel CSP](/windows/client-management/mdm/policy-csp-update#update-updatenotificationlevel). In Intune, you can use the [Windows update settings](/mem/intune/protect/windows-update-settings) to manage this feature. 
+  - **Use an MDM provider**: This feature uses the [Update/UpdateNotificationLevel CSP](/windows/client-management/mdm/policy-csp-update#update-updatenotificationlevel). In Intune, you can use the [Windows update settings](/mem/intune/protect/windows-update-settings) to manage this feature.
 
-  - **Use the registry**: 
+  - **Use the registry**:
 
     1. Open Registry Editor (regedit).
     2. Go to `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate`.
     3. Create a **New** > **DWORD (32-bit) Value**. Enter `SetUpdateNotificationLevel`, and set its value to `1`.
-    4. Create a **New** > **DWORD (32-bit) Value**. Enter `UpdateNotificationLevel`. For value, you can enter: 
-
+    4. Create a **New** > **DWORD (32-bit) Value**. Enter `UpdateNotificationLevel`. For value, you can enter:
         - `1`: Hides all notifications except restart warnings.
-        - `2`: Hides all notifications, including restart warnings. 
+        - `2`: Hides all notifications, including restart warnings.
 
-- **Enable and schedule automatic updates**. To enable this feature, you have the following options: 
+- **Enable and schedule automatic updates**. To enable this feature, you have the following options:
 
   - **Use Group policy**: `Computer Configuration\Administrative Templates\Windows Components\Windows Update\Configure Automatic Updates`. Select `4 - Auto download and schedule the install`.
-  - **Use an MDM provider**: This feature uses the [Update/AllowAutoUpdate CSP](/windows/client-management/mdm/policy-csp-update#update-allowautoupdate). Select `3 - Auto install and restart at a specified time`. In Intune, you can use the [Windows update settings](/mem/intune/protect/windows-update-settings) to manage this feature. 
+  - **Use an MDM provider**: This feature uses the [Update/AllowAutoUpdate CSP](/windows/client-management/mdm/policy-csp-update#update-allowautoupdate). Select `3 - Auto install and restart at a specified time`. In Intune, you can use the [Windows update settings](/mem/intune/protect/windows-update-settings) to manage this feature.
 
-  You can also schedule automatic updates, including **Schedule Install Day**, **Schedule Install Time**, and **Schedule Install Week**. Installations can take between 30 minutes and 2 hours, depending on the device. Schedule updates to occur when a block of 3-4 hours is available. 
+  You can also schedule automatic updates, including **Schedule Install Day**, **Schedule Install Time**, and **Schedule Install Week**. Installations can take between 30 minutes and 2 hours, depending on the device. Schedule updates to occur when a block of 3-4 hours is available.
 
-- **Enable automatic restart at the scheduled time**. To enable this feature, you have the following options: 
+- **Enable automatic restart at the scheduled time**. To enable this feature, you have the following options:
 
-  - **Use Group policy**: `Computer Configuration\Administrative Templates\Windows Components\Windows Update\Always automatically restart at the scheduled time`. Select `4 - Auto download and schedule the install`. 
+  - **Use Group policy**: `Computer Configuration\Administrative Templates\Windows Components\Windows Update\Always automatically restart at the scheduled time`. Select `4 - Auto download and schedule the install`.
 
-  - **Use an MDM provider**: This feature uses the [Update/ActiveHoursStart](/windows/client-management/mdm/policy-csp-update#update-activehoursstart) and [Update/ActiveHoursEnd](/windows/client-management/mdm/policy-csp-update#update-activehoursend) CSPs. In Intune, you can use the [Windows update settings](/mem/intune/protect/windows-update-settings) to manage this feature. 
+  - **Use an MDM provider**: This feature uses the [Update/ActiveHoursStart](/windows/client-management/mdm/policy-csp-update#update-activehoursstart) and [Update/ActiveHoursEnd](/windows/client-management/mdm/policy-csp-update#update-activehoursend) CSPs. In Intune, you can use the [Windows update settings](/mem/intune/protect/windows-update-settings) to manage this feature.
 
-- **Replace "blue screen" with blank screen for OS errors**. To enable this feature, use the Registry Editor: 
+- **Replace "blue screen" with blank screen for OS errors**. To enable this feature, use the Registry Editor:
 
   1. Open Registry Editor (regedit).
   2. Go to `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl`.
-  3. Create a **New** > **DWORD (32-bit) Value**. Enter `DisplayDisabled`, and set its value to `1`. 
+  3. Create a **New** > **DWORD (32-bit) Value**. Enter `DisplayDisabled`, and set its value to `1`.
 
-- **Put device in "Tablet mode"**. If you want users to use the touch screen, without using a keyboard or mouse, then turn on tablet mode using the Settings app. If users won't interact with the kiosk, such as for a digital sign, then don't turn on this setting. 
+- **Put device in "Tablet mode"**. If you want users to use the touch screen, without using a keyboard or mouse, then turn on tablet mode using the Settings app. If users won't interact with the kiosk, such as for a digital sign, then don't turn on this setting.
 
-  Applies to Windows 10 only. Currently, Tablet mode isn't supported on Windows 11. 
+  Applies to Windows 10 only. Currently, Tablet mode isn't supported on Windows 11.
 
-  Your options: 
+  Your options:
 
   - Use the **Settings** app:
     1. Open the **Settings** app.
     2. Go to **System** > **Tablet mode**.
-    3. Configure the settings you want. 
+    3. Configure the settings you want.
 
   - Use the **Action Center**:
     1. On your device, swipe in from the left.
-    2. Select **Tablet mode**. 
+    2. Select **Tablet mode**.
 
-- **Hide "Ease of access" feature on the sign-in screen**: To enable this feature, you have the following options: 
+- **Hide "Ease of access" feature on the sign-in screen**: To enable this feature, you have the following options:
 
   - **Use an MDM provider**: In Intune, you can use the [Control Panel and Settings](/mem/intune/configuration/device-restrictions-windows-10#control-panel-and-settings) to manage this feature.
-  - **Use the registry**: For more information, see [how to disable the Ease of Access button in the registry](/windows-hardware/customize/enterprise/complementary-features-to-custom-logon#welcome-screen). 
+  - **Use the registry**: For more information, see [how to disable the Ease of Access button in the registry](/windows-hardware/customize/enterprise/complementary-features-to-custom-logon#welcome-screen).
 
-- **Disable the hardware power button**: To enable this feature, you have the following options: 
+- **Disable the hardware power button**: To enable this feature, you have the following options:
 
   - **Use the Settings app**:
     1. Open the **Settings** app.
     2. Go to **System** > **Power & Sleep** > **Additional power settings** > **Choose what the power button does**.
     3. Select **Do nothing**.
-    4. **Save changes**. 
+    4. **Save changes**.
 
-  - **Use Group Policy**: Your options: 
+  - **Use Group Policy**: Your options:
 
     - `Computer Configuration\Administrative Templates\System\Power Management\Button Settings`: Set `Select Power Button Action on Battery` and `Select Power Button Action on Plugged In` to **Take no action**.
     - `User Configuration\Administrative Templates\Start Menu and Taskbar\Remove and prevent access to the Shut Down, Restart, Sleep, and Hibernate commands`: This policy hides the buttons, but doesn't disable them.
-    - `Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Shut down the system`: Remove the users or groups from this policy. 
+    - `Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Shut down the system`: Remove the users or groups from this policy.
 
-      To prevent this policy from affecting a member of the Administrators group, be sure to keep the Administrators group. 
+      To prevent this policy from affecting a member of the Administrators group, be sure to keep the Administrators group.
 
-  - **Use an MDM provider**: In Intune, you have some options: 
+  - **Use an MDM provider**: In Intune, you have some options:
 
-    - [Settings Catalog](/mem/intune/configuration/settings-catalog): This option lists all the settings you can configure, including the administrative templates used in on-premises Group Policy. Configure the following settings: 
+    - [Settings Catalog](/mem/intune/configuration/settings-catalog): This option lists all the settings you can configure, including the administrative templates used in on-premises Group Policy. Configure the following settings:
 
       - `Power\Select Power Button Action on Battery`: Set to **Take no action**.
       - `Power\Select Power Button Action on Plugged In`: Set to **Take no action**.
-      - `Start\Hide Power Button`: Set to **Enabled**. This policy hides the button, but doesn't disable it. 
+      - `Start\Hide Power Button`: Set to **Enabled**. This policy hides the button, but doesn't disable it.
 
-    - [Administrative templates](/mem/intune/configuration/administrative-templates-windows): These templates are the administrative templates used in on-premises Group Policy. Configure the following setting: 
+    - [Administrative templates](/mem/intune/configuration/administrative-templates-windows): These templates are the administrative templates used in on-premises Group Policy. Configure the following setting:
 
-      - `\Start menu and Taskbar\Remove and prevent access to the Shut Down, Restart, Sleep, and Hibernate commands`: This policy hides the buttons, but doesn't disable them. 
+      - `\Start menu and Taskbar\Remove and prevent access to the Shut Down, Restart, Sleep, and Hibernate commands`: This policy hides the buttons, but doesn't disable them.
 
-      When looking at settings, check the supported OS for each setting to make sure it applies. 
+      When looking at settings, check the supported OS for each setting to make sure it applies.
 
-    - [Start settings in a device configuration profile](/mem/intune/configuration/device-restrictions-windows-10#start): This option shows this setting, and all the Start menu settings you can manage. 
+    - [Start settings in a device configuration profile](/mem/intune/configuration/device-restrictions-windows-10#start): This option shows this setting, and all the Start menu settings you can manage.
 
-- **Remove the power button from the sign-in screen**. To enable this feature, you have the following options: 
+- **Remove the power button from the sign-in screen**. To enable this feature, you have the following options:
 
-  - **Use Group Policy**: `Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Shutdown: Allow system to be shut down without having to log on`. Select **Disabled**. 
+  - **Use Group Policy**: `Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Shutdown: Allow system to be shut down without having to log on`. Select **Disabled**.
 
-  - **Use MDM**: In Intune, you have the following option: 
+  - **Use MDM**: In Intune, you have the following option:
 
-    - [Settings Catalog](/mem/intune/configuration/settings-catalog): This option lists all the settings you can configure, including the administrative templates used in on-premises Group Policy. Configure the following setting: 
+    - [Settings Catalog](/mem/intune/configuration/settings-catalog): This option lists all the settings you can configure, including the administrative templates used in on-premises Group Policy. Configure the following setting:
 
-      - `Local Policies Security Options\Shutdown Allow System To Be Shut Down Without Having To Log On`: Set to **Disabled**. 
+      - `Local Policies Security Options\Shutdown Allow System To Be Shut Down Without Having To Log On`: Set to **Disabled**.
 
-- **Disable the camera**: To enable this feature, you have the following options: 
+- **Disable the camera**: To enable this feature, you have the following options:
 
-  - **Use the Settings app**: 
+  - **Use the Settings app**:
 
     1. Open the **Settings** app.
     2. Go to **Privacy** > **Camera**.
-    3. Select **Allow apps use my camera** > **Off**. 
+    3. Select **Allow apps use my camera** > **Off**.
 
-  - **Use Group Policy**: `Computer Configuration\Administrative Templates\Windows Components\Camera: Allow use of camera`: Select **Disabled**. 
+  - **Use Group Policy**: `Computer Configuration\Administrative Templates\Windows Components\Camera: Allow use of camera`: Select **Disabled**.
 
-  - **Use an MDM provider**: This feature uses the [Policy CSP - Camera](/windows/client-management/mdm/policy-csp-camera). In Intune, you have the following options: 
+  - **Use an MDM provider**: This feature uses the [Policy CSP - Camera](/windows/client-management/mdm/policy-csp-camera). In Intune, you have the following options:
 
     - [General settings in a device configuration profile](/mem/intune/configuration/device-restrictions-windows-10#general): This option shows this setting, and more settings you can manage.
-    - [Settings Catalog](/mem/intune/configuration/settings-catalog): This option lists all the settings you can configure, including the administrative templates used in on-premises Group Policy. Configure the following setting: 
+    - [Settings Catalog](/mem/intune/configuration/settings-catalog): This option lists all the settings you can configure, including the administrative templates used in on-premises Group Policy. Configure the following setting:
 
-      - `Camera\Allow camera`: Set to **Not allowed**. 
+      - `Camera\Allow camera`: Set to **Not allowed**.
 
-- **Turn off app notifications on the lock screen**: To enable this feature, you have the following options: 
+- **Turn off app notifications on the lock screen**: To enable this feature, you have the following options:
 
-  - **Use the Settings app**: 
+  - **Use the Settings app**:
 
     1. Open the **Settings** app.
     2. Go to **System** > **Notifications & actions**.
-    3. In **Show notifications on the lock screen**, select **Off**. 
+    3. In **Show notifications on the lock screen**, select **Off**.
 
   - **Use Group policy**:
     - `Computer Configuration\Administrative Templates\System\Logon\Turn off app notifications on the lock screen`: Select **Enabled**.
-    - `User Configuration\Administrative Templates\Start Menu and Taskbar\Notifications\Turn off toast notifications on the lock screen`: Select **Enabled**. 
+    - `User Configuration\Administrative Templates\Start Menu and Taskbar\Notifications\Turn off toast notifications on the lock screen`: Select **Enabled**.
 
-  - **Use an MDM provider**: This feature uses the [AboveLock/AllowToasts CSP](/windows/client-management/mdm/policy-csp-abovelock#abovelock-allowtoasts). In Intune, you have the following options: 
+  - **Use an MDM provider**: This feature uses the [AboveLock/AllowToasts CSP](/windows/client-management/mdm/policy-csp-abovelock#abovelock-allowtoasts). In Intune, you have the following options:
 
-    - [Locked screen experience device configuration profile](/mem/intune/configuration/device-restrictions-windows-10#locked-screen-experience): See this setting, and more settings you can manage. 
+    - [Locked screen experience device configuration profile](/mem/intune/configuration/device-restrictions-windows-10#locked-screen-experience): See this setting, and more settings you can manage.
 
-    - [Administrative templates](/mem/intune/configuration/administrative-templates-windows): These templates are the administrative templates used in on-premises Group Policy. Configure the following settings: 
+    - [Administrative templates](/mem/intune/configuration/administrative-templates-windows): These templates are the administrative templates used in on-premises Group Policy. Configure the following settings:
 
       - `\Start Menu and Taskbar\Notifications\Turn off toast notifications on the lock screen`: Select **Enabled**.
-      - `\System\Logon\Turn off app notifications on the lock screen`: Select **Enabled**. 
+      - `\System\Logon\Turn off app notifications on the lock screen`: Select **Enabled**.
 
-      When looking at settings, check the supported OS for each setting to make sure it applies. 
+      When looking at settings, check the supported OS for each setting to make sure it applies.
 
-    - [Settings Catalog](/mem/intune/configuration/settings-catalog): This option lists all the settings you can configure, including the administrative templates used in on-premises Group Policy. Configure the following settings: 
+    - [Settings Catalog](/mem/intune/configuration/settings-catalog): This option lists all the settings you can configure, including the administrative templates used in on-premises Group Policy. Configure the following settings:
 
       - `\Start Menu and Taskbar\Notifications\Turn off toast notifications on the lock screen`: Select **Enabled**.
-      - `\System\Logon\Turn off app notifications on the lock screen`: Select **Enabled**. 
+      - `\System\Logon\Turn off app notifications on the lock screen`: Select **Enabled**.
 
-- **Disable removable media**:  To enable this feature, you have the following options: 
+- **Disable removable media**:  To enable this feature, you have the following options:
 
-  - **Use Group policy**: `Computer Configuration\Administrative Templates\System\Device Installation\Device Installation Restrictions`. Review the available settings that apply to your situation. 
+  - **Use Group policy**: `Computer Configuration\Administrative Templates\System\Device Installation\Device Installation Restrictions`. Review the available settings that apply to your situation.
 
-    To prevent this policy from affecting a member of the Administrators group, select `Allow administrators to override Device Installation Restriction policies` > **Enabled**. 
+    To prevent this policy from affecting a member of the Administrators group, select `Allow administrators to override Device Installation Restriction policies` > **Enabled**.
 
-  - **Use an MDM provider**: In Intune, you have the following options: 
+  - **Use an MDM provider**: In Intune, you have the following options:
 
-    - [General settings in a device configuration profile](/mem/intune/configuration/device-restrictions-windows-10#general): See the **Removable storage** setting, and more settings you can manage. 
+    - [General settings in a device configuration profile](/mem/intune/configuration/device-restrictions-windows-10#general): See the **Removable storage** setting, and more settings you can manage.
 
-    - [Administrative templates](/mem/intune/configuration/administrative-templates-windows): These templates are the administrative templates used in on-premises Group Policy. Configure the following settings: 
+    - [Administrative templates](/mem/intune/configuration/administrative-templates-windows): These templates are the administrative templates used in on-premises Group Policy. Configure the following settings:
 
-      - `\System\Device Installation`: There are several policies you can manage, including restrictions in `\System\Device Installation\Device Installation Restrictions`. 
+      - `\System\Device Installation`: There are several policies you can manage, including restrictions in `\System\Device Installation\Device Installation Restrictions`.
 
-        To prevent this policy from affecting a member of the Administrators group, select `Allow administrators to override Device Installation Restriction policies` > **Enabled**. 
+        To prevent this policy from affecting a member of the Administrators group, select `Allow administrators to override Device Installation Restriction policies` > **Enabled**.
 
-      When looking at settings, check the supported OS for each setting to make sure it applies. 
+      When looking at settings, check the supported OS for each setting to make sure it applies.
 
-    - [Settings Catalog](/mem/intune/configuration/settings-catalog): This option lists all the settings you can configure, including the administrative templates used in on-premises Group Policy. Configure the following settings: 
+    - [Settings Catalog](/mem/intune/configuration/settings-catalog): This option lists all the settings you can configure, including the administrative templates used in on-premises Group Policy. Configure the following settings:
 
-      - `\Administrative Templates\System\Device Installation`: There are several policies you can manage, including restrictions in `\System\Device Installation\Device Installation Restrictions`.  
+      - `\Administrative Templates\System\Device Installation`: There are several policies you can manage, including restrictions in `\System\Device Installation\Device Installation Restrictions`.
 
-        To prevent this policy from affecting a member of the Administrators group, select `Allow administrators to override Device Installation Restriction policies` > **Enabled**. 
+        To prevent this policy from affecting a member of the Administrators group, select `Allow administrators to override Device Installation Restriction policies` > **Enabled**.
 
-## Enable logging 
+## Enable logging
 
-Logs can help you [troubleshoot issues](/troubleshoot/windows-client/shell-experience/kiosk-mode-issues-troubleshooting) kiosk issues. Logs about configuration and runtime issues can be obtained by enabling the **Applications and Services Logs\Microsoft\Windows\AssignedAccess\Operational** channel, which is disabled by default. 
+Logs can help you [troubleshoot issues](/troubleshoot/windows-client/shell-experience/kiosk-mode-issues-troubleshooting) kiosk issues. Logs about configuration and runtime issues can be obtained by enabling the **Applications and Services Logs\Microsoft\Windows\AssignedAccess\Operational** channel, which is disabled by default.
 
-:::image type="content" source="images/enable-assigned-access-log.png" alt-text="On Windows client, open Event Viewer, right-click Operational, select enable log to turn on logging to help troubleshoot."::: 
+:::image type="content" source="images/enable-assigned-access-log.png" alt-text="On Windows client, open Event Viewer, right-click Operational, select enable log to turn on logging to help troubleshoot.":::
 
-## Automatic logon 
+## Automatic logon
 
-You may also want to set up **automatic logon** for your kiosk device. When your kiosk device restarts, from an update or power outage, you can sign in the assigned access account manually. Or, you can configure the device to sign in to the assigned access account automatically. Make sure that Group Policy settings applied to the device don't prevent automatic sign in. 
+You may also want to set up **automatic logon** for your kiosk device. When your kiosk device restarts, from an update or power outage, you can sign in the assigned access account manually. Or, you can configure the device to sign in to the assigned access account automatically. Make sure that Group Policy settings applied to the device don't prevent automatic sign in.
 
 > [!NOTE]
-> If you are using a Windows client device restriction CSP to set "Preferred Microsoft Entra tenant domain", this will break the "User logon type" auto-login feature of the Kiosk profile. 
+> If you are using a Windows client device restriction CSP to set "Preferred Microsoft Entra tenant domain", this will break the "User logon type" auto-login feature of the Kiosk profile.
 
 > [!TIP]
-> If you use the [kiosk wizard in Windows Configuration Designer](kiosk-single-app.md#wizard) or [XML in a provisioning package](lock-down-windows-10-to-specific-apps.md) to configure your kiosk, you can set an account to sign in automatically in the wizard or XML.  
+> If you use the [kiosk wizard in Windows Configuration Designer](kiosk-single-app.md#wizard) or [XML in a provisioning package](lock-down-windows-10-to-specific-apps.md) to configure your kiosk, you can set an account to sign in automatically in the wizard or XML.
 
 
-**How to edit the registry to have an account sign in automatically** 
+**How to edit the registry to have an account sign in automatically**
 
-1. Open Registry Editor (regedit.exe). 
+1. Open Registry Editor (regedit.exe).
 
    > [!NOTE]
    > If you are not familiar with Registry Editor, [learn how to modify the Windows registry](/troubleshoot/windows-server/performance/windows-registry-advanced-users).
-  
 
- 
 
-2. Go to 
 
-   **HKEY\_LOCAL\_MACHINE\SOFTWARE\\Microsoft\Windows NT\CurrentVersion\Winlogon** 
 
-3. Set the values for the following keys. 
+2. Go to
 
-   - *AutoAdminLogon*: set value as **1**. 
+   **HKEY\_LOCAL\_MACHINE\SOFTWARE\\Microsoft\Windows NT\CurrentVersion\Winlogon**
 
-   - *DefaultUserName*: set value as the account that you want signed in. 
+3. Set the values for the following keys.
 
-   - *DefaultPassword*: set value as the password for the account. 
+   - *AutoAdminLogon*: set value as **1**.
+
+   - *DefaultUserName*: set value as the account that you want signed in.
+
+   - *DefaultPassword*: set value as the password for the account.
 
      > [!NOTE]
-     > If *DefaultUserName* and *DefaultPassword* aren't there, add them as **New** > **String Value**. 
+     > If *DefaultUserName* and *DefaultPassword* aren't there, add them as **New** > **String Value**.
 
-   - *DefaultDomainName*: set value for domain, only for domain accounts. For local accounts, don't add this key. 
+   - *DefaultDomainName*: set value for domain, only for domain accounts. For local accounts, don't add this key.
 
-4. Close Registry Editor. The next time the computer restarts, the account will sign in automatically. 
+4. Close Registry Editor. The next time the computer restarts, the account will sign in automatically.
 
 > [!TIP]
-> You can also configure automatic sign-in [using the Autologon tool from Sysinternals](/sysinternals/downloads/autologon). 
+> You can also configure automatic sign-in [using the Autologon tool from Sysinternals](/sysinternals/downloads/autologon).
 
 > [!NOTE]
-> If you are also using [Custom Logon](/windows-hardware/customize/enterprise/custom-logon) with **HideAutoLogonUI** enabled, you might experience a black screen after a password expires. We recommend that you consider [setting the password to never expire](/windows-hardware/customize/enterprise/troubleshooting-custom-logon#the-device-displays-a-black-screen-when-a-password-expiration-screen-is-displayed). 
+> If you are also using [Custom Logon](/windows-hardware/customize/enterprise/custom-logon) with **HideAutoLogonUI** enabled, you might experience a black screen after a password expires. We recommend that you consider [setting the password to never expire](/windows-hardware/customize/enterprise/troubleshooting-custom-logon#the-device-displays-a-black-screen-when-a-password-expiration-screen-is-displayed).
 
-## Interactions and interoperability 
+## Interactions and interoperability
 
-The following table describes some features that have interoperability issues we recommend that you consider when running assigned access. 
+The following table describes some features that have interoperability issues we recommend that you consider when running assigned access.
 
-- **Accessibility**: Assigned access doesn't change Ease of Access settings. We recommend that you use [Keyboard Filter](/windows-hardware/customize/enterprise/keyboardfilter) to block the following key combinations that bring up accessibility features: 
+- **Accessibility**: Assigned access doesn't change Ease of Access settings. We recommend that you use [Keyboard Filter](/windows-hardware/customize/enterprise/keyboardfilter) to block the following key combinations that bring up accessibility features:
 
   | Key combination | Blocked behavior |
-  | --- | --- | 
-
+  | --- | --- |
   | Left Alt + Left Shift + Print Screen | Open High Contrast dialog box. |
   | Left Alt + Left Shift + Num Lock | Open Mouse Keys dialog box. |
-  | Windows logo key + U | Open Ease of Access Center. |  
+  | Windows logo key + U | Open Ease of Access Center. |
 
-- **Assigned access Windows PowerShell cmdlets**: In addition to using the Windows UI, you can use the Windows PowerShell cmdlets to set or clear assigned access. For more information, see [Assigned access Windows PowerShell reference](/powershell/module/assignedaccess/) 
+- **Assigned access Windows PowerShell cmdlets**: In addition to using the Windows UI, you can use the Windows PowerShell cmdlets to set or clear assigned access. For more information, see [Assigned access Windows PowerShell reference](/powershell/module/assignedaccess/)
 
-- **Key sequences blocked by assigned access**: When in assigned access, some key combinations are blocked for assigned access users. 
+- **Key sequences blocked by assigned access**: When in assigned access, some key combinations are blocked for assigned access users.
 
-  Alt + F4, Alt + Shift + Tab, Alt + Tab aren't blocked by Assigned Access, it's recommended you use [Keyboard Filter](/windows-hardware/customize/enterprise/keyboardfilter) to block these key combinations. 
+  Alt + F4, Alt + Shift + Tab, Alt + Tab aren't blocked by Assigned Access, it's recommended you use [Keyboard Filter](/windows-hardware/customize/enterprise/keyboardfilter) to block these key combinations.
 
-  Ctrl + Alt + Delete is the key to break out of Assigned Access. If needed, you can use Keyboard Filter to configure a different key combination to break out of assigned access by setting BreakoutKeyScanCode as described in [WEKF_Settings](/windows-hardware/customize/enterprise/wekf-settings). 
+  Ctrl + Alt + Delete is the key to break out of Assigned Access. If needed, you can use Keyboard Filter to configure a different key combination to break out of assigned access by setting BreakoutKeyScanCode as described in [WEKF_Settings](/windows-hardware/customize/enterprise/wekf-settings).
 
   | Key combination | Blocked behavior for assigned access users |
-  | --- | --- | 
-
+  | --- | --- |
   | Alt + Esc | Cycle through items in the reverse order from which they were opened. |
   | Ctrl + Alt + Esc | Cycle through items in the reverse order from which they were opened. |
   | Ctrl + Esc | Open the Start screen. |
@@ -286,40 +274,40 @@ The following table describes some features that have interoperability issues we
   | LaunchApp1 | Open the app that is assigned to this key. |
   | LaunchApp2 | Open the app that is assigned to this key. On many Microsoft keyboards, the app is Calculator. |
   | LaunchMail | Open the default mail client. |
-  | Windows logo key | Open the Start screen. | 
+  | Windows logo key | Open the Start screen. |
 
-  Keyboard Filter settings apply to other standard accounts. 
+  Keyboard Filter settings apply to other standard accounts.
 
-- **Key sequences blocked by [Keyboard Filter](/windows-hardware/customize/enterprise/keyboardfilter)**: If Keyboard Filter is turned ON, then some key combinations are blocked automatically without you having to explicitly block them. For more information, see the [Keyboard Filter](/windows-hardware/customize/enterprise/keyboardfilter). 
+- **Key sequences blocked by [Keyboard Filter](/windows-hardware/customize/enterprise/keyboardfilter)**: If Keyboard Filter is turned ON, then some key combinations are blocked automatically without you having to explicitly block them. For more information, see the [Keyboard Filter](/windows-hardware/customize/enterprise/keyboardfilter).
 
-  [Keyboard Filter](/windows-hardware/customize/enterprise/keyboardfilter) is only available on Windows client Enterprise or Education. 
+  [Keyboard Filter](/windows-hardware/customize/enterprise/keyboardfilter) is only available on Windows client Enterprise or Education.
 
-- **Power button**: Customizations for the Power button complement assigned access, letting you implement features such as removing the power button from the Welcome screen. Removing the power button ensures the user can't turn off the device when it's in assigned access. 
+- **Power button**: Customizations for the Power button complement assigned access, letting you implement features such as removing the power button from the Welcome screen. Removing the power button ensures the user can't turn off the device when it's in assigned access.
 
-  For more information on removing the power button or disabling the physical power button, see [Custom Logon](/windows-hardware/customize/enterprise/custom-logon). 
+  For more information on removing the power button or disabling the physical power button, see [Custom Logon](/windows-hardware/customize/enterprise/custom-logon).
 
-- **Unified Write Filter (UWF)**: UWFsettings apply to all users, including users with assigned access. 
+- **Unified Write Filter (UWF)**: UWFsettings apply to all users, including users with assigned access.
 
-  For more information, see [Unified Write Filter](/windows-hardware/customize/enterprise/unified-write-filter). 
+  For more information, see [Unified Write Filter](/windows-hardware/customize/enterprise/unified-write-filter).
 
-- **WEDL_AssignedAccess class**: You can use this class to configure and manage basic lockdown features for assigned access. It's recommended to you use the Windows PowerShell cmdlets instead. 
+- **WEDL_AssignedAccess class**: You can use this class to configure and manage basic lockdown features for assigned access. It's recommended to you use the Windows PowerShell cmdlets instead.
 
-  If you need to use assigned access API, see [WEDL_AssignedAccess](/windows-hardware/customize/enterprise/wedl-assignedaccess). 
+  If you need to use assigned access API, see [WEDL_AssignedAccess](/windows-hardware/customize/enterprise/wedl-assignedaccess).
 
-- **Welcome Screen**: Customizations for the Welcome screen let you personalize not only how the Welcome screen looks, but for how it functions. You can disable the power or language button, or remove all user interface elements. There are many options to make the Welcome screen your own. 
+- **Welcome Screen**: Customizations for the Welcome screen let you personalize not only how the Welcome screen looks, but for how it functions. You can disable the power or language button, or remove all user interface elements. There are many options to make the Welcome screen your own.
 
-  For more information, see [Custom Logon](/windows-hardware/customize/enterprise/custom-logon). 
+  For more information, see [Custom Logon](/windows-hardware/customize/enterprise/custom-logon).
 
-## Testing your kiosk in a virtual machine (VM) 
+## Testing your kiosk in a virtual machine (VM)
 
-Customers sometimes use virtual machines (VMs) to test configurations before deploying those configurations to physical devices. If you use a VM to test your single-app kiosk configuration, you need to know how to connect to the VM properly. 
+Customers sometimes use virtual machines (VMs) to test configurations before deploying those configurations to physical devices. If you use a VM to test your single-app kiosk configuration, you need to know how to connect to the VM properly.
 
-A single-app kiosk configuration runs an app above the lock screen. It doesn't work when it's accessed remotely, which includes *enhanced* sessions in Hyper-V.  
+A single-app kiosk configuration runs an app above the lock screen. It doesn't work when it's accessed remotely, which includes *enhanced* sessions in Hyper-V.
 
-When you connect to a VM configured as a single-app kiosk, you need a *basic* session rather than an enhanced session. In the following image, notice that **Enhanced session** isn't selected in the **View** menu; that means it's a basic session. 
+When you connect to a VM configured as a single-app kiosk, you need a *basic* session rather than an enhanced session. In the following image, notice that **Enhanced session** isn't selected in the **View** menu; that means it's a basic session.
 
-:::image type="content" source="images/vm-kiosk.png" alt-text="Use a basic session to connect a virtual machine. In the View menu, Extended session isn't selected, which means basic is used."::: 
+:::image type="content" source="images/vm-kiosk.png" alt-text="Use a basic session to connect a virtual machine. In the View menu, Extended session isn't selected, which means basic is used.":::
 
-To connect to a VM in a basic session, don't select **Connect** in the connection dialog, as shown in the following image, but instead, select the **X** button in the upper-right corner to cancel the dialog: 
+To connect to a VM in a basic session, don't select **Connect** in the connection dialog, as shown in the following image, but instead, select the **X** button in the upper-right corner to cancel the dialog:
 
 :::image type="content" source="images/vm-kiosk-connect.png" alt-text="Don't select the connect button. Use the close X in the top corner to connect to a VM in basic session.":::
diff --git a/windows/configuration/kiosk/kiosk-shelllauncher.md b/windows/configuration/kiosk/kiosk-shelllauncher.md
index f6442775cf..514fbdb84e 100644
--- a/windows/configuration/kiosk/kiosk-shelllauncher.md
+++ b/windows/configuration/kiosk/kiosk-shelllauncher.md
@@ -1,105 +1,99 @@
 ---
 title: Use Shell Launcher to create a Windows 10/11 kiosk (Windows 10/11)
 description: Shell Launcher lets you change the default shell that launches when a user signs in to a device.
-ms.reviewer: sybruckm 
 
 ms.topic: article
 ms.date: 12/31/2017
---- 
+---
 
-# Use Shell Launcher to create a Windows client kiosk 
+# Use Shell Launcher to create a Windows client kiosk
 
-
-**Applies to**
-- Windows 10 Ent, Edu
-- Windows 11 
-
-Using Shell Launcher, you can configure a device that runs an application as the user interface, replacing the default shell (explorer.exe). In **Shell Launcher v1**, available in Windows client, you can only specify a Windows desktop application as the replacement shell. In **Shell Launcher v2**, available in Windows 10 version 1809+ / Windows 11, you can also specify a UWP app as the replacement shell. To use **Shell Launcher v2** in Windows 10 version 1809, you need to install the [KB4551853](https://support.microsoft.com/help/4551853) update.  
+Using Shell Launcher, you can configure a device that runs an application as the user interface, replacing the default shell (explorer.exe). In **Shell Launcher v1**, available in Windows client, you can only specify a Windows desktop application as the replacement shell. In **Shell Launcher v2**, available in Windows 10 version 1809+ / Windows 11, you can also specify a UWP app as the replacement shell. To use **Shell Launcher v2** in Windows 10 version 1809, you need to install the [KB4551853](https://support.microsoft.com/help/4551853) update.
 
 >[!NOTE]
->Shell Launcher controls which application the user sees as the shell after sign-in. It does not prevent the user from accessing other desktop applications and system components. 
+>Shell Launcher controls which application the user sees as the shell after sign-in. It does not prevent the user from accessing other desktop applications and system components.
 
 >
 >Methods of controlling access to other desktop applications and system components can be used in addition to using the Shell Launcher. These methods include, but are not limited to:
 >- [Group Policy](https://www.microsoft.com/download/details.aspx?id=25250) - example: Prevent access to registry editing tools
 >- [AppLocker](/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview) - Application control policies
->- [Mobile Device Management](/windows/client-management/mdm) - Enterprise management of device security policies 
+>- [Mobile Device Management](/windows/client-management/mdm) - Enterprise management of device security policies
 
-You can apply a custom shell through Shell Launcher [by using PowerShell](#configure-a-custom-shell-using-powershell). Starting with Windows 10 version 1803+, you can also [use mobile device management (MDM)](#configure-a-custom-shell-in-mdm) to apply a custom shell through Shell Launcher. 
+You can apply a custom shell through Shell Launcher [by using PowerShell](#configure-a-custom-shell-using-powershell). Starting with Windows 10 version 1803+, you can also [use mobile device management (MDM)](#configure-a-custom-shell-in-mdm) to apply a custom shell through Shell Launcher.
 
 
-## Differences between Shell Launcher v1 and Shell Launcher v2 
+## Differences between Shell Launcher v1 and Shell Launcher v2
 
-Shell Launcher v1 replaces `explorer.exe`, the default shell, with `eshell.exe` which can launch a Windows desktop application. 
+Shell Launcher v1 replaces `explorer.exe`, the default shell, with `eshell.exe` which can launch a Windows desktop application.
 
-Shell Launcher v2 replaces `explorer.exe` with `customshellhost.exe`. This new executable file can launch a Windows desktop application or a UWP app. 
+Shell Launcher v2 replaces `explorer.exe` with `customshellhost.exe`. This new executable file can launch a Windows desktop application or a UWP app.
 
 In addition to allowing you to use a UWP app for your replacement shell, Shell Launcher v2 offers additional enhancements:
 - You can use a custom Windows desktop application that can then launch UWP apps, such as **Settings** and **Touch Keyboard**.
 - From a custom UWP shell, you can launch secondary views and run on multiple monitors.
-- The custom shell app runs in full screen, and can run other apps in full screen on user’s demand. 
+- The custom shell app runs in full screen, and can run other apps in full screen on user's demand.
 
-For sample XML configurations for the different app combinations, see [Samples for Shell Launcher v2](https://github.com/Microsoft/Windows-iotcore-samples/tree/develop/Samples/ShellLauncherV2). 
+For sample XML configurations for the different app combinations, see [Samples for Shell Launcher v2](https://github.com/Microsoft/Windows-iotcore-samples/tree/develop/Samples/ShellLauncherV2).
 
-## Requirements 
+## Requirements
 
 >[!WARNING]
->- Windows 10 doesn’t support setting a custom shell prior to OOBE. If you do, you won’t be able to deploy the resulting image.
+>- Windows 10 doesn't support setting a custom shell prior to OOBE. If you do, you won't be able to deploy the resulting image.
 >
->- Shell Launcher doesn't support a custom shell with an application that launches a different process and exits. For example, you cannot specify **write.exe** in Shell Launcher. Shell Launcher launches a custom shell and monitors the process to identify when the custom shell exits. **Write.exe** creates a 32-bit wordpad.exe process and exits. Because Shell Launcher is not aware of the newly created wordpad.exe process, Shell Launcher will take action based on the exit code of **Write.exe**, such as restarting the custom shell.  
+>- Shell Launcher doesn't support a custom shell with an application that launches a different process and exits. For example, you cannot specify **write.exe** in Shell Launcher. Shell Launcher launches a custom shell and monitors the process to identify when the custom shell exits. **Write.exe** creates a 32-bit wordpad.exe process and exits. Because Shell Launcher is not aware of the newly created wordpad.exe process, Shell Launcher will take action based on the exit code of **Write.exe**, such as restarting the custom shell.
 
-- A domain, Microsoft Entra ID, or local user account. 
+- A domain, Microsoft Entra ID, or local user account.
 
-- A Windows application that is installed for that account. The app can be your own company application or a common app like Internet Explorer. 
+- A Windows application that is installed for that account. The app can be your own company application or a common app like Internet Explorer.
 
-[See the technical reference for the shell launcher component.](/windows-hardware/customize/enterprise/shell-launcher) 
+[See the technical reference for the shell launcher component.](/windows-hardware/customize/enterprise/shell-launcher)
 
-## Enable Shell Launcher feature 
+## Enable Shell Launcher feature
 
-To set a custom shell, you first turn on the Shell Launcher feature, and then you can set your custom shell as the default using PowerShell or MDM. 
+To set a custom shell, you first turn on the Shell Launcher feature, and then you can set your custom shell as the default using PowerShell or MDM.
 
-**To turn on Shell Launcher in Windows features** 
+**To turn on Shell Launcher in Windows features**
 
-1. Go to Control Panel &gt; **Programs and features** &gt; **Turn Windows features on or off**. 
+1. Go to Control Panel &gt; **Programs and features** &gt; **Turn Windows features on or off**.
 
-2. Expand **Device Lockdown**. 
+2. Expand **Device Lockdown**.
 
-2. Select **Shell Launcher** and **OK**. 
+2. Select **Shell Launcher** and **OK**.
 
-Alternatively, you can turn on Shell Launcher using Windows Configuration Designer in a provisioning package, using `SMISettings > ShellLauncher`, or you can use the Deployment Image Servicing and Management (DISM.exe) tool. 
+Alternatively, you can turn on Shell Launcher using Windows Configuration Designer in a provisioning package, using `SMISettings > ShellLauncher`, or you can use the Deployment Image Servicing and Management (DISM.exe) tool.
 
-**To turn on Shell Launcher using DISM** 
+**To turn on Shell Launcher using DISM**
 
 1.  Open a command prompt as an administrator.
-2.  Enter the following command. 
+2.  Enter the following command.
 
     ```
     Dism /online /Enable-Feature /all /FeatureName:Client-EmbeddedShellLauncher
-    ``` 
+    ```
 
 
-## Configure a custom shell in MDM 
+## Configure a custom shell in MDM
 
-You can use XML and a [custom OMA-URI setting](#custom-oma-uri-setting) to configure Shell Launcher in MDM. 
+You can use XML and a [custom OMA-URI setting](#custom-oma-uri-setting) to configure Shell Launcher in MDM.
 
-### XML for Shell Launcher configuration 
+### XML for Shell Launcher configuration
 
-The following XML sample works for **Shell Launcher v1**: 
+The following XML sample works for **Shell Launcher v1**:
 
 ```xml
-<?xml version="1.0" encoding="utf-8"?> 
+<?xml version="1.0" encoding="utf-8"?>
 
-<ShellLauncherConfiguration xmlns="http://schemas.microsoft.com/ShellLauncher/2018/Configuration"> 
+<ShellLauncherConfiguration xmlns="http://schemas.microsoft.com/ShellLauncher/2018/Configuration">
 
-  <Profiles> 
+  <Profiles>
 
-    <Profile ID="{24A7309204F3F-44CC-8375-53F13FE213F7}"> 
+    <Profile ID="{24A7309204F3F-44CC-8375-53F13FE213F7}">
 
-      <Shell Shell="%ProgramFiles%\Internet Explorer\iexplore.exe -k www.bing.com" /> 
+      <Shell Shell="%ProgramFiles%\Internet Explorer\iexplore.exe -k www.bing.com" />
 
-    </Profile> 
+    </Profile>
 
-  </Profiles> 
+  </Profiles>
 
   <Configs>
     <!--local account-->
@@ -107,58 +101,58 @@ The following XML sample works for **Shell Launcher v1**:
     <Profile ID="{24A7309204F3F-44CC-8375-53F13FE213F7}"/>
   </Configs>
 </ShellLauncherConfiguration>
-```  
+```
 
-For **Shell Launcher v2**, you can use UWP app type for `Shell` by specifying the v2 namespace, and use `v2:AppType` to specify the type, as shown in the following example. If `v2:AppType` is not specified, it implies the shell is Win32 app. 
+For **Shell Launcher v2**, you can use UWP app type for `Shell` by specifying the v2 namespace, and use `v2:AppType` to specify the type, as shown in the following example. If `v2:AppType` is not specified, it implies the shell is Win32 app.
 
 ```xml
-<?xml version="1.0" encoding="utf-8"?> 
+<?xml version="1.0" encoding="utf-8"?>
 
-<ShellLauncherConfiguration xmlns="http://schemas.microsoft.com/ShellLauncher/2018/Configuration" 
+<ShellLauncherConfiguration xmlns="http://schemas.microsoft.com/ShellLauncher/2018/Configuration"
 
-xmlns:v2="http://schemas.microsoft.com/ShellLauncher/2019/Configuration"> 
+xmlns:v2="http://schemas.microsoft.com/ShellLauncher/2019/Configuration">
 
-  <Profiles> 
+  <Profiles>
 
-    <DefaultProfile> 
+    <DefaultProfile>
 
-      <Shell Shell="ShellLauncherV2DemoUwp_5d7tap497jwe8!App" v2:AppType="UWP" v2:AllAppsFullScreen="true"> 
+      <Shell Shell="ShellLauncherV2DemoUwp_5d7tap497jwe8!App" v2:AppType="UWP" v2:AllAppsFullScreen="true">
 
-        <DefaultAction Action="RestartShell"/> 
+        <DefaultAction Action="RestartShell"/>
 
-      </Shell> 
+      </Shell>
 
-    </DefaultProfile> 
+    </DefaultProfile>
 
-  </Profiles> 
+  </Profiles>
 
-  <Configs/> 
+  <Configs/>
 
 </ShellLauncherConfiguration>
-```  
+```
 
 >[!TIP]
->In the XML for Shell Launcher v2, note the **AllAppsFullScreen** attribute. When set to **True**, Shell Launcher will run every app in full screen, or maximized for desktop apps. When this attribute is set to **False** or not set, only the custom shell app runs in full screen; other apps launched by the user will run in windowed mode. 
+>In the XML for Shell Launcher v2, note the **AllAppsFullScreen** attribute. When set to **True**, Shell Launcher will run every app in full screen, or maximized for desktop apps. When this attribute is set to **False** or not set, only the custom shell app runs in full screen; other apps launched by the user will run in windowed mode.
 
-[Get XML examples for different Shell Launcher v2 configurations.](https://github.com/Microsoft/Windows-iotcore-samples/tree/develop/Samples/ShellLauncherV2) 
+[Get XML examples for different Shell Launcher v2 configurations.](https://github.com/Microsoft/Windows-iotcore-samples/tree/develop/Samples/ShellLauncherV2)
 
-### Custom OMA-URI setting 
+### Custom OMA-URI setting
 
-In your MDM service, you can create a [custom OMA-URI setting](/intune/custom-settings-windows-10) to configure Shell Launcher v1 or v2. (The [XML](#xml-for-shell-launcher-configuration) that you use for your setting will determine whether you apply Shell Launcher v1 or v2.) 
+In your MDM service, you can create a [custom OMA-URI setting](/intune/custom-settings-windows-10) to configure Shell Launcher v1 or v2. (The [XML](#xml-for-shell-launcher-configuration) that you use for your setting will determine whether you apply Shell Launcher v1 or v2.)
 
-The OMA-URI path is `./Device/Vendor/MSFT/AssignedAccess/ShellLauncher`. 
+The OMA-URI path is `./Device/Vendor/MSFT/AssignedAccess/ShellLauncher`.
 
-For the value, you can select data type `String` and paste the desired configuration file content into the value box. If you wish to upload the xml instead of pasting the content, choose data type `String (XML file)`.  
+For the value, you can select data type `String` and paste the desired configuration file content into the value box. If you wish to upload the xml instead of pasting the content, choose data type `String (XML file)`.
 
-![Screenshot of custom OMA-URI settings.](images/slv2-oma-uri.png) 
+![Screenshot of custom OMA-URI settings.](images/slv2-oma-uri.png)
 
-After you configure the profile containing the custom Shell Launcher setting, select **All Devices** or selected groups of devices to apply the profile to. Don't assign the profile to users or user groups. 
+After you configure the profile containing the custom Shell Launcher setting, select **All Devices** or selected groups of devices to apply the profile to. Don't assign the profile to users or user groups.
 
-## Configure a custom shell using PowerShell  
+## Configure a custom shell using PowerShell
 
-For scripts for Shell Launcher v2, see [Shell Launcher v2 Bridge WMI sample scripts](https://github.com/Microsoft/Windows-iotcore-samples/blob/develop/Samples/ShellLauncherV2/SampleBridgeWmiScripts/README.md). 
+For scripts for Shell Launcher v2, see [Shell Launcher v2 Bridge WMI sample scripts](https://github.com/Microsoft/Windows-iotcore-samples/blob/develop/Samples/ShellLauncherV2/SampleBridgeWmiScripts/README.md).
 
-For Shell Launcher v1, modify the following PowerShell script as appropriate. The comments in the sample script explain the purpose of each section and tell you where you will want to change the script for your purposes. Save your script with the extension .ps1, open Windows PowerShell as administrator, and run the script on the kiosk device. 
+For Shell Launcher v1, modify the following PowerShell script as appropriate. The comments in the sample script explain the purpose of each section and tell you where you will want to change the script for your purposes. Save your script with the extension .ps1, open Windows PowerShell as administrator, and run the script on the kiosk device.
 
 ```powershell
 # Check if shell launcher license is enabled
@@ -166,39 +160,39 @@ function Check-ShellLauncherLicenseEnabled
 {
     [string]$source = @"
 using System;
-using System.Runtime.InteropServices; 
+using System.Runtime.InteropServices;
 
 static class CheckShellLauncherLicense
 {
-    const int S_OK = 0; 
+    const int S_OK = 0;
 
     public static bool IsShellLauncherLicenseEnabled()
     {
-        int enabled = 0; 
+        int enabled = 0;
 
         if (NativeMethods.SLGetWindowsInformationDWORD("EmbeddedFeature-ShellLauncher-Enabled", out enabled) != S_OK) {
             enabled = 0;
         }
-        
+
 
         return (enabled != 0);
-    } 
+    }
 
     static class NativeMethods
     {
         [DllImport("Slc.dll")]
         internal static extern int SLGetWindowsInformationDWORD([MarshalAs(UnmanagedType.LPWStr)]string valueName, out int value);
-    } 
+    }
 
 }
-"@ 
+"@
 
-    $type = Add-Type -TypeDefinition $source -PassThru 
+    $type = Add-Type -TypeDefinition $source -PassThru
 
     return $type[0]::IsShellLauncherLicenseEnabled()
-} 
+}
 
-[bool]$result = $false 
+[bool]$result = $false
 
 $result = Check-ShellLauncherLicenseEnabled
 "`nShell Launcher license enabled is set to " + $result
@@ -206,107 +200,107 @@ if (-not($result))
 {
     "`nThis device doesn't have required license to use Shell Launcher"
     exit
-} 
+}
 
 $COMPUTER = "localhost"
-$NAMESPACE = "root\standardcimv2\embedded" 
+$NAMESPACE = "root\standardcimv2\embedded"
 
 # Create a handle to the class instance so we can call the static methods.
 try {
     $ShellLauncherClass = [wmiclass]"\\$COMPUTER\${NAMESPACE}:WESL_UserSetting"
     } catch [Exception] {
-    write-host $_.Exception.Message; 
+    write-host $_.Exception.Message;
 
     write-host "Make sure Shell Launcher feature is enabled"
     exit
-    } 
+    }
 
 
-# This well-known security identifier (SID) corresponds to the BUILTIN\Administrators group. 
+# This well-known security identifier (SID) corresponds to the BUILTIN\Administrators group.
 
-$Admins_SID = "S-1-5-32-544" 
+$Admins_SID = "S-1-5-32-544"
 
-# Create a function to retrieve the SID for a user account on a machine. 
+# Create a function to retrieve the SID for a user account on a machine.
 
-function Get-UsernameSID($AccountName) { 
+function Get-UsernameSID($AccountName) {
 
     $NTUserObject = New-Object System.Security.Principal.NTAccount($AccountName)
-    $NTUserSID = $NTUserObject.Translate([System.Security.Principal.SecurityIdentifier]) 
+    $NTUserSID = $NTUserObject.Translate([System.Security.Principal.SecurityIdentifier])
 
     return $NTUserSID.Value
-    
 
-} 
 
-# Get the SID for a user account named "Cashier". Rename "Cashier" to an existing account on your system to test this script. 
+}
 
-$Cashier_SID = Get-UsernameSID("Cashier") 
+# Get the SID for a user account named "Cashier". Rename "Cashier" to an existing account on your system to test this script.
 
-# Define actions to take when the shell program exits. 
+$Cashier_SID = Get-UsernameSID("Cashier")
+
+# Define actions to take when the shell program exits.
 
 $restart_shell = 0
 $restart_device = 1
-$shutdown_device = 2 
+$shutdown_device = 2
 
-# Examples. You can change these examples to use the program that you want to use as the shell. 
+# Examples. You can change these examples to use the program that you want to use as the shell.
 
-# This example sets the command prompt as the default shell, and restarts the device if the command prompt is closed.  
+# This example sets the command prompt as the default shell, and restarts the device if the command prompt is closed.
 
-$ShellLauncherClass.SetDefaultShell("cmd.exe", $restart_device) 
+$ShellLauncherClass.SetDefaultShell("cmd.exe", $restart_device)
 
-# Display the default shell to verify that it was added correctly. 
+# Display the default shell to verify that it was added correctly.
 
-$DefaultShellObject = $ShellLauncherClass.GetDefaultShell() 
+$DefaultShellObject = $ShellLauncherClass.GetDefaultShell()
 
-"`nDefault Shell is set to " + $DefaultShellObject.Shell + " and the default action is set to " + $DefaultShellObject.defaultaction 
+"`nDefault Shell is set to " + $DefaultShellObject.Shell + " and the default action is set to " + $DefaultShellObject.defaultaction
 
-# Set Internet Explorer as the shell for "Cashier", and restart the machine if Internet Explorer is closed. 
+# Set Internet Explorer as the shell for "Cashier", and restart the machine if Internet Explorer is closed.
 
-$ShellLauncherClass.SetCustomShell($Cashier_SID, "c:\program files\internet explorer\iexplore.exe www.microsoft.com", ($null), ($null), $restart_shell) 
+$ShellLauncherClass.SetCustomShell($Cashier_SID, "c:\program files\internet explorer\iexplore.exe www.microsoft.com", ($null), ($null), $restart_shell)
 
-# Set Explorer as the shell for administrators. 
+# Set Explorer as the shell for administrators.
 
-$ShellLauncherClass.SetCustomShell($Admins_SID, "explorer.exe") 
+$ShellLauncherClass.SetCustomShell($Admins_SID, "explorer.exe")
 
-# View all the custom shells defined. 
+# View all the custom shells defined.
 
 "`nCurrent settings for custom shells:"
-Get-WmiObject -namespace $NAMESPACE -computer $COMPUTER -class WESL_UserSetting | Select Sid, Shell, DefaultAction 
+Get-WmiObject -namespace $NAMESPACE -computer $COMPUTER -class WESL_UserSetting | Select Sid, Shell, DefaultAction
 
-# Enable Shell Launcher 
+# Enable Shell Launcher
 
-$ShellLauncherClass.SetEnabled($TRUE) 
+$ShellLauncherClass.SetEnabled($TRUE)
 
-$IsShellLauncherEnabled = $ShellLauncherClass.IsEnabled() 
-
-"`nEnabled is set to " + $IsShellLauncherEnabled.Enabled 
-
-# Remove the new custom shells. 
-
-$ShellLauncherClass.RemoveCustomShell($Admins_SID) 
-
-$ShellLauncherClass.RemoveCustomShell($Cashier_SID) 
-
-# Disable Shell Launcher 
-
-$ShellLauncherClass.SetEnabled($FALSE) 
-
-$IsShellLauncherEnabled = $ShellLauncherClass.IsEnabled() 
+$IsShellLauncherEnabled = $ShellLauncherClass.IsEnabled()
 
 "`nEnabled is set to " + $IsShellLauncherEnabled.Enabled
-``` 
+
+# Remove the new custom shells.
+
+$ShellLauncherClass.RemoveCustomShell($Admins_SID)
+
+$ShellLauncherClass.RemoveCustomShell($Cashier_SID)
+
+# Disable Shell Launcher
+
+$ShellLauncherClass.SetEnabled($FALSE)
+
+$IsShellLauncherEnabled = $ShellLauncherClass.IsEnabled()
+
+"`nEnabled is set to " + $IsShellLauncherEnabled.Enabled
+```
 
 ## default action, custom action, exit code
-Shell launcher defines 4 actions to handle app exits, you can customize shell launcher and use these actions based on different exit code. 
+Shell launcher defines 4 actions to handle app exits, you can customize shell launcher and use these actions based on different exit code.
 
 Value|Description
 --- | ---
 0|Restart the shell
 1|Restart the device
 2|Shut down the device
-3|Do nothing 
+3|Do nothing
 
-These action can be used as default action, or can be mapped to a specific exit code. Refer to [Shell Launcher](/windows-hardware/customize/enterprise/wesl-usersettingsetcustomshell) to see how these codes with Shell Launcher WMI. 
+These action can be used as default action, or can be mapped to a specific exit code. Refer to [Shell Launcher](/windows-hardware/customize/enterprise/wesl-usersettingsetcustomshell) to see how these codes with Shell Launcher WMI.
 
 To configure these action with Shell Launcher CSP, use below syntax in the shell launcher configuration xml. You can specify at most 4 custom actions mapping to 4 exit codes, and one default action for all other exit codes. When app exits and if the exit code is not found in the custom action mapping, or there is no default action defined, it will be no-op, i.e. nothing happens. So it's recommended to at least define DefaultAction. [Get XML examples for different Shell Launcher v2 configurations.](https://github.com/Microsoft/Windows-iotcore-samples/tree/develop/Samples/ShellLauncherV2)
 ``` xml
@@ -316,6 +310,6 @@ To configure these action with Shell Launcher CSP, use below syntax in the shell
     <ReturnCodeAction ReturnCode="255" Action="ShutdownDevice"/>
     <ReturnCodeAction ReturnCode="1" Action="DoNothing"/>
 </ReturnCodeActions>
-<DefaultAction Action="RestartDevice"/> 
+<DefaultAction Action="RestartDevice"/>
 
 ```
diff --git a/windows/configuration/kiosk/kiosk-single-app.md b/windows/configuration/kiosk/kiosk-single-app.md
index a82e251191..81433e97b8 100644
--- a/windows/configuration/kiosk/kiosk-single-app.md
+++ b/windows/configuration/kiosk/kiosk-single-app.md
@@ -1,7 +1,6 @@
 ---
 title: Set up a single-app kiosk on Windows
 description: A single-use device is easy to set up in Windows Pro, Enterprise, and Education editions.
-ms.reviewer: sybruckm
 ms.topic: article
 ms.collection:
  - tier1
@@ -9,13 +8,7 @@ ms.date: 07/12/2023
 ---
 <!--8107263--> 
 
-# Set up a single-app kiosk on Windows 10/11 
-
-
-**Applies to** 
-
-- Windows 10 Pro, Enterprise, and Education
-- Windows 11 
+# Set up a single-app kiosk
 
 A single-app kiosk uses the Assigned Access feature to run a single app above the lock screen. When the kiosk account signs in, the app is launched automatically. The person using the kiosk cannot do anything on the device outside of the kiosk app. 
 
diff --git a/windows/configuration/kiosk/kiosk-validate.md b/windows/configuration/kiosk/kiosk-validate.md
index 8cafe39b58..dd86c18874 100644
--- a/windows/configuration/kiosk/kiosk-validate.md
+++ b/windows/configuration/kiosk/kiosk-validate.md
@@ -1,93 +1,85 @@
 ---
 title: Validate kiosk configuration (Windows 10/11)
 description: In this article, learn what to expect on a multi-app kiosk in Windows 10/11 Pro, Enterprise, and Education.
-ms.reviewer: sybruckm 
 
 ms.topic: article
 ms.date: 12/31/2017
---- 
+---
 
-# Validate kiosk configuration 
+# Validate kiosk configuration
 
+To identify the provisioning packages applied to a device, go to **Settings** > **Accounts** > **Access work or school**, and then click **Add or remove a provisioning package**. You should see a list of packages that were applied to the device.
 
-**Applies to** 
+Optionally, run Event Viewer (eventvwr.exe) and look through logs under **Applications and Services Logs** > **Microsoft** > **Windows** > **Provisioning-Diagnostics-Provider** > **Admin**.
 
-- Windows 10 Pro, Enterprise, and Education
-- Windows 11 
-
-To identify the provisioning packages applied to a device, go to **Settings** > **Accounts** > **Access work or school**, and then click **Add or remove a provisioning package**. You should see a list of packages that were applied to the device. 
-
-Optionally, run Event Viewer (eventvwr.exe) and look through logs under **Applications and Services Logs** > **Microsoft** > **Windows** > **Provisioning-Diagnostics-Provider** > **Admin**. 
-
-To test the kiosk, sign in with the assigned access user account you specified in the configuration to check out the multi-app experience.  
+To test the kiosk, sign in with the assigned access user account you specified in the configuration to check out the multi-app experience.
 
 >[!NOTE]
->The kiosk configuration setting will take effect the next time the assigned access user signs in. If that user account is signed in when you apply the configuration, make sure the user signs out and signs back in to validate the experience.  
+>The kiosk configuration setting will take effect the next time the assigned access user signs in. If that user account is signed in when you apply the configuration, make sure the user signs out and signs back in to validate the experience.
 
-The following sections explain what to expect on a multi-app kiosk. 
+The following sections explain what to expect on a multi-app kiosk.
 
-### App launching and switching experience 
+### App launching and switching experience
 
-In the multi-app mode, to maximize the user productivity and streamline the experience, an app will be always launched in full screen when the users click the tile on the Start. The users can minimize and close the app, but cannot resize the app window.   
+In the multi-app mode, to maximize the user productivity and streamline the experience, an app will be always launched in full screen when the users click the tile on the Start. The users can minimize and close the app, but cannot resize the app window.
 
-The users can switch apps just as they do today in Windows. They can use the Task View button, Alt + Tab hotkey, and the swipe in from the left gesture to view all the open apps in task view. They can click the Windows button to show Start, from which they can open apps, and they can switch to an opened app by clicking it on the taskbar.  
+The users can switch apps just as they do today in Windows. They can use the Task View button, Alt + Tab hotkey, and the swipe in from the left gesture to view all the open apps in task view. They can click the Windows button to show Start, from which they can open apps, and they can switch to an opened app by clicking it on the taskbar.
 
-### Start changes 
+### Start changes
 
 When the assigned access user signs in, you should see a restricted Start experience:
-- Start gets launched in full screen and prevents the end user from accessing the desktop. 
+- Start gets launched in full screen and prevents the end user from accessing the desktop.
 
-- Start shows the layout aligned with what you defined in the multi-app configuration XML. 
+- Start shows the layout aligned with what you defined in the multi-app configuration XML.
 
 - Start prevents the end user from changing the tile layout.
   - The user cannot resize, reposition, and unpin the tiles.
   - The user cannot pin additional tiles on the start.
 - Start hides **All Apps** list.
-- Start hides all the folders on Start (including File Explorer, Settings, Documents, Downloads, Music, Pictures, Videos, HomeGroup, Network, and Personal folders). 
+- Start hides all the folders on Start (including File Explorer, Settings, Documents, Downloads, Music, Pictures, Videos, HomeGroup, Network, and Personal folders).
+- Only **User** and **Power** buttons are available. (You can control whether to show the **User/Power** buttons using [existing policies](/windows/client-management/mdm/policy-csp-start).)
+- Start hides **Change account settings** option under **User** button.
 
-- Only **User** and **Power** buttons are available. (You can control whether to show the **User/Power** buttons using [existing policies](/windows/client-management/mdm/policy-csp-start).) 
-
-- Start hides **Change account settings** option under **User** button. 
-
-### Taskbar changes 
+### Taskbar changes
 
 If the applied multi-app configuration enables taskbar, when the assigned access user signs in, you should see a restricted Taskbar experience:
+
 - Disables context menu of Start button (Quick Link)
 - Disables context menu of taskbar
 - Prevents the end user from changing the taskbar
 - Disables Cortana and Search Windows
 - Hides notification icons and system icons, e.g. Action Center, People, Windows Ink Workspace
-- Allows the end user to view the status of the network connection and power state, but disables the flyout of **Network/Power** to prevent end user from changing the settings 
+- Allows the end user to view the status of the network connection and power state, but disables the flyout of **Network/Power** to prevent end user from changing the settings
 
-### Blocked hotkeys 
+### Blocked hotkeys
 
-The multi-app mode blocks the following hotkeys, which are not relevant for the lockdown experience.  
+The multi-app mode blocks the following hotkeys, which are not relevant for the lockdown experience.
 
 | Hotkey | Action |
 | --- | --- |
-| Windows logo key  + A	 | Open Action center |
-| Windows logo key  + Shift + C |	Open Cortana in listening mode |
-| Windows logo key  + D	| Display and hide the desktop |
-| Windows logo key  + Alt + D	| Display and hide the date and time on the desktop |
-| Windows logo key  + E	| Open File Explorer |
-| Windows logo key  + F |	Open Feedback Hub |
-| Windows logo key  + G	| Open Game bar when a game is open |
-| Windows logo key  + I	| Open Settings |
-| Windows logo key  + J |	Set focus to a Windows tip when one is available. |
-| Windows logo key  + O	| Lock device orientation |
-| Windows logo key  + Q	 | Open search |
-| Windows logo key  + R	| Open the Run dialog box |
-| Windows logo key  + S	| Open search |
-| Windows logo key  + X	| Open the Quick Link menu |
-| Windows logo key  + comma (,) |	Temporarily peek at the desktop |
-| Windows logo key  + Ctrl + F |	Search for PCs (if you're on a network) | 
+| Windows logo key  + A     | Open Action center |
+| Windows logo key  + Shift + C |    Open Cortana in listening mode |
+| Windows logo key  + D    | Display and hide the desktop |
+| Windows logo key  + Alt + D    | Display and hide the date and time on the desktop |
+| Windows logo key  + E    | Open File Explorer |
+| Windows logo key  + F |    Open Feedback Hub |
+| Windows logo key  + G    | Open Game bar when a game is open |
+| Windows logo key  + I    | Open Settings |
+| Windows logo key  + J |    Set focus to a Windows tip when one is available. |
+| Windows logo key  + O    | Lock device orientation |
+| Windows logo key  + Q     | Open search |
+| Windows logo key  + R    | Open the Run dialog box |
+| Windows logo key  + S    | Open search |
+| Windows logo key  + X    | Open the Quick Link menu |
+| Windows logo key  + comma (,) |    Temporarily peek at the desktop |
+| Windows logo key  + Ctrl + F |    Search for PCs (if you're on a network) |
 
- 
 
-### Locked-down Ctrl+Alt+Del screen 
 
-The multi-app mode removes options (e.g. **Change a password**, **Task Manager**, **Network**) in the Ctrl+Alt+Del screen to ensure the users cannot access the functionalities that are not allowed in the lockdown experience.  
+### Locked-down Ctrl+Alt+Del screen
 
-### Auto-trigger touch keyboard 
+The multi-app mode removes options (e.g. **Change a password**, **Task Manager**, **Network**) in the Ctrl+Alt+Del screen to ensure the users cannot access the functionalities that are not allowed in the lockdown experience.
 
-In the multi-app mode, the touch keyboard will be automatically triggered when there is an input needed and no physical keyboard is attached on touch-enabled devices. You don’t need to configure any other setting to enforce this behavior.
+### Auto-trigger touch keyboard
+
+In the multi-app mode, the touch keyboard will be automatically triggered when there is an input needed and no physical keyboard is attached on touch-enabled devices. You don't need to configure any other setting to enforce this behavior.
diff --git a/windows/configuration/kiosk/kiosk-xml.md b/windows/configuration/kiosk/kiosk-xml.md
index 9d0a9191b3..e709d1b3e0 100644
--- a/windows/configuration/kiosk/kiosk-xml.md
+++ b/windows/configuration/kiosk/kiosk-xml.md
@@ -1,28 +1,21 @@
 ---
 title: Assigned Access configuration kiosk XML reference (Windows 10/11)
 description: Learn about the assigned access configuration (kiosk) for XML and XSD for kiosk device configuration in Windows 10/11.
-ms.reviewer: sybruckm 
 
 ms.topic: article
 ms.date: 12/31/2017
---- 
+---
 
-# Assigned Access configuration (kiosk) XML reference 
+# Assigned Access configuration (kiosk) XML reference
 
-
-**Applies to** 
-
-- Windows 10
-- Windows 11 
-
-## Full XML sample 
+## Full XML sample
 
 >[!NOTE]
->Updated for Windows 10, version 1903, 1909, and 2004. 
+>Updated for Windows 10, version 1903, 1909, and 2004.
 
 ```xml
 <?xml version="1.0" encoding="utf-8" ?>
-<AssignedAccessConfiguration 
+<AssignedAccessConfiguration
 
     xmlns="http://schemas.microsoft.com/AssignedAccess/2017/config"
     xmlns:rs5="http://schemas.microsoft.com/AssignedAccess/201810/config"
@@ -56,7 +49,7 @@ ms.date: 12/31/2017
                               <start:Tile Size="4x2" Column="0" Row="4" AppUserModelID="Microsoft.WindowsStore_8wekyb3d8bbwe!App" />
                               <!-- A link file is required for desktop applications to show on start layout, the link file can be placed under
                                    "%AllUsersProfile%\Microsoft\Windows\Start Menu\Programs" if the link file is shared for all users or
-                                   "%AppData%\Microsoft\Windows\Start Menu\Programs" if the link file is for the specific user only 
+                                   "%AppData%\Microsoft\Windows\Start Menu\Programs" if the link file is for the specific user only
 
                                    see document https://learn.microsoft.com/windows/configuration/start-layout-xml-desktop
                               -->
@@ -137,7 +130,7 @@ ms.date: 12/31/2017
     </Configs>
 </AssignedAccessConfiguration>
 ```
-## Kiosk only sample XML 
+## Kiosk only sample XML
 
 ```xml
 <?xml version="1.0" encoding="utf-8" ?>
@@ -157,11 +150,11 @@ ms.date: 12/31/2017
         </Config>
     </Configs>
 </AssignedAccessConfiguration>
-``` 
+```
 
-## Auto Launch Sample XML 
+## Auto Launch Sample XML
 
-This sample demonstrates that both UWP and Win32 apps can be configured to automatically launch, when assigned access account logs in. One profile can have at most one app configured for auto launch. AutoLaunchArguments are passed to the apps as is and the app needs to handle the arguments explicitly. 
+This sample demonstrates that both UWP and Win32 apps can be configured to automatically launch, when assigned access account logs in. One profile can have at most one app configured for auto launch. AutoLaunchArguments are passed to the apps as is and the app needs to handle the arguments explicitly.
 
 ```xml
 <?xml version="1.0" encoding="utf-8" ?>
@@ -190,7 +183,7 @@ This sample demonstrates that both UWP and Win32 apps can be configured to autom
                               <start:Tile Size="4x2" Column="0" Row="4" AppUserModelID="Microsoft.WindowsStore_8wekyb3d8bbwe!App" />
                               <!-- A link file is required for desktop applications to show on start layout, the link file can be placed under
                                    "%AllUsersProfile%\Microsoft\Windows\Start Menu\Programs" if the link file is shared for all users or
-                                   "%AppData%\Microsoft\Windows\Start Menu\Programs" if the link file is for the specific user only 
+                                   "%AppData%\Microsoft\Windows\Start Menu\Programs" if the link file is for the specific user only
 
                                    see document https://learn.microsoft.com/windows/configuration/start-layout-xml-desktop
                               -->
@@ -245,9 +238,9 @@ This sample demonstrates that both UWP and Win32 apps can be configured to autom
             <DefaultProfile Id="{5B328104-BD89-4863-AB27-4ED6EE355485}"/>
         </Config>
     </Configs>
-</AssignedAccessConfiguration> 
+</AssignedAccessConfiguration>
 
-``` 
+```
 
 ## Microsoft Edge Kiosk XML Sample
 ```xml
@@ -257,7 +250,7 @@ This sample demonstrates that both UWP and Win32 apps can be configured to autom
   xmlns:v4="http://schemas.microsoft.com/AssignedAccess/2021/config"
   >
   <Profiles>
-    <Profile Id="{AFF9DA33-AE89-4039-B646-3A5706E92957}">      
+    <Profile Id="{AFF9DA33-AE89-4039-B646-3A5706E92957}">
 
         <KioskModeApp v4:ClassicAppPath="%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe" v4:ClassicAppArguments="--no-first-run --kiosk-idle-timeout-minutes=5 --kiosk www.bing.com" />
         <v4:BreakoutSequence Key="Ctrl+A"/>
@@ -270,18 +263,18 @@ This sample demonstrates that both UWP and Win32 apps can be configured to autom
     </Config>
   </Configs>
 </AssignedAccessConfiguration>
-``` 
+```
 
-## Global Profile Sample XML 
+## Global Profile Sample XML
 
-Global Profile is supported on: 
+Global Profile is supported on:
 
 - Windows 11
-- Windows 10, version 2004 and later 
+- Windows 10, version 2004 and later
 
-Global Profile is designed for scenarios where a user doesn't have a designated profile, yet you still want the user to run in lockdown mode. It's also used as mitigation when a profile can't be determined for a user. 
+Global Profile is designed for scenarios where a user doesn't have a designated profile, yet you still want the user to run in lockdown mode. It's also used as mitigation when a profile can't be determined for a user.
 
-This sample demonstrates that only a global profile is used, with no active user configured. Global Profile will be applied when every non-admin account signs in. 
+This sample demonstrates that only a global profile is used, with no active user configured. Global Profile will be applied when every non-admin account signs in.
 
 ```xml
 <?xml version="1.0" encoding="utf-8" ?>
@@ -311,7 +304,7 @@ This sample demonstrates that only a global profile is used, with no active user
                               <start:Tile Size="4x2" Column="0" Row="4" AppUserModelID="Microsoft.WindowsStore_8wekyb3d8bbwe!App" />
                               <!-- A link file is required for desktop applications to show on start layout, the link file can be placed under
                                    "%AllUsersProfile%\Microsoft\Windows\Start Menu\Programs" if the link file is shared for all users or
-                                   "%AppData%\Microsoft\Windows\Start Menu\Programs" if the link file is for the specific user only 
+                                   "%AppData%\Microsoft\Windows\Start Menu\Programs" if the link file is for the specific user only
 
                                    see document https://learn.microsoft.com/windows/configuration/start-layout-xml-desktop
                               -->
@@ -333,7 +326,7 @@ This sample demonstrates that only a global profile is used, with no active user
         <v3:GlobalProfile Id="{9A2A490F-10F6-4764-974A-43B19E722C23}"/>
     </Configs>
 </AssignedAccessConfiguration>
-``` 
+```
 
 Below sample shows dedicated profile and global profile mixed usage, a user would use one profile, everyone else that's non-admin will use another profile.
 ```xml
@@ -364,7 +357,7 @@ Below sample shows dedicated profile and global profile mixed usage, a user woul
                               <start:Tile Size="4x2" Column="0" Row="4" AppUserModelID="Microsoft.WindowsStore_8wekyb3d8bbwe!App" />
                               <!-- A link file is required for desktop applications to show on start layout, the link file can be placed under
                                    "%AllUsersProfile%\Microsoft\Windows\Start Menu\Programs" if the link file is shared for all users or
-                                   "%AppData%\Microsoft\Windows\Start Menu\Programs" if the link file is for the specific user only 
+                                   "%AppData%\Microsoft\Windows\Start Menu\Programs" if the link file is for the specific user only
 
                                    see document https://learn.microsoft.com/windows/configuration/start-layout-xml-desktop
                               -->
@@ -416,14 +409,14 @@ Below sample shows dedicated profile and global profile mixed usage, a user woul
             <DefaultProfile Id="{5B328104-BD89-4863-AB27-4ED6EE355485}"/>
         </Config>
     </Configs>
-</AssignedAccessConfiguration> 
+</AssignedAccessConfiguration>
 
-``` 
+```
 
 ## Folder Access sample xml
-Starting with Windows 10 version 1809 +, folder access is locked down so that when common file dialog is opened, IT Admin can specify if the user has access to the Downloads folder, or no access to any folder at all. This restriction has been redesigned for finer granularity and easier use, and is available in Windows 10 version 2009+. 
+Starting with Windows 10 version 1809 +, folder access is locked down so that when common file dialog is opened, IT Admin can specify if the user has access to the Downloads folder, or no access to any folder at all. This restriction has been redesigned for finer granularity and easier use, and is available in Windows 10 version 2009+.
 
-IT Admin now can specify user access to Downloads folder, Removable drives, or no restrictions at all. Downloads and Removable Drives can be allowed at the same time. 
+IT Admin now can specify user access to Downloads folder, Removable drives, or no restrictions at all. Downloads and Removable Drives can be allowed at the same time.
 
 ```xml
 <?xml version="1.0" encoding="utf-8" ?>
@@ -655,17 +648,17 @@ IT Admin now can specify user access to Downloads folder, Removable drives, or n
             <DefaultProfile Id="{9A2A490F-10F6-4764-974A-43B19E722C28}"/>
         </Config>
     </Configs>
-</AssignedAccessConfiguration> 
+</AssignedAccessConfiguration>
 
 
-``` 
+```
 
-## XSD for AssignedAccess configuration XML 
+## XSD for AssignedAccess configuration XML
 
 > [!NOTE]
-> Updated for Windows 10, version 1903 and later. 
+> Updated for Windows 10, version 1903 and later.
 
-The following XML schema is for AssignedAccess Configuration up to Windows 10, version 1803 release: 
+The following XML schema is for AssignedAccess Configuration up to Windows 10, version 1803 release:
 
 ```xml
 <xs:schema
@@ -677,27 +670,27 @@ The following XML schema is for AssignedAccess Configuration up to Windows 10, v
     xmlns:v3="http://schemas.microsoft.com/AssignedAccess/2020/config"
     xmlns:v4="http://schemas.microsoft.com/AssignedAccess/2021/config"
     targetNamespace="http://schemas.microsoft.com/AssignedAccess/2017/config"
-    > 
+    >
 
     <xs:import namespace="http://schemas.microsoft.com/AssignedAccess/201810/config"/>
     <xs:import namespace="http://schemas.microsoft.com/AssignedAccess/2020/config"/>
-    <xs:import namespace="http://schemas.microsoft.com/AssignedAccess/2021/config"/> 
+    <xs:import namespace="http://schemas.microsoft.com/AssignedAccess/2021/config"/>
 
     <xs:complexType name="profile_list_t">
         <xs:sequence minOccurs="1" >
             <xs:element name="Profile" type="profile_t" minOccurs="1" maxOccurs="unbounded"/>
         </xs:sequence>
-    </xs:complexType> 
+    </xs:complexType>
 
     <xs:complexType name="kioskmodeapp_t">
         <xs:attribute name="AppUserModelId" type="xs:string"/>
         <xs:attributeGroup ref="ClassicApp_attributeGroup"/>
-    </xs:complexType> 
+    </xs:complexType>
 
     <xs:attributeGroup name="ClassicApp_attributeGroup">
         <xs:attribute ref="v4:ClassicAppPath"/>
         <xs:attribute ref="v4:ClassicAppArguments" use="optional"/>
-    </xs:attributeGroup> 
+    </xs:attributeGroup>
 
     <xs:complexType name="profile_t">
         <xs:choice>
@@ -723,7 +716,7 @@ The following XML schema is for AssignedAccess Configuration up to Windows 10, v
         </xs:choice>
         <xs:attribute name="Id" type="guid_t" use="required"/>
         <xs:attribute name="Name" type="xs:string" use="optional"/>
-    </xs:complexType> 
+    </xs:complexType>
 
     <xs:complexType name="allappslist_t">
         <xs:sequence minOccurs="1" >
@@ -738,7 +731,7 @@ The following XML schema is for AssignedAccess Configuration up to Windows 10, v
                 </xs:unique>
             </xs:element>
         </xs:sequence>
-    </xs:complexType> 
+    </xs:complexType>
 
     <xs:complexType name="allowedapps_t">
         <xs:sequence minOccurs="1" maxOccurs="1">
@@ -749,40 +742,40 @@ The following XML schema is for AssignedAccess Configuration up to Windows 10, v
                 </xs:key>
             </xs:element>
         </xs:sequence>
-    </xs:complexType> 
+    </xs:complexType>
 
     <xs:complexType name="app_t">
         <xs:attribute name="AppUserModelId" type="xs:string"/>
         <xs:attribute name="DesktopAppPath" type="xs:string"/>
         <xs:attributeGroup ref="autoLaunch_attributeGroup"/>
     </xs:complexType>
-    
+
 
     <xs:attributeGroup name="autoLaunch_attributeGroup">
         <xs:attribute ref="rs5:AutoLaunch"/>
         <xs:attribute ref="rs5:AutoLaunchArguments" use="optional"/>
-    </xs:attributeGroup> 
+    </xs:attributeGroup>
 
     <xs:complexType name="taskbar_t">
         <xs:attribute name="ShowTaskbar" type="xs:boolean" use="required"/>
-    </xs:complexType> 
+    </xs:complexType>
 
     <xs:complexType name="profileId_t">
         <xs:attribute name="Id" type="guid_t" use="required"/>
-    </xs:complexType> 
+    </xs:complexType>
 
     <xs:simpleType name="guid_t">
         <xs:restriction base="xs:string">
             <xs:pattern value="\{[0-9a-fA-F]{8}\-([0-9a-fA-F]{4}\-){3}[0-9a-fA-F]{12}\}"/>
         </xs:restriction>
-    </xs:simpleType> 
+    </xs:simpleType>
 
     <xs:complexType name="config_list_t">
         <xs:sequence minOccurs="1" >
             <xs:element ref="v3:GlobalProfile" minOccurs="0" maxOccurs="1"/>
             <xs:element name="Config" type="config_t" minOccurs="0" maxOccurs="unbounded"/>
         </xs:sequence>
-    </xs:complexType> 
+    </xs:complexType>
 
     <xs:complexType name="config_t">
         <xs:sequence minOccurs="1" maxOccurs="1">
@@ -794,21 +787,21 @@ The following XML schema is for AssignedAccess Configuration up to Windows 10, v
             </xs:choice>
             <xs:element name="DefaultProfile" type="profileId_t" minOccurs="1" maxOccurs="1"/>
         </xs:sequence>
-    </xs:complexType> 
+    </xs:complexType>
 
     <xs:complexType name="autologon_account_t">
         <xs:attribute name="HiddenId" type="guid_t" fixed="{74331115-F68A-4DF9-8D2C-52BA2CE2ADB1}"/>
         <xs:attribute ref="rs5:DisplayName" use="optional" />
-    </xs:complexType> 
+    </xs:complexType>
 
     <xs:complexType name="group_t">
         <xs:attribute name="Name" type="xs:string" use="required"/>
         <xs:attribute name="Type" type="groupType_t" use="required"/>
-    </xs:complexType> 
+    </xs:complexType>
 
     <xs:complexType name="specialGroup_t">
         <xs:attribute name="Name" type="specialGroupType_t" use="required"/>
-    </xs:complexType> 
+    </xs:complexType>
 
     <xs:simpleType name="groupType_t">
         <xs:restriction base="xs:string">
@@ -816,30 +809,30 @@ The following XML schema is for AssignedAccess Configuration up to Windows 10, v
             <xs:enumeration value="ActiveDirectoryGroup"/>
             <xs:enumeration value="AzureActiveDirectoryGroup"/>
         </xs:restriction>
-    </xs:simpleType> 
+    </xs:simpleType>
 
     <xs:simpleType name="specialGroupType_t">
         <xs:restriction base="xs:string">
             <xs:enumeration value="Visitor"/>
             <xs:enumeration value="DeviceOwner"/>
         </xs:restriction>
-    </xs:simpleType> 
+    </xs:simpleType>
 
     <xs:complexType name="fileExplorerNamespaceRestrictions_t">
         <xs:sequence minOccurs="1">
             <xs:element name="AllowedNamespace" type="allowedFileExplorerNamespace_t"/>
         </xs:sequence>
-    </xs:complexType> 
+    </xs:complexType>
 
     <xs:complexType name="allowedFileExplorerNamespace_t">
         <xs:attribute name="Name" type="allowedFileExplorerNamespaceValues_t"/>
-    </xs:complexType> 
+    </xs:complexType>
 
     <xs:simpleType name="allowedFileExplorerNamespaceValues_t">
         <xs:restriction base="xs:string">
             <xs:enumeration value="Downloads"/>
         </xs:restriction>
-    </xs:simpleType> 
+    </xs:simpleType>
 
     <!--below is the definition of the config xml content-->
     <xs:element name="AssignedAccessConfiguration">
@@ -861,9 +854,9 @@ The following XML schema is for AssignedAccess Configuration up to Windows 10, v
         </xs:complexType>
     </xs:element>
 </xs:schema>
-``` 
+```
 
-The following XML is the schema for new features introduced in Windows 10 1809 release: 
+The following XML is the schema for new features introduced in Windows 10 1809 release:
 
 ```xml
 <?xml version="1.0" encoding="utf-8"?>
@@ -874,9 +867,9 @@ The following XML is the schema for new features introduced in Windows 10 1809 r
     xmlns:default="http://schemas.microsoft.com/AssignedAccess/201810/config"
     xmlns:v3="http://schemas.microsoft.com/AssignedAccess/2020/config"
     targetNamespace="http://schemas.microsoft.com/AssignedAccess/201810/config"
-    > 
+    >
 
-    <xs:import namespace="http://schemas.microsoft.com/AssignedAccess/2020/config"/> 
+    <xs:import namespace="http://schemas.microsoft.com/AssignedAccess/2020/config"/>
 
     <xs:complexType name="fileExplorerNamespaceRestrictions_t">
         <xs:choice>
@@ -886,30 +879,30 @@ The following XML is the schema for new features introduced in Windows 10 1809 r
             </xs:sequence>
             <xs:element ref="v3:NoRestriction" minOccurs="0" maxOccurs="1" />
         </xs:choice>
-    </xs:complexType> 
+    </xs:complexType>
 
     <xs:complexType name="allowedFileExplorerNamespace_t">
         <xs:attribute name="Name" type="allowedFileExplorerNamespaceValues_t" use="required"/>
-    </xs:complexType> 
+    </xs:complexType>
 
     <xs:simpleType name="allowedFileExplorerNamespaceValues_t">
         <xs:restriction base="xs:string">
             <xs:enumeration value="Downloads"/>
         </xs:restriction>
-    </xs:simpleType> 
+    </xs:simpleType>
 
-    <xs:element name="FileExplorerNamespaceRestrictions" type="fileExplorerNamespaceRestrictions_t" /> 
+    <xs:element name="FileExplorerNamespaceRestrictions" type="fileExplorerNamespaceRestrictions_t" />
 
-    <xs:attribute name="AutoLaunch" type="xs:boolean"/> 
+    <xs:attribute name="AutoLaunch" type="xs:boolean"/>
 
-    <xs:attribute name="AutoLaunchArguments" type="xs:string"/> 
+    <xs:attribute name="AutoLaunchArguments" type="xs:string"/>
 
-    <xs:attribute name="DisplayName" type="xs:string"/> 
+    <xs:attribute name="DisplayName" type="xs:string"/>
 
 </xs:schema>
-``` 
+```
 
-The following XML is the schema for Windows 10 version 1909+: 
+The following XML is the schema for Windows 10 version 1909+:
 
 ```xml
 <?xml version="1.0" encoding="utf-8"?>
@@ -921,29 +914,29 @@ The following XML is the schema for Windows 10 version 1909+:
     xmlns:vc="http://www.w3.org/2007/XMLSchema-versioning"
     vc:minVersion="1.1"
     targetNamespace="http://schemas.microsoft.com/AssignedAccess/2020/config"
-    > 
+    >
 
     <xs:simpleType name="guid_t">
         <xs:restriction base="xs:string">
             <xs:pattern value="\{[0-9a-fA-F]{8}\-([0-9a-fA-F]{4}\-){3}[0-9a-fA-F]{12}\}"/>
         </xs:restriction>
-    </xs:simpleType> 
+    </xs:simpleType>
 
     <xs:complexType name="globalProfile_t">
         <xs:attribute name="Id" type="guid_t" />
     </xs:complexType>
-  
+
 
     <xs:element name="AllowRemovableDrives"/>
     <xs:element name="NoRestriction" />
-    <xs:element name="GlobalProfile" type="globalProfile_t" /> 
+    <xs:element name="GlobalProfile" type="globalProfile_t" />
 
 </xs:schema>
-``` 
+```
 
-To authorize a compatible configuration XML that includes elements and attributes from Windows 10 version 1809 or newer / Windows 11, always include the namespace of these add-on schemas, and decorate the attributes and elements accordingly with the namespace alias. 
+To authorize a compatible configuration XML that includes elements and attributes from Windows 10 version 1809 or newer / Windows 11, always include the namespace of these add-on schemas, and decorate the attributes and elements accordingly with the namespace alias.
 
-For example, to configure the autolaunch feature that was added in Windows 10 version 1809 / Windows 11, use the following sample. Notice an alias r1809 is given to the 201810 namespace for Windows 10 version 1809 / Windows 11, and the alias is tagged on AutoLaunch and AutoLaunchArguments inline. 
+For example, to configure the autolaunch feature that was added in Windows 10 version 1809 / Windows 11, use the following sample. Notice an alias r1809 is given to the 201810 namespace for Windows 10 version 1809 / Windows 11, and the alias is tagged on AutoLaunch and AutoLaunchArguments inline.
 
 ```xml
 <AssignedAccessConfiguration
diff --git a/windows/configuration/kiosk/lock-down-windows-10-applocker.md b/windows/configuration/kiosk/lock-down-windows-10-applocker.md
index 0818df922a..58a763d721 100644
--- a/windows/configuration/kiosk/lock-down-windows-10-applocker.md
+++ b/windows/configuration/kiosk/lock-down-windows-10-applocker.md
@@ -1,8 +1,8 @@
 ---
 title: Use AppLocker to create a Windows 10 kiosk that runs multiple apps
 description: Learn how to use AppLocker to configure a kiosk device running Windows 10 Enterprise or Windows 10 Education so that users can only run a few specific apps.
-ms.reviewer: sybruckm 
-
+appliesto:
+- ✅ <a href=/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
 ms.date: 07/30/2018
 ms.topic: article
 --- 
@@ -10,10 +10,6 @@ ms.topic: article
 # Use AppLocker to create a Windows 10 kiosk that runs multiple apps 
 
 
-**Applies to** 
-
-- Windows 10 
-
 Learn how to configure a device running Windows 10 Enterprise or Windows 10 Education, version 1703 and earlier, so that users can only run a few specific apps. The result is similar to [a kiosk device](./kiosk-methods.md), but with multiple apps available. For example, you might set up a library computer so that users can search the catalog and browse the Internet, but can't run any other apps or change computer settings. 
 
 >[!NOTE]
diff --git a/windows/configuration/kiosk/lock-down-windows-10-to-specific-apps.md b/windows/configuration/kiosk/lock-down-windows-10-to-specific-apps.md
index 3b6e3dd428..7de1ca5109 100644
--- a/windows/configuration/kiosk/lock-down-windows-10-to-specific-apps.md
+++ b/windows/configuration/kiosk/lock-down-windows-10-to-specific-apps.md
@@ -1,14 +1,8 @@
 ---
 title: Set up a multi-app kiosk on Windows 10
 description: Learn how to configure a kiosk device running Windows 10 so that users can only run a few specific apps.
-ms.reviewer: sybruckm
 ms.topic: how-to
 ms.date: 11/08/2023
-appliesto: 
-
-  - ✅ <b>Windows 10 Pro</b>
-  - ✅ <b>Windows 10 Enterprise</b>
-  - ✅ <b>Windows 10 Education</b>
 --- 
 
 # Set up a multi-app kiosk on Windows 10 devices 
diff --git a/windows/configuration/kiosk/lock-down-windows-11-to-specific-apps.md b/windows/configuration/kiosk/lock-down-windows-11-to-specific-apps.md
index 50f4bcf2a2..0e8663249b 100644
--- a/windows/configuration/kiosk/lock-down-windows-11-to-specific-apps.md
+++ b/windows/configuration/kiosk/lock-down-windows-11-to-specific-apps.md
@@ -2,65 +2,60 @@
 title: Set up a multi-app kiosk on Windows 11
 description: Learn how to configure a kiosk device running Windows 11 so that users can only run a few specific apps.
 ms.date: 05/12/2023
-ms.reviewer: sybruckm 
 
 ms.topic: how-to
 ---
-# Set up a multi-app kiosk on Windows 11 devices 
-
-**Applies to** 
-
-- Windows 11 Pro, Enterprise, IoT Enterprise and Education 
+# Set up a multi-app kiosk on Windows 11 devices
 
 > [!NOTE]
-> The use of multiple monitors is supported for multi-app kiosk mode in Windows 11. 
+> The use of multiple monitors is supported for multi-app kiosk mode in Windows 11.
 
-An assigned access multi-app kiosk runs one or more apps from the desktop. People using the kiosk see a customized Start that shows only the apps that are allowed. With this approach, you can configure a locked-down experience for different account types. A multi-app kiosk is appropriate for devices that are shared by multiple people. Here's a guide on how to set up a multi-app kiosk. 
+An assigned access multi-app kiosk runs one or more apps from the desktop. People using the kiosk see a customized Start that shows only the apps that are allowed. With this approach, you can configure a locked-down experience for different account types. A multi-app kiosk is appropriate for devices that are shared by multiple people. Here's a guide on how to set up a multi-app kiosk.
 
 > [!WARNING]
-> The assigned access feature is intended for corporate-owned fixed-purpose devices, like kiosks. When the multi-app assigned access configuration is applied on the device, [certain policies](kiosk-policies.md) are enforced system-wide, and will impact other users on the device. Deleting the kiosk configuration will remove the assigned access lockdown profiles associated with the users, but it cannot revert all the enforced policies (such as Start layout). A factory reset is needed to clear all the policies enforced via assigned access. 
+> The assigned access feature is intended for corporate-owned fixed-purpose devices, like kiosks. When the multi-app assigned access configuration is applied on the device, [certain policies](kiosk-policies.md) are enforced system-wide, and will impact other users on the device. Deleting the kiosk configuration will remove the assigned access lockdown profiles associated with the users, but it cannot revert all the enforced policies (such as Start layout). A factory reset is needed to clear all the policies enforced via assigned access.
 
 > [!TIP]
-> Be sure to check the [configuration recommendations](kiosk-prepare.md) before you set up your kiosk. 
+> Be sure to check the [configuration recommendations](kiosk-prepare.md) before you set up your kiosk.
 
-## Configure a Multi-App Kiosk 
+## Configure a Multi-App Kiosk
 
-See the table below for the different methods to configure a multi-app kiosk in Windows 11. 
+See the table below for the different methods to configure a multi-app kiosk in Windows 11.
 
 |Configuration Method|Availability|
 |--------------------|------------|
-|[MDM WMI Bridge Provider](#configure-a-kiosk-using-wmi-bridge) | Available May 2023| 
+|[MDM WMI Bridge Provider](#configure-a-kiosk-using-wmi-bridge) | Available May 2023|
 
-<!-- 
+<!--
 
 Commenting out the coming soon items
 |Intune|Coming soon|
 |Provisioning Package Using Windows Configuration Designer| Coming soon|
---> 
+-->
 
 > [!NOTE]
-> For WMI Bridge/PowerShell and Provisioning package methods, you will need to create your own multi-app kiosk XML file as specified below. 
+> For WMI Bridge/PowerShell and Provisioning package methods, you will need to create your own multi-app kiosk XML file as specified below.
 
-## Create the XML file 
+## Create the XML file
 
-Let's start by looking at the basic structure of the XML file. 
+Let's start by looking at the basic structure of the XML file.
 
-- A configuration xml can define multiple *profiles*. Each profile has a unique **Id** and defines a set of applications that are allowed to run, whether the taskbar is visible, and can include a custom Start layout. 
+- A configuration xml can define multiple *profiles*. Each profile has a unique **Id** and defines a set of applications that are allowed to run, whether the taskbar is visible, and can include a custom Start layout.
 
-- A configuration xml can have multiple *config* sections. Each config section associates a non-admin user account to a default profile **Id**. 
+- A configuration xml can have multiple *config* sections. Each config section associates a non-admin user account to a default profile **Id**.
 
-- Multiple config sections can be associated to the same profile. 
+- Multiple config sections can be associated to the same profile.
 
-- A profile has no effect if it's not associated to a config section. 
+- A profile has no effect if it's not associated to a config section.
 
-You can start your file by pasting the following XML into an XML editor, and saving the file as *filename*.xml. Each section of this XML is explained in this article.  
+You can start your file by pasting the following XML into an XML editor, and saving the file as *filename*.xml. Each section of this XML is explained in this article.
 
 > [!NOTE]
-> If you want to write a configuration file to be applied to both Windows 10 and Windows 11 devices, follow the [Windows 10 instructions](lock-down-windows-10-to-specific-apps.md) to add the StartLayout tag to your XML file, just above the StartPins tag. Windows will automatically ignore the sections that don't apply to the version running.  
+> If you want to write a configuration file to be applied to both Windows 10 and Windows 11 devices, follow the [Windows 10 instructions](lock-down-windows-10-to-specific-apps.md) to add the StartLayout tag to your XML file, just above the StartPins tag. Windows will automatically ignore the sections that don't apply to the version running.
 
 ```xml
 <?xml version="1.0" encoding="utf-8" ?>
-<AssignedAccessConfiguration  
+<AssignedAccessConfiguration
 
   xmlns="http://schemas.microsoft.com/AssignedAccess/2017/config" xmlns:win11="http://schemas.microsoft.com/AssignedAccess/2022/config">
     <Profiles>
@@ -80,66 +75,66 @@ You can start your file by pasting the following XML into an XML editor, and sav
     </Configs>
 </AssignedAccessConfiguration>
 ```
-#### Profile 
+#### Profile
 
-There are two types of profiles that you can specify in the XML: 
+There are two types of profiles that you can specify in the XML:
 
 - **Lockdown profile**: Users assigned a lockdown profile will see the desktop in tablet mode with the specific apps on the Start screen.
-- **Kiosk profile**: Starting with Windows 10 version 1803, this profile replaces the KioskModeApp node of the [AssignedAccess CSP](/windows/client-management/mdm/assignedaccess-csp). Users assigned a kiosk profile won't see the desktop, but only the kiosk app running in full-screen mode. 
+- **Kiosk profile**: Starting with Windows 10 version 1803, this profile replaces the KioskModeApp node of the [AssignedAccess CSP](/windows/client-management/mdm/assignedaccess-csp). Users assigned a kiosk profile won't see the desktop, but only the kiosk app running in full-screen mode.
 
-A lockdown profile section in the XML has the following entries: 
+A lockdown profile section in the XML has the following entries:
 
-- [**Id**](#id) 
+- [**Id**](#id)
 
-- [**AllowedApps**](#allowedapps) 
+- [**AllowedApps**](#allowedapps)
 
-- [**StartPins**](#startpins) 
+- [**StartPins**](#startpins)
 
-- [**Taskbar**](#taskbar) 
+- [**Taskbar**](#taskbar)
 
-A kiosk profile in the XML has the following entries: 
+A kiosk profile in the XML has the following entries:
 
-- [**Id**](#id) 
+- [**Id**](#id)
 
-- [**KioskModeApp**](#kioskmodeapp) 
+- [**KioskModeApp**](#kioskmodeapp)
 
-##### Id 
+##### Id
 
-The profile **Id** is a GUID attribute to uniquely identify the profile. You can create a GUID using a GUID generator. The GUID just needs to be unique within this XML file. 
+The profile **Id** is a GUID attribute to uniquely identify the profile. You can create a GUID using a GUID generator. The GUID just needs to be unique within this XML file.
 
 ```xml
 <Profiles>
   <Profile Id="{9A2A490F-10F6-4764-974A-43B19E722C23}">…</Profile>
 </Profiles>
-``` 
+```
 
-##### AllowedApps 
+##### AllowedApps
 
-**AllowedApps** is a list of applications that are allowed to run. Apps can be Universal Windows Platform (UWP) apps or Windows desktop applications. Starting with Windows 10 version 1809, you can configure a single app in the **AllowedApps** list to run automatically when the assigned access user account signs in. 
+**AllowedApps** is a list of applications that are allowed to run. Apps can be Universal Windows Platform (UWP) apps or Windows desktop applications. Starting with Windows 10 version 1809, you can configure a single app in the **AllowedApps** list to run automatically when the assigned access user account signs in.
 
 - For UWP apps, you need to provide the App User Model ID (AUMID). [Learn how to get the AUMID](./find-the-application-user-model-id-of-an-installed-app.md), or [get the AUMID from the Start Layout XML](#create-the-xml-file).
 - For desktop apps, you need to specify the full path of the executable, which can contain one or more system environment variables in the form of `%variableName%`. For example, `%systemroot%` or `%windir%`.
 - If an app has a dependency on another app, both must be included in the allowed apps list. For example, Internet Explorer 64-bit has a dependency on Internet Explorer 32-bit, so you must allow both `"C:\Program Files\internet explorer\iexplore.exe"` and `"C:\Program Files (x86)\Internet Explorer\iexplore.exe"`.
-- To configure a single app to launch automatically when the user signs in, include `rs5:AutoLaunch="true"` after the AUMID or path. You can also include arguments to be passed to the app. For an example, see [the AllowedApps sample XML](#apps-sample). 
+- To configure a single app to launch automatically when the user signs in, include `rs5:AutoLaunch="true"` after the AUMID or path. You can also include arguments to be passed to the app. For an example, see [the AllowedApps sample XML](#apps-sample).
 
-When the multi-app kiosk configuration is applied to a device, AppLocker rules will be generated to allow the apps that are listed in the configuration. Here are the predefined assigned access AppLocker rules for **UWP apps**: 
+When the multi-app kiosk configuration is applied to a device, AppLocker rules will be generated to allow the apps that are listed in the configuration. Here are the predefined assigned access AppLocker rules for **UWP apps**:
 
 1. Default rule is to allow all users to launch the signed package apps.
-2. The package app blocklist is generated at runtime when the assigned access user signs in. Based on the installed/provisioned package apps available for the user account, assigned access generates the blocklist. This list will exclude the default allowed inbox package apps, which are critical for the system to function. It then excludes the allowed packages that enterprises defined in the assigned access configuration. If there are multiple apps within the same package, all these apps will be excluded. This blocklist will be used to prevent the user from accessing the apps that are currently available for the user but not in the allowed list. 
+2. The package app blocklist is generated at runtime when the assigned access user signs in. Based on the installed/provisioned package apps available for the user account, assigned access generates the blocklist. This list will exclude the default allowed inbox package apps, which are critical for the system to function. It then excludes the allowed packages that enterprises defined in the assigned access configuration. If there are multiple apps within the same package, all these apps will be excluded. This blocklist will be used to prevent the user from accessing the apps that are currently available for the user but not in the allowed list.
 
   > [!NOTE]
   > You can't manage AppLocker rules that are generated by the multi-app kiosk configuration in [MMC snap-ins](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh994629(v=ws.11)#BKMK_Using_Snapins). Avoid creating AppLocker rules that conflict with AppLocker rules that are generated by the multi-app kiosk configuration.
-  > Multi-app kiosk mode doesn't block the enterprise or the users from installing UWP apps. When a new UWP app is installed during the current assigned access user session, this app will not be in the deny list. When the user signs out and signs in again, the app will be included in the blocklist. If this is an enterprise-deployed line-of-business app and you want to allow it to run, update the assigned access configuration to include it in the allowed app list. 
+  > Multi-app kiosk mode doesn't block the enterprise or the users from installing UWP apps. When a new UWP app is installed during the current assigned access user session, this app will not be in the deny list. When the user signs out and signs in again, the app will be included in the blocklist. If this is an enterprise-deployed line-of-business app and you want to allow it to run, update the assigned access configuration to include it in the allowed app list.
 
-Here are the predefined assigned access AppLocker rules for **desktop apps**: 
+Here are the predefined assigned access AppLocker rules for **desktop apps**:
 
 1. Default rule is to allow all users to launch the desktop programs signed with Microsoft Certificate in order for the system to boot and function. The rule also allows the admin user group to launch all desktop programs.
 2. There's a predefined inbox desktop app blocklist for the assigned access user account, and this blocklist is adjusted based on the desktop app allowlist that you defined in the multi-app configuration.
-3. Enterprise-defined allowed desktop apps are added in the AppLocker allowlist. 
+3. Enterprise-defined allowed desktop apps are added in the AppLocker allowlist.
 
-The following example allows Photos, Weather, Calculator, Paint, and Notepad apps to run on the device, with Notepad configured to automatically launch and create a file called `123.text` when the user signs in. 
+The following example allows Photos, Weather, Calculator, Paint, and Notepad apps to run on the device, with Notepad configured to automatically launch and create a file called `123.text` when the user signs in.
 
-<span id="apps-sample" /> 
+<span id="apps-sample" />
 
 ```xml
 <AllAppsList>
@@ -151,17 +146,17 @@ The following example allows Photos, Weather, Calculator, Paint, and Notepad app
           <App DesktopAppPath="C:\Windows\System32\notepad.exe" rs5:AutoLaunch="true" rs5:AutoLaunchArguments="123.txt">
         </AllowedApps>
 </AllAppsList>
-``` 
+```
 
-##### StartPins 
+##### StartPins
 
-After you define the list of allowed applications, you can customize the Start layout for your kiosk experience. The easiest way to create a customized Start layout to apply to other Windows client devices is to set up the Start screen on a test device and then export the layout. Once you've decided, you can get the JSON needed for your kiosk configuration by following the steps to [Get the pinnedList JSON](customize-and-export-start-layout.md). If you opt to do this using the PowerShell command, make sure that the system you run the command on has the same file structure as the device on which you will apply the kiosk (the path to the allowed apps must be the same). At the end of this step, you should have a JSON pinnedList that looks something like the below. 
+After you define the list of allowed applications, you can customize the Start layout for your kiosk experience. The easiest way to create a customized Start layout to apply to other Windows client devices is to set up the Start screen on a test device and then export the layout. Once you've decided, you can get the JSON needed for your kiosk configuration by following the steps to [Get the pinnedList JSON](customize-and-export-start-layout.md). If you opt to do this using the PowerShell command, make sure that the system you run the command on has the same file structure as the device on which you will apply the kiosk (the path to the allowed apps must be the same). At the end of this step, you should have a JSON pinnedList that looks something like the below.
 
-Add your pinnedList JSON into the StartPins tag in your XML file. 
+Add your pinnedList JSON into the StartPins tag in your XML file.
 
 ```xml
 <win11:StartPins>
-        <![CDATA[  
+        <![CDATA[
 
           { "pinnedList":[
             {"packagedAppId":"Microsoft.WindowsCalculator_8wekyb3d8bbwe!App"},
@@ -172,61 +167,61 @@ Add your pinnedList JSON into the StartPins tag in your XML file.
           ] }
         ]]>
       </win11:StartPins>
-``` 
+```
 
 > [!NOTE]
-> If an app isn't installed for the user, but is included in the Start layout XML, the app isn't shown on the Start screen. 
+> If an app isn't installed for the user, but is included in the Start layout XML, the app isn't shown on the Start screen.
 
-##### Taskbar 
+##### Taskbar
 
-Define whether you want to have the taskbar present in the kiosk device. For tablet-based or touch-enabled all-in-one kiosks, when you don't attach a keyboard and mouse, you can hide the taskbar as part of the multi-app experience if you want. 
+Define whether you want to have the taskbar present in the kiosk device. For tablet-based or touch-enabled all-in-one kiosks, when you don't attach a keyboard and mouse, you can hide the taskbar as part of the multi-app experience if you want.
 
-The following example exposes the taskbar to the end user: 
+The following example exposes the taskbar to the end user:
 
 ```xml
 <Taskbar ShowTaskbar="true"/>
-``` 
+```
 
-The following example hides the taskbar: 
+The following example hides the taskbar:
 
 ```xml
 <Taskbar ShowTaskbar="false"/>
-``` 
+```
 
 > [!NOTE]
-> This is different from the **Automatically hide the taskbar** option in tablet mode, which shows the taskbar when swiping up from or moving the mouse pointer down to the bottom of the screen. Setting **ShowTaskbar** as **false** will always keep the taskbar hidden. 
+> This is different from the **Automatically hide the taskbar** option in tablet mode, which shows the taskbar when swiping up from or moving the mouse pointer down to the bottom of the screen. Setting **ShowTaskbar** as **false** will always keep the taskbar hidden.
 
-##### KioskModeApp 
+##### KioskModeApp
 
-**KioskModeApp** is used for a [kiosk profile](#profile) only. Enter the AUMID for a single app. You can only specify one kiosk profile in the XML. 
+**KioskModeApp** is used for a [kiosk profile](#profile) only. Enter the AUMID for a single app. You can only specify one kiosk profile in the XML.
 
 ```xml
 <KioskModeApp AppUserModelId="Microsoft.WindowsCalculator_8wekyb3d8bbwe!App"/>
-``` 
+```
 
 > [!IMPORTANT]
-> The kiosk profile is designed for public-facing kiosk devices. We recommend that you use a local, non-administrator account. If the device is connected to your company network, using a domain or Microsoft Entra account could potentially compromise confidential information.   
+> The kiosk profile is designed for public-facing kiosk devices. We recommend that you use a local, non-administrator account. If the device is connected to your company network, using a domain or Microsoft Entra account could potentially compromise confidential information.
 
-#### Configs 
+#### Configs
 
-Under **Configs**, define which user account will be associated with the profile. When this user account signs in on the device, the associated assigned access profile will be enforced. This behavior includes the allowed apps, Start layout, taskbar configuration, and other local group policies or mobile device management (MDM) policies set as part of the multi-app experience. 
+Under **Configs**, define which user account will be associated with the profile. When this user account signs in on the device, the associated assigned access profile will be enforced. This behavior includes the allowed apps, Start layout, taskbar configuration, and other local group policies or mobile device management (MDM) policies set as part of the multi-app experience.
 
-The full multi-app assigned access experience can only work for non-admin users. It's not supported to associate an admin user with the assigned access profile. Making this configuration in the XML file will result in unexpected or unsupported experiences when this admin user signs in. 
+The full multi-app assigned access experience can only work for non-admin users. It's not supported to associate an admin user with the assigned access profile. Making this configuration in the XML file will result in unexpected or unsupported experiences when this admin user signs in.
 
-You can assign: 
+You can assign:
 
 - [A local standard user account that signs in automatically](#config-for-autologon-account) (Applies to Windows 10, version 1803 only)
 - [An individual account, which can be local, domain, or Microsoft Entra ID](#config-for-individual-accounts)
-- [A group account, which can be local, Active Directory (domain), or Microsoft Entra ID](#config-for-group-accounts) (Applies to Windows 10, version 1803 only). 
+- [A group account, which can be local, Active Directory (domain), or Microsoft Entra ID](#config-for-group-accounts) (Applies to Windows 10, version 1803 only).
 
 > [!NOTE]
-> Configs that specify group accounts cannot use a kiosk profile, only a lockdown profile. If a group is configured to a kiosk profile, the CSP will reject the request. 
+> Configs that specify group accounts cannot use a kiosk profile, only a lockdown profile. If a group is configured to a kiosk profile, the CSP will reject the request.
 
-##### Config for AutoLogon Account 
+##### Config for AutoLogon Account
 
-When you use `<AutoLogonAccount>` and the configuration is applied to a device, the specified account (managed by Assigned Access) is created on the device as a local standard user account. The specified account is signed in automatically after restart. 
+When you use `<AutoLogonAccount>` and the configuration is applied to a device, the specified account (managed by Assigned Access) is created on the device as a local standard user account. The specified account is signed in automatically after restart.
 
-The following example shows how to specify an account to sign in automatically. 
+The following example shows how to specify an account to sign in automatically.
 
 ```xml
 <Configs>
@@ -235,9 +230,9 @@ The following example shows how to specify an account to sign in automatically.
     <DefaultProfile Id="{9A2A490F-10F6-4764-974A-43B19E722C23}"/>
   </Config>
 </Configs>
-``` 
+```
 
-Starting with Windows 10 version 1809, you can configure the display name that will be shown when the user signs in. The following example shows how to create an AutoLogon Account that shows the name "Hello World". 
+Starting with Windows 10 version 1809, you can configure the display name that will be shown when the user signs in. The following example shows how to create an AutoLogon Account that shows the name "Hello World".
 
 ```xml
 <Configs>
@@ -246,28 +241,28 @@ Starting with Windows 10 version 1809, you can configure the display name that w
     <DefaultProfile Id="{9A2A490F-10F6-4764-974A-43B19E722C23}"/>
   </Config>
 </Configs>
-``` 
+```
 
-On domain-joined devices, local user accounts aren't shown on the sign-in screen by default. To show the **AutoLogonAccount** on the sign-in screen, enable the following Group Policy setting: **Computer Configuration > Administrative Templates > System > Logon > Enumerate local users on domain-joined computers**. (The corresponding MDM policy setting is [WindowsLogon/EnumerateLocalUsersOnDomainJoinedComputers in the Policy CSP](/windows/client-management/mdm/policy-csp-windowslogon#windowslogon-enumeratelocalusersondomainjoinedcomputers).) 
+On domain-joined devices, local user accounts aren't shown on the sign-in screen by default. To show the **AutoLogonAccount** on the sign-in screen, enable the following Group Policy setting: **Computer Configuration > Administrative Templates > System > Logon > Enumerate local users on domain-joined computers**. (The corresponding MDM policy setting is [WindowsLogon/EnumerateLocalUsersOnDomainJoinedComputers in the Policy CSP](/windows/client-management/mdm/policy-csp-windowslogon#windowslogon-enumeratelocalusersondomainjoinedcomputers).)
 
 >[!IMPORTANT]
->When Exchange Active Sync (EAS) password restrictions are active on the device, the autologon feature does not work. This behavior is by design. For more informations, see [How to turn on automatic logon in Windows](/troubleshoot/windows-server/user-profiles-and-logon/turn-on-automatic-logon). 
+>When Exchange Active Sync (EAS) password restrictions are active on the device, the autologon feature does not work. This behavior is by design. For more informations, see [How to turn on automatic logon in Windows](/troubleshoot/windows-server/user-profiles-and-logon/turn-on-automatic-logon).
 
-##### Config for individual accounts 
+##### Config for individual accounts
 
-Individual accounts are specified using `<Account>`. 
+Individual accounts are specified using `<Account>`.
 
 - Local account can be entered as `machinename\account` or `.\account` or just `account`.
 - Domain account should be entered as `domain\account`.
-- Microsoft Entra account must be specified in this format: `AzureAD\{email address}`. **AzureAD** must be provided _as is_, and consider it's a fixed domain name. Then follow with the Microsoft Entra ID email address. For example, `AzureAD\someone@contoso.onmicrosoft.com` 
+- Microsoft Entra account must be specified in this format: `AzureAD\{email address}`. **AzureAD** must be provided _as is_, and consider it's a fixed domain name. Then follow with the Microsoft Entra ID email address. For example, `AzureAD\someone@contoso.onmicrosoft.com`
 
 > [!WARNING]
-> Assigned access can be configured via WMI or CSP to run its applications under a domain user or service account, rather than a local account.  However, use of domain user or service accounts introduces risks that an attacker subverting the assigned access application might gain access to sensitive domain resources that have been inadvertently left accessible to any domain account. We recommend that customers proceed with caution when using domain accounts with assigned access, and consider the domain resources potentially exposed by the decision to do so. 
+> Assigned access can be configured via WMI or CSP to run its applications under a domain user or service account, rather than a local account.  However, use of domain user or service accounts introduces risks that an attacker subverting the assigned access application might gain access to sensitive domain resources that have been inadvertently left accessible to any domain account. We recommend that customers proceed with caution when using domain accounts with assigned access, and consider the domain resources potentially exposed by the decision to do so.
 
-Before applying the multi-app configuration, make sure the specified user account is available on the device, otherwise it will fail. 
+Before applying the multi-app configuration, make sure the specified user account is available on the device, otherwise it will fail.
 
 > [!NOTE]
-> For both domain and Microsoft Entra accounts, it's not required that target account is explicitly added to the device. As long as the device is AD-joined or Microsoft Entra joined, the account can be discovered in the domain forest or tenant that the device is joined to. For local accounts, it is required that the account exist before you configure the account for assigned access. 
+> For both domain and Microsoft Entra accounts, it's not required that target account is explicitly added to the device. As long as the device is AD-joined or Microsoft Entra joined, the account can be discovered in the domain forest or tenant that the device is joined to. For local accounts, it is required that the account exist before you configure the account for assigned access.
 
 ```xml
 <Configs>
@@ -276,132 +271,132 @@ Before applying the multi-app configuration, make sure the specified user accoun
     <DefaultProfile Id="{9A2A490F-10F6-4764-974A-43B19E722C23}"/>
   </Config>
 </Configs>
-``` 
+```
 
-##### Config for group accounts 
+##### Config for group accounts
 
-Group accounts are specified using `<UserGroup>`. Nested groups aren't supported. For example, if user A is member of Group 1, Group 1 is member of Group 2, and Group 2 is used in `<Config/>`, user A won't have the kiosk experience. 
+Group accounts are specified using `<UserGroup>`. Nested groups aren't supported. For example, if user A is member of Group 1, Group 1 is member of Group 2, and Group 2 is used in `<Config/>`, user A won't have the kiosk experience.
 
-- Local group: Specify the group type as **LocalGroup** and put the group name in Name attribute. Any Microsoft Entra accounts that are added to the local group won't have the kiosk settings applied. 
+- Local group: Specify the group type as **LocalGroup** and put the group name in Name attribute. Any Microsoft Entra accounts that are added to the local group won't have the kiosk settings applied.
 
   ```xml
   <Config>
     <UserGroup Type="LocalGroup" Name="mygroup" />
     <DefaultProfile Id="{9A2A490F-10F6-4764-974A-43B19E722C23}"/>
   </Config>
-  ``` 
+  ```
 
-- Domain group: Both security and distribution groups are supported. Specify the group type as <strong>ActiveDirectoryGroup</strong>. Use the domain name as the prefix in the name attribute. 
+- Domain group: Both security and distribution groups are supported. Specify the group type as <strong>ActiveDirectoryGroup</strong>. Use the domain name as the prefix in the name attribute.
 
   ```xml
   <Config>
     <UserGroup Type="ActiveDirectoryGroup" Name="mydomain\mygroup" />
     <DefaultProfile Id="{9A2A490F-10F6-4764-974A-43B19E722C23}"/>
   </Config>
-  ``` 
+  ```
 
-- Microsoft Entra group: Use the group object ID from the Azure portal to uniquely identify the group in the Name attribute. You can find the object ID on the overview page for the group in **Users and groups** > **All groups**. Specify the group type as **AzureActiveDirectoryGroup**. The kiosk device must have internet connectivity when users that belong to the group sign-in. 
+- Microsoft Entra group: Use the group object ID from the Azure portal to uniquely identify the group in the Name attribute. You can find the object ID on the overview page for the group in **Users and groups** > **All groups**. Specify the group type as **AzureActiveDirectoryGroup**. The kiosk device must have internet connectivity when users that belong to the group sign-in.
 
   ```xml
   <Config>
     <UserGroup Type="AzureActiveDirectoryGroup" Name="a8d36e43-4180-4ac5-a627-fb8149bba1ac" />
     <DefaultProfile Id="{9A2A490F-10F6-4764-974A-43B19E722C23}"/>
   </Config>
-  ``` 
+  ```
 
   > [!NOTE]
-  > If a Microsoft Entra group is configured with a lockdown profile on a device, a user in the Microsoft Entra group must change their password (after the account has been created with default password on the portal) before they can sign in to this device. If the user uses the default password to sign in to the device, the user will be immediately signed out. 
+  > If a Microsoft Entra group is configured with a lockdown profile on a device, a user in the Microsoft Entra group must change their password (after the account has been created with default password on the portal) before they can sign in to this device. If the user uses the default password to sign in to the device, the user will be immediately signed out.
 
-<span id="add-xml" /> 
+<span id="add-xml" />
 
-## Configure a kiosk using WMI Bridge 
+## Configure a kiosk using WMI Bridge
 
-Environments that use [Windows Management Instrumentation (WMI)](/windows/win32/wmisdk/wmi-start-page) can use the [MDM Bridge WMI Provider](/windows/win32/dmwmibridgeprov/mdm-bridge-wmi-provider-portal) to configure the MDM_AssignedAccess class. 
+Environments that use [Windows Management Instrumentation (WMI)](/windows/win32/wmisdk/wmi-start-page) can use the [MDM Bridge WMI Provider](/windows/win32/dmwmibridgeprov/mdm-bridge-wmi-provider-portal) to configure the MDM_AssignedAccess class.
 
-Here's an example of how to set AssignedAccess configuration: 
+Here's an example of how to set AssignedAccess configuration:
 
-1. Download the [psexec tool](/sysinternals/downloads/psexec).  
+1. Download the [psexec tool](/sysinternals/downloads/psexec).
 
 1. Using an elevated command prompt, run `psexec.exe -i -s cmd.exe`.
 1. In the command prompt launched by psexec.exe, enter `powershell.exe` to open PowerShell.
-1. Save the following Powershell excerpt as a PowerShell script (.ps1), replacing the placeholder "your XML here" with the [Sample Assigned Access XML](#sample-assigned-access-xml) then run the script at the Powershell prompt from the previous step. 
+1. Save the following Powershell excerpt as a PowerShell script (.ps1), replacing the placeholder "your XML here" with the [Sample Assigned Access XML](#sample-assigned-access-xml) then run the script at the Powershell prompt from the previous step.
 
 ```powershell
 $eventLogFilterHashTable = @{
     ProviderName = "Microsoft-Windows-AssignedAccess";
     StartTime    = Get-Date -Millisecond 0
-} 
+}
 
 $namespaceName="root\cimv2\mdm\dmmap"
 $className="MDM_AssignedAccess"
 $obj = Get-CimInstance -Namespace $namespaceName -ClassName $className
-$obj.Configuration = [System.Net.WebUtility]::HtmlEncode(@" 
+$obj.Configuration = [System.Net.WebUtility]::HtmlEncode(@"
 
 <your XML here>
-    
 
-"@) 
+
+"@)
 
 $obj = Set-CimInstance -CimInstance $obj -ErrorVariable cimSetError -ErrorAction SilentlyContinue
 if($cimSetError) {
     Write-Output "An ERROR occurred. Displaying error record and attempting to retrieve error logs...`n"
-    Write-Error -ErrorRecord $cimSetError[0] 
+    Write-Error -ErrorRecord $cimSetError[0]
 
     $timeout = New-TimeSpan -Seconds 30
     $stopwatch = [System.Diagnostics.Stopwatch]::StartNew()
     do{
         $events = Get-WinEvent -FilterHashtable $eventLogFilterHashTable -ErrorAction Ignore
     } until ($events.Count -or $stopwatch.Elapsed -gt $timeout) # wait for the log to be available
-    
+
 
     if($events.Count) {
-        $events | ForEach-Object { 
+        $events | ForEach-Object {
 
-            Write-Output "$($_.TimeCreated) [$($_.LevelDisplayName.ToUpper())] $($_.Message -replace "`n|`r")" 
+            Write-Output "$($_.TimeCreated) [$($_.LevelDisplayName.ToUpper())] $($_.Message -replace "`n|`r")"
 
         }
     } else {
         Write-Warning "Timed-out attempting to retrieve event logs..."
-    } 
+    }
 
     Exit 1
-} 
+}
 
 Write-Output "Successfully applied Assigned Access configuration"
-``` 
+```
 
-## Sample Assigned Access XML 
+## Sample Assigned Access XML
 
-This section contains a predefined XML file which can be used as a quickstart to get familiar with the Assigned Access multi-app kiosk feature on Windows 11. 
+This section contains a predefined XML file which can be used as a quickstart to get familiar with the Assigned Access multi-app kiosk feature on Windows 11.
 
 ```xml
 <?xml version="1.0" encoding="utf-8" ?>
-<AssignedAccessConfiguration  
+<AssignedAccessConfiguration
 
-  xmlns="http://schemas.microsoft.com/AssignedAccess/2017/config" 
+  xmlns="http://schemas.microsoft.com/AssignedAccess/2017/config"
 
   xmlns:win11="http://schemas.microsoft.com/AssignedAccess/2022/config">
   <Profiles>
-    <Profile Id="{9A2A490F-10F6-4764-974A-43B19E722C23}">       
+    <Profile Id="{9A2A490F-10F6-4764-974A-43B19E722C23}">
 
       <AllAppsList>
-        <AllowedApps> 
+        <AllowedApps>
 
-          <App AppUserModelId="Microsoft.Windows.Photos_8wekyb3d8bbwe!App" /> 
+          <App AppUserModelId="Microsoft.Windows.Photos_8wekyb3d8bbwe!App" />
 
-          <App AppUserModelId="Microsoft.BingWeather_8wekyb3d8bbwe!App" /> 
+          <App AppUserModelId="Microsoft.BingWeather_8wekyb3d8bbwe!App" />
 
           <App AppUserModelId="Microsoft.WindowsCalculator_8wekyb3d8bbwe!App" />
           <App DesktopAppPath="C:\Windows\system32\cmd.exe" />
           <App DesktopAppPath="%windir%\System32\WindowsPowerShell\v1.0\Powershell.exe" />
-          <App DesktopAppPath="%windir%\explorer.exe" /> 
+          <App DesktopAppPath="%windir%\explorer.exe" />
 
-        </AllowedApps> 
+        </AllowedApps>
 
-      </AllAppsList> 
+      </AllAppsList>
 
       <win11:StartPins>
-        <![CDATA[  
+        <![CDATA[
 
           { "pinnedList":[
             {"packagedAppId":"Microsoft.WindowsCalculator_8wekyb3d8bbwe!App"},
@@ -414,7 +409,7 @@ This section contains a predefined XML file which can be used as a quickstart to
         ]]>
       </win11:StartPins>
       <Taskbar ShowTaskbar="true"/>
-    </Profile> 
+    </Profile>
 
   </Profiles>
   <Configs>
@@ -423,6 +418,6 @@ This section contains a predefined XML file which can be used as a quickstart to
       <DefaultProfile Id="{9A2A490F-10F6-4764-974A-43B19E722C23}"/>
     </Config>
   </Configs>
-</AssignedAccessConfiguration> 
+</AssignedAccessConfiguration>
 
 ```
diff --git a/windows/configuration/kiosk/lockdown-features-windows-10.md b/windows/configuration/kiosk/lockdown-features-windows-10.md
index fc124c8ea3..c2a79ce4ea 100644
--- a/windows/configuration/kiosk/lockdown-features-windows-10.md
+++ b/windows/configuration/kiosk/lockdown-features-windows-10.md
@@ -2,15 +2,13 @@
 title: Lockdown features from Windows Embedded 8.1 Industry
 description: Many of the lockdown features available in Windows Embedded 8.1 Industry have been modified in some form for Windows 10.
 ms.topic: article 
-
+appliesto:
+- ✅ <a href=/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
 ms.date: 12/31/2017
 --- 
 
 # Lockdown features from Windows Embedded 8.1 Industry 
 
-**Applies to** 
-
-- Windows 10 
 
 Many of the lockdown features available in Windows Embedded 8.1 Industry have been modified in some form for Windows 10. This table maps Windows Embedded Industry 8.1 features to Windows 10 Enterprise features, along with links to documentation. 
 
diff --git a/windows/configuration/kiosk/setup-digital-signage.md b/windows/configuration/kiosk/setup-digital-signage.md
index 61b5f99dbf..a6134643ce 100644
--- a/windows/configuration/kiosk/setup-digital-signage.md
+++ b/windows/configuration/kiosk/setup-digital-signage.md
@@ -1,18 +1,11 @@
 ---
-title: Set up digital signs on Windows 10/11
+title: Set up digital signs on Windows
 description: A single-use device such as a digital sign is easy to set up in Windows 10 and Windows 11 (Pro, Enterprise, and Education).
-ms.reviewer: sybruckm 
-
 ms.date: 09/20/2021
 ms.topic: article
 --- 
 
-# Set up digital signs on Windows 10/11 
-
-**Applies to** 
-
-- Windows 10 Pro, Enterprise, and Education
-- Windows 11 
+# Set up digital signs
 
 Digital signage can be a useful and exciting business tool. Use digital signs to showcase your products and services, to display testimonials, or to advertise promotions and campaigns. A digital sign can be a static display, such as a building directory or menu, or it can be dynamic, such as repeating videos or a social media feed.  
 
diff --git a/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md b/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md
index 5e2ce4c248..2aed74c0c3 100644
--- a/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md
+++ b/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md
@@ -3,16 +3,11 @@ title: Configuration service providers for IT pros (Windows 10/11)
 description: Describes how IT pros and system administrators can use configuration service providers (CSPs) to configure devices.
 ms.reviewer: gkomatsu
 ms.topic: article 
-
 ms.date: 12/31/2017
 --- 
 
-# Configuration service providers for IT pros 
+# Configuration service providers for IT pros
 
-**Applies to** 
-
-- Windows 10
-- Windows 11 
 
 This article explains how IT pros and system administrators can take advantage of many settings available through configuration service providers (CSPs) to configure devices running Windows client in their organizations. CSPs expose device configuration settings in Windows client. The CSPs are used by mobile device management (MDM) service providers and are documented in the [Hardware Dev Center](/windows/client-management/mdm/configuration-service-provider-reference). 
 
@@ -74,7 +69,7 @@ The [CSP reference](/windows/client-management/mdm/configuration-service-provide
 
 The documentation for each CSP follows the same structure. After an introduction that explains the purpose of the CSP, a diagram shows the parts of the CSP in tree format. 
 
-The full path to a specific configuration setting is represented by its Open Mobile Alliance - Uniform Resource Identifier (OMA-URI). The URI is relative to the devices’ root node (MSFT, for example). Features supported by a particular CSP can be set by addressing the complete OMA-URI path. 
+The full path to a specific configuration setting is represented by its Open Mobile Alliance - Uniform Resource Identifier (OMA-URI). The URI is relative to the devices' root node (MSFT, for example). Features supported by a particular CSP can be set by addressing the complete OMA-URI path. 
 
 The following example shows the diagram for the [AssignedAccess CSP](/windows/client-management/mdm/assignedaccess-csp). The diagram maps to the XML for that CSP. Notice the different shapes in the diagram: rounded elements are nodes, and rectangular elements are settings or policies for which a value must be supplied. 
 
diff --git a/windows/configuration/provisioning-packages/provision-pcs-for-initial-deployment.md b/windows/configuration/provisioning-packages/provision-pcs-for-initial-deployment.md
index 7a4fda4dd0..0dcceb4ac5 100644
--- a/windows/configuration/provisioning-packages/provision-pcs-for-initial-deployment.md
+++ b/windows/configuration/provisioning-packages/provision-pcs-for-initial-deployment.md
@@ -3,34 +3,25 @@ title: Provision PCs with common settings (Windows 10/11)
 description: Create a provisioning package to apply common settings to a PC running Windows 10.
 ms.reviewer: gkomatsu
 ms.topic: article 
-
 ms.date: 12/31/2017
 --- 
 
 # Provision PCs with common settings for initial deployment (desktop wizard) 
 
-
-**Applies to** 
-
-- Windows 10
-- Windows 11 
-
 This topic explains how to create and apply a provisioning package that contains common enterprise settings to a device running all desktop editions of Windows client except Home. 
 
 You can apply a provisioning package on a USB drive to off-the-shelf devices during setup, making it fast and easy to configure new devices.  
 
 ## Advantages
-- You can configure new devices without reimaging. 
 
-- Works on desktop devices. 
-
-- No network connectivity required. 
-
-- Simple to apply. 
+- You can configure new devices without reimaging
+- Works on desktop devices
+- No network connectivity required
+- Simple to apply
 
 [Learn more about the benefits and uses of provisioning packages.](provisioning-packages.md) 
 
-## What does the desktop wizard do? 
+## What does the desktop wizard do?
 
 The desktop wizard helps you configure the following settings in a provisioning package: 
 
@@ -38,13 +29,10 @@ The desktop wizard helps you configure the following settings in a provisioning
 - Upgrade product edition
 - Configure the device for shared use
 - Remove pre-installed software
-- Configure Wi-Fi network 
-
-- Enroll device in Active Directory or Microsoft Entra ID 
-
-- Create local administrator account 
-
-- Add applications and certificates 
+- Configure Wi-Fi network
+- Enroll device in Active Directory or Microsoft Entra ID
+- Create local administrator account
+- Add applications and certificates
 
 >[!WARNING]
 >You must run Windows Configuration Designer on Windows client to configure Microsoft Entra enrollment using any of the wizards. 
diff --git a/windows/configuration/provisioning-packages/provision-pcs-with-apps.md b/windows/configuration/provisioning-packages/provision-pcs-with-apps.md
index 290927af87..a377fb607a 100644
--- a/windows/configuration/provisioning-packages/provision-pcs-with-apps.md
+++ b/windows/configuration/provisioning-packages/provision-pcs-with-apps.md
@@ -1,7 +1,6 @@
 ---
-title: Provision PCs with apps  (Windows 10/11)
+title: Provision PCs with apps
 description: Learn how to install multiple Universal Windows Platform (UWP) apps and Windows desktop applications (Win32) in a provisioning package. 
-
 ms.topic: article
 ms.reviewer: gkomatsu
 ms.date: 12/31/2017
@@ -9,13 +8,6 @@ ms.date: 12/31/2017
 
 # Provision PCs with apps  
 
-
-**Applies to** 
-
-- Windows 10
-- Windows 11 
-
-
 You can install multiple Universal Windows Platform (UWP) apps and Windows desktop applications (Win32) in a provisioning package. This article explains the various settings in [Windows Configuration Designer](provisioning-install-icd.md) for app install. 
 
 When you add an app in a Windows Configuration Designer wizard, the appropriate settings are displayed based on the app that you select. For instructions on adding an app using the advanced editor in Windows Configuration Designer, see [Add an app using advanced editor](#adv). 
@@ -27,7 +19,7 @@ When you add an app in a Windows Configuration Designer wizard, the appropriate
 
 - **License Path**: Specify the license file if it is an app from the Microsoft Store. This is optional if you have a certificate for the app.  
 
-- **Package family name**: Specify the package family name if you don’t specify a license. This field will be autopopulated after you specify a license.  
+- **Package family name**: Specify the package family name if you don't specify a license. This field will be autopopulated after you specify a license.  
 
 - **Required appx dependencies**: Specify the appx dependency packages that are required for the installation of the app  
 
diff --git a/windows/configuration/provisioning-packages/provisioning-apply-package.md b/windows/configuration/provisioning-packages/provisioning-apply-package.md
index b015e76b55..715a398ddc 100644
--- a/windows/configuration/provisioning-packages/provisioning-apply-package.md
+++ b/windows/configuration/provisioning-packages/provisioning-apply-package.md
@@ -2,18 +2,11 @@
 title: Apply a provisioning package (Windows 10/11)
 description: Provisioning packages can be applied to a device during initial setup (OOBE) and after (runtime).
 ms.topic: article 
-
 ms.reviewer: gkomatsu
 ms.date: 12/31/2017
 --- 
 
-# Apply a provisioning package 
-
-
-**Applies to** 
-
-- Windows 10
-- Windows 11 
+# Apply a provisioning package
 
 Provisioning packages can be applied to a device during initial setup (out-of-box experience or "OOBE") and after ("runtime"). 
 
diff --git a/windows/configuration/provisioning-packages/provisioning-command-line.md b/windows/configuration/provisioning-packages/provisioning-command-line.md
index 98aff52052..ee14a82644 100644
--- a/windows/configuration/provisioning-packages/provisioning-command-line.md
+++ b/windows/configuration/provisioning-packages/provisioning-command-line.md
@@ -2,19 +2,12 @@
 title: Windows Configuration Designer command-line interface (Windows 10/11)
 description: Learn more about the ICD syntax, switches, and arguments that you can use in the Windows Configuration Designer command-line interface for Windows10/11 client devices.
 ms.topic: article 
-
 ms.reviewer: gkomatsu
 ms.date: 12/31/2017
 --- 
 
 # Windows Configuration Designer command-line interface (reference) 
 
-
-**Applies to** 
-
-- Windows 10
-- Windows 11 
-
 You can use the Windows Configuration Designer command-line interface (CLI) to automate the building of provisioning packages.  
 
 - IT pros can use the Windows Configuration Designer CLI to require less retooling of existing processes. You must run the Windows Configuration Designer CLI from a command window with administrator privileges. 
diff --git a/windows/configuration/provisioning-packages/provisioning-create-package.md b/windows/configuration/provisioning-packages/provisioning-create-package.md
index cb8967800a..2fe3d0c0cf 100644
--- a/windows/configuration/provisioning-packages/provisioning-create-package.md
+++ b/windows/configuration/provisioning-packages/provisioning-create-package.md
@@ -2,7 +2,6 @@
 title: Create a provisioning package (Windows 10/11)
 description: Learn how to create a provisioning package for Windows 10/11, which lets you quickly configure a device without having to install a new image.
 ms.topic: article 
-
 ms.reviewer: gkomatsu
 ms.date: 12/31/2017
 --- 
@@ -10,11 +9,6 @@ ms.date: 12/31/2017
 # Create a provisioning package 
 
 
-**Applies to** 
-
-- Windows 10
-- Windows 11 
-
 You can use Windows Configuration Designer to create a provisioning package (`.ppkg`) that contains customization settings, and then apply the provisioning package to a device running Windows client. 
 
 >[Learn how to install Windows Configuration Designer.](provisioning-install-icd.md) 
diff --git a/windows/configuration/provisioning-packages/provisioning-how-it-works.md b/windows/configuration/provisioning-packages/provisioning-how-it-works.md
index 89e2bc9fab..95888595a0 100644
--- a/windows/configuration/provisioning-packages/provisioning-how-it-works.md
+++ b/windows/configuration/provisioning-packages/provisioning-how-it-works.md
@@ -2,19 +2,12 @@
 title: How provisioning works in Windows 10/11
 description: Learn more about how provisioning package work on Windows client devices. A provisioning package (.ppkg) is a container for a collection of configuration settings.
 ms.topic: article 
-
 ms.reviewer: gkomatsu
 ms.date: 12/31/2017
 --- 
 
 # How provisioning works in Windows 
 
-
-**Applies to** 
-
-- Windows 10
-- Windows 11 
-
 Provisioning packages in Windows client provide IT administrators with a simplified way to apply configuration settings to Windows client devices. Windows Configuration Designer is a tool that makes it easy to create a provisioning package. Windows Configuration Designer can be installed from <!-- the [Windows Assessment and Deployment Kit (ADK)](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit) or through the --> Microsoft Store. 
 
 ## Provisioning packages 
diff --git a/windows/configuration/provisioning-packages/provisioning-install-icd.md b/windows/configuration/provisioning-packages/provisioning-install-icd.md
index c5318fcbc6..a2d3578dc9 100644
--- a/windows/configuration/provisioning-packages/provisioning-install-icd.md
+++ b/windows/configuration/provisioning-packages/provisioning-install-icd.md
@@ -8,12 +8,6 @@ ms.date: 12/31/2017
 
 # Install Windows Configuration Designer, and learn about any limitations 
 
-
-**Applies to** 
-
-- Windows 10
-- Windows 11 
-
 Use the Windows Configuration Designer tool to create provisioning packages to easily configure devices running Windows client. Windows Configuration Designer is primarily used by IT departments for business and educational institutions who need to provision bring-your-own-device (BYOD) and business-supplied devices. 
 
 ## Supported platforms 
diff --git a/windows/configuration/provisioning-packages/provisioning-packages.md b/windows/configuration/provisioning-packages/provisioning-packages.md
index 5e87c3d5d5..9afeb7d6b5 100644
--- a/windows/configuration/provisioning-packages/provisioning-packages.md
+++ b/windows/configuration/provisioning-packages/provisioning-packages.md
@@ -6,12 +6,7 @@ ms.topic: article
 ms.date: 12/31/2017
 --- 
 
-# Provisioning packages for Windows 
-
-**Applies to** 
-
-- Windows 10
-- Windows 11 
+# Provisioning packages for Windows
 
 Windows provisioning makes it easy for IT administrators to configure end-user devices without imaging. When you use Windows provisioning, an IT administrator can easily specify the desired configuration and settings required to enroll the devices into management. Then, apply that configuration to target devices in a matter of minutes. It's best suited for small- to medium-sized businesses with deployments that range from tens to a few hundred computers.  
 
@@ -63,15 +58,15 @@ The following table describes settings that you can configure using the wizards
 
 | Step | Description | Desktop wizard | Kiosk wizard | HoloLens wizard |
 | --- | --- | --- | --- | --- |
-| Set up device | Assign device name, enter product key to upgrade Windows, configure shared use, remove pre-installed software | ✔️ | ✔️ | ✔️ |
-| Set up network | Connect to a Wi-Fi network | ✔️ | ✔️ | ✔️ |
-| Account management | Enroll device in Active Directory, enroll device in Microsoft Entra ID, or create a local administrator account | ✔️ | ✔️ | ✔️ |
-| Bulk Enrollment in Microsoft Entra ID | Enroll device in Microsoft Entra ID using Bulk Token</br></br> [Set up Microsoft Entra join in your organization](/azure/active-directory/active-directory-azureadjoin-setup), before you use Windows Configuration Designer wizard to configure bulk Microsoft Entra enrollment. | ✔️ | ✔️ | ✔️ |
-| Add applications | Install applications using the provisioning package.  | ✔️ | ✔️ | ❌ |
-| Add certificates | Include a certificate file in the provisioning package. | ✔️ | ✔️ | ✔️ |
-| Configure kiosk account and app | Create local account to run the kiosk mode app, specify the app to run in kiosk mode | ❌ | ✔️ | ❌ |
-| Configure kiosk common settings | Set tablet mode, configure welcome and shutdown screens, turn off timeout settings | ❌ | ✔️ | ❌ |
-| Developer Setup | Enable Developer Mode  | ❌ | ❌ | ✔️ | 
+| Set up device | Assign device name, enter product key to upgrade Windows, configure shared use, remove pre-installed software | ✅ | ✅ | ✅ |
+| Set up network | Connect to a Wi-Fi network | ✅ | ✅ | ✅ |
+| Account management | Enroll device in Active Directory, enroll device in Microsoft Entra ID, or create a local administrator account | ✅ | ✅ | ✅ |
+| Bulk Enrollment in Microsoft Entra ID | Enroll device in Microsoft Entra ID using Bulk Token</br></br> [Set up Microsoft Entra join in your organization](/azure/active-directory/active-directory-azureadjoin-setup), before you use Windows Configuration Designer wizard to configure bulk Microsoft Entra enrollment. | ✅ | ✅ | ✅ |
+| Add applications | Install applications using the provisioning package.  | ✅ | ✅ | ❌ |
+| Add certificates | Include a certificate file in the provisioning package. | ✅ | ✅ | ✅ |
+| Configure kiosk account and app | Create local account to run the kiosk mode app, specify the app to run in kiosk mode | ❌ | ✅ | ❌ |
+| Configure kiosk common settings | Set tablet mode, configure welcome and shutdown screens, turn off timeout settings | ❌ | ✅ | ❌ |
+| Developer Setup | Enable Developer Mode  | ❌ | ❌ | ✅ | 
 
 - [Instructions for the desktop wizard](provision-pcs-for-initial-deployment.md)
 - [Instructions for the kiosk wizard](../kiosk-single-app.md#wizard)
diff --git a/windows/configuration/provisioning-packages/provisioning-powershell.md b/windows/configuration/provisioning-packages/provisioning-powershell.md
index 12f901538f..4b73e5ee64 100644
--- a/windows/configuration/provisioning-packages/provisioning-powershell.md
+++ b/windows/configuration/provisioning-packages/provisioning-powershell.md
@@ -9,12 +9,6 @@ ms.date: 12/31/2017
 
 # PowerShell cmdlets for provisioning Windows client (reference) 
 
-
-**Applies to** 
-
-- Windows 10
-- Windows 11 
-
 Windows client includes Provisioning PowerShell cmdlets. These cmdlets make it easy to script the following functions. 
 
 ## cmdlets 
diff --git a/windows/configuration/provisioning-packages/provisioning-script-to-install-app.md b/windows/configuration/provisioning-packages/provisioning-script-to-install-app.md
index 55921ffd19..84e3d393cd 100644
--- a/windows/configuration/provisioning-packages/provisioning-script-to-install-app.md
+++ b/windows/configuration/provisioning-packages/provisioning-script-to-install-app.md
@@ -2,24 +2,17 @@
 title: Use a script to install a desktop app in provisioning packages (Windows 10/11)
 description: With Windows 10/11, you can create provisioning packages that let you quickly and efficiently configure a device without having to install a new image.
 ms.topic: article 
-
 ms.reviewer: gkomatsu
 ms.date: 12/31/2017
 --- 
 
 # Use a script to install a desktop app in provisioning packages 
 
-
-**Applies to** 
-
-- Windows 10
-- Windows 11 
-
 This walkthrough describes how to include scripts in a Windows client provisioning package to install Win32 applications. Scripted operations other than installing apps can also be performed. However, some care is needed to avoid unintended behavior during script execution (see [Remarks](#remarks) below). 
 
 ## Assemble the application assets 
 
-1. On the device where you’re authoring the package, place all of your assets in a known location. Each asset must have a unique filename, because all files will be copied to the same temp directory on the device. It’s common for many apps to have an installer called ‘install.exe’ or similar, and there may be name overlap because of that. To fix this, you can use the technique described in the next step to include a complete directory structure that is then expanded into the temp directory on the device. The most common use for this would be to include a subdirectory for each application.  
+1. On the device where you're authoring the package, place all of your assets in a known location. Each asset must have a unique filename, because all files will be copied to the same temp directory on the device. It's common for many apps to have an installer called 'install.exe' or similar, and there may be name overlap because of that. To fix this, you can use the technique described in the next step to include a complete directory structure that is then expanded into the temp directory on the device. The most common use for this would be to include a subdirectory for each application.  
 
 2. If you need to include a directory structure of files, you will need to cab the assets for easy inclusion in the provisioning packages. 
 
@@ -108,7 +101,7 @@ This walkthrough describes how to include scripts in a Windows client provisioni
 
 Create a script to perform whatever work is needed to install the application(s). The following examples are provided to help get started authoring the orchestrator script that will execute the required installers. In practice, the orchestrator script may reference many more assets than those in these examples. 
 
-You don’t need to create an orchestrator script. You can have one command line per app. If necessary, you can create a script that logs the output per app, as mentioned below (rather than one orchestrator script for the entire provisioning package).  
+You don't need to create an orchestrator script. You can have one command line per app. If necessary, you can create a script that logs the output per app, as mentioned below (rather than one orchestrator script for the entire provisioning package).  
 
 >[!NOTE]
 >All actions performed by the script must happen silently, showing no UI and requiring no user interaction.
@@ -117,7 +110,7 @@ You don’t need to create an orchestrator script. You can have one command line
 
 ### Debugging example  
 
-Granular logging is not built in, so the logging must be built into the script itself. Here is an example script that logs ‘Hello World’ to a logfile. When run on the device, the logfile will be available after provisioning is completed. As you will see in the following examples, it’s recommended that you log each action that your script performs. 
+Granular logging is not built in, so the logging must be built into the script itself. Here is an example script that logs 'Hello World' to a logfile. When run on the device, the logfile will be available after provisioning is completed. As you will see in the following examples, it's recommended that you log each action that your script performs. 
 
 ```log
 set LOGFILE=%SystemDrive%\HelloWorld.log
@@ -181,7 +174,7 @@ Your provisioning package can include multiple **CommandFiles**.
 
 You are allowed one **CommandLine** per provisioning package. The batch files shown above are orchestrator scripts that manage the installation and call any other scripts included in the provisioning package. The orchestrator script is what should be invoked from the **CommandLine** specified in the package.  
 
-Here’s a table describing this relationship, using the PowerShell example from above: 
+Here's a table describing this relationship, using the PowerShell example from above: 
 
  
 
@@ -233,7 +226,7 @@ When you are done, [build the package](provisioning-create-package.md#build-pack
     2. For packages added by double-clicking on an already deployed device, this will be in the temp folder for the user executing the provisioning package: `%TMP%\ProvisioningPkgTmp\<{PackageIdGuid}>\Commands\0` 
 
 5. The command line will be executed with the directory the CommandFiles were deployed to as the working directory. This means you do not need to specific the full path to assets in the command line or from within any script.
-6. The runtime provisioning component will attempt to run the scripts from the provisioning package at the earliest point possible, depending on the stage when the PPKG was added. For example, if the package was added during the Out-of-Box Experience, it will be run immediately after the package is applied, while the out of box experience is still happening. This is before the user account configuration options are presented to the user. A spinning progress dialog will appear and “please wait” will be displayed on the screen.  
+6. The runtime provisioning component will attempt to run the scripts from the provisioning package at the earliest point possible, depending on the stage when the PPKG was added. For example, if the package was added during the Out-of-Box Experience, it will be run immediately after the package is applied, while the out of box experience is still happening. This is before the user account configuration options are presented to the user. A spinning progress dialog will appear and "please wait" will be displayed on the screen.  
 
     >[!NOTE]
     >There is a timeout of 30 minutes for the provisioning process at this point. All scripts and installs need to complete within this time. 
diff --git a/windows/configuration/provisioning-packages/provisioning-uninstall-package.md b/windows/configuration/provisioning-packages/provisioning-uninstall-package.md
index 30810671b9..6f332256d0 100644
--- a/windows/configuration/provisioning-packages/provisioning-uninstall-package.md
+++ b/windows/configuration/provisioning-packages/provisioning-uninstall-package.md
@@ -2,7 +2,6 @@
 title: Uninstall a provisioning package - reverted settings (Windows 10/11)
 description: This article lists the settings that are reverted when you uninstall a provisioning package on Windows 10/11 desktop client devices.
 ms.topic: article 
-
 ms.reviewer: gkomatsu
 ms.date: 12/31/2017
 --- 
@@ -10,11 +9,6 @@ ms.date: 12/31/2017
 # Settings changed when you uninstall a provisioning package 
 
 
-**Applies to** 
-
-- Windows 10
-- Windows 11 
-
 When you uninstall a provisioning package, only certain settings are revertible. This article lists the settings that are reverted when you uninstall a provisioning package. 
 
 
diff --git a/windows/configuration/shared-pc/set-up-shared-or-guest-pc.md b/windows/configuration/shared-pc/set-up-shared-or-guest-pc.md
index d2c272d271..3e05af5803 100644
--- a/windows/configuration/shared-pc/set-up-shared-or-guest-pc.md
+++ b/windows/configuration/shared-pc/set-up-shared-or-guest-pc.md
@@ -3,13 +3,6 @@ title: Set up a shared or guest Windows device
 description: Description of how to configured Shared PC mode, which is a Windows feature that optimizes devices for shared use scenarios.
 ms.date: 11/08/2023
 ms.topic: how-to
-author: paolomatarazzo
-ms.author: paoloma
-appliesto: 
-
-  - ✅ <b>Windows 10</b>
-  - ✅ <b>Windows 11</b>
-  - ✅ <b>Windows 11 SE</b>
 --- 
 
 # Set up a shared or guest Windows device 
diff --git a/windows/configuration/shared-pc/shared-devices-concepts.md b/windows/configuration/shared-pc/shared-devices-concepts.md
index 37192c9596..1a5a943367 100644
--- a/windows/configuration/shared-pc/shared-devices-concepts.md
+++ b/windows/configuration/shared-pc/shared-devices-concepts.md
@@ -3,13 +3,6 @@ title: Manage multi-user and guest Windows devices
 description: options to optimize Windows devices used in shared scenarios, such touchdown spaces in an enterprise, temporary customer use in retail or shared devices in a school.
 ms.date: 11/08/2023
 ms.topic: concept-article
-author: paolomatarazzo
-ms.author: paoloma
-appliesto: 
-
-  - ✅ <b>Windows 10</b>
-  - ✅ <b>Windows 11</b>
-  - ✅ <b>Windows 11 SE</b>
 --- 
 
 # Manage multi-user and guest Windows devices with Shared PC 
diff --git a/windows/configuration/shared-pc/shared-pc-technical.md b/windows/configuration/shared-pc/shared-pc-technical.md
index 367f472378..623303a671 100644
--- a/windows/configuration/shared-pc/shared-pc-technical.md
+++ b/windows/configuration/shared-pc/shared-pc-technical.md
@@ -3,13 +3,6 @@ title: Shared PC technical reference
 description: List of policies and settings applied by the Shared PC options.
 ms.date: 11/08/2023
 ms.topic: reference
-author: paolomatarazzo
-ms.author: paoloma
-appliesto: 
-
-  - ✅ <b>Windows 10</b>
-  - ✅ <b>Windows 11</b>
-  - ✅ <b>Windows 11 SE</b>
 --- 
 
 # Shared PC technical reference 
diff --git a/windows/configuration/start/customize-and-export-start-layout.md b/windows/configuration/start/customize-and-export-start-layout.md
index ca8904f3f8..24ca43f4cb 100644
--- a/windows/configuration/start/customize-and-export-start-layout.md
+++ b/windows/configuration/start/customize-and-export-start-layout.md
@@ -2,17 +2,14 @@
 title: Customize and export Start layout
 description: The easiest method for creating a customized Start layout is to set up the Start screen and export the layout.
 ms.topic: how-to 
-
+appliesto:
+- ✅ <a href=/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
 ms.date: 08/18/2023
 ms.collection:
  - tier1
 --- 
 
-# Customize and export Start layout 
-
-**Applies to**: 
-
-- Windows 10 
+# Customize and export Start layout
 
 >**Looking for consumer information?** See [Customize the Start menu](https://go.microsoft.com/fwlink/p/?LinkId=623630) 
 
diff --git a/windows/configuration/start/customize-start-menu-layout-windows-11.md b/windows/configuration/start/customize-start-menu-layout-windows-11.md
index 193aea9509..76a499b631 100644
--- a/windows/configuration/start/customize-start-menu-layout-windows-11.md
+++ b/windows/configuration/start/customize-start-menu-layout-windows-11.md
@@ -1,16 +1,13 @@
 ---
 title: Add or remove pinned apps on the Start menu in Windows 11
 description: Export Start layout to LayoutModification.json with pinned apps, and add or remove pinned apps. Use the JSON text in an MDM policy to deploy a custom Start menu layout to Windows 11 devices.
-ms.reviewer: ericpapa
 ms.date: 01/10/2023
 ms.topic: article
+appliesto:
+- ✅ <a href=/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
 --- 
 
-# Customize the Start menu layout on Windows 11 
-
-**Applies to**: 
-
-- Windows 11 
+# Customize the Start menu layout on Windows 11
 
 > **Looking for OEM information?** See [Customize the Taskbar](/windows-hardware/customize/desktop/customize-the-windows-11-taskbar) and [Customize the Start layout](/windows-hardware/customize/desktop/customize-the-windows-11-start-menu). 
 
diff --git a/windows/configuration/start/customize-windows-10-start-screens-by-using-group-policy.md b/windows/configuration/start/customize-windows-10-start-screens-by-using-group-policy.md
index 25d05349a1..479ea354ba 100644
--- a/windows/configuration/start/customize-windows-10-start-screens-by-using-group-policy.md
+++ b/windows/configuration/start/customize-windows-10-start-screens-by-using-group-policy.md
@@ -2,15 +2,12 @@
 title: Customize Windows 10 Start and taskbar with group policy
 description: In Windows 10, you can use a Group Policy Object (GPO) to deploy a customized Start layout to users in a domain.
 ms.date: 12/31/2017
+appliesto:
+- ✅ <a href=/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
 --- 
 
 # Customize Windows 10 Start and taskbar with Group Policy 
 
-
-**Applies to** 
-
-- Windows 10 
-
 >**Looking for consumer information?** See [Customize the Start menu](https://go.microsoft.com/fwlink/p/?LinkId=623630) 
 
 In Windows 10 Pro, Enterprise, and Education, you can use a Group Policy Object (GPO) to deploy a customized Start and taskbar layout to users in a domain. No reimaging is required, and the layout can be updated simply by overwriting the .xml file that contains the layout. This enables you to customize Start and taskbar layouts for different departments or organizations, with minimal management overhead. 
diff --git a/windows/configuration/start/customize-windows-10-start-screens-by-using-mobile-device-management.md b/windows/configuration/start/customize-windows-10-start-screens-by-using-mobile-device-management.md
index e108f8027e..6f725859d1 100644
--- a/windows/configuration/start/customize-windows-10-start-screens-by-using-mobile-device-management.md
+++ b/windows/configuration/start/customize-windows-10-start-screens-by-using-mobile-device-management.md
@@ -2,18 +2,13 @@
 title: Change the Windows 10 Start and taskbar using mobile device management | Microsoft Docs
 description: In Windows 10, you can use a mobile device management (MDM) policy to deploy a customized Start and taskbar layout to users. For example, use Microsoft Intune to configure the start menu layout and taskbar, and deploy the policy to your devices.
 ms.topic: article 
-
+appliesto:
+- ✅ <a href=/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
 ms.date: 08/05/2021
 --- 
 
 # Customize Windows 10 Start and taskbar with mobile device management (MDM) 
 
-
-**Applies to** 
-
-- Windows 10 
-
-
 >**Looking for consumer information?** [Customize the Start menu](https://go.microsoft.com/fwlink/p/?LinkId=623630) 
 
 In Windows 10 Pro, Windows 10 Enterprise, and Windows 10 Education, you can use a mobile device management (MDM) policy to deploy a customized Start and taskbar layout to users. No reimaging is required. The layout can be updated simply by overwriting the `.xml` file that contains the layout. This feature enables you to customize Start layouts for different departments or organizations, with minimal management overhead. 
diff --git a/windows/configuration/start/customize-windows-10-start-screens-by-using-provisioning-packages-and-icd.md b/windows/configuration/start/customize-windows-10-start-screens-by-using-provisioning-packages-and-icd.md
index 670815693d..1067c08488 100644
--- a/windows/configuration/start/customize-windows-10-start-screens-by-using-provisioning-packages-and-icd.md
+++ b/windows/configuration/start/customize-windows-10-start-screens-by-using-provisioning-packages-and-icd.md
@@ -2,17 +2,13 @@
 title: Customize Windows 10 Start and taskbar with provisioning packages
 description: In Windows 10, you can use a provisioning package to deploy a customized Start layout to users.
 ms.topic: article 
-
+appliesto:
+- ✅ <a href=/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
 ms.date: 12/31/2017
 --- 
 
 # Customize Windows 10 Start and taskbar with provisioning packages 
 
-
-**Applies to** 
-
-- Windows 10 
-
 > **Looking for consumer information?** [Customize the Start menu](https://go.microsoft.com/fwlink/p/?LinkId=623630) 
 
 > [!NOTE]
diff --git a/windows/configuration/start/start-layout-xml-desktop.md b/windows/configuration/start/start-layout-xml-desktop.md
index 5f4e03638d..ffa63d8fb2 100644
--- a/windows/configuration/start/start-layout-xml-desktop.md
+++ b/windows/configuration/start/start-layout-xml-desktop.md
@@ -3,16 +3,13 @@ title: Start layout XML for desktop editions of Windows 10
 description: This article describes the options for customizing Start layout in LayoutModification.xml for Windows 10 desktop editions.
 ms.topic: article
 ms.date: 10/02/2018 
-
+appliesto:
+- ✅ <a href=/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
 --- 
 
 # Start layout XML for desktop editions of Windows 10 (reference) 
 
 
-**Applies to** 
-
-- Windows 10 
-
 >**Looking for consumer information?** See [Customize the Start menu](https://go.microsoft.com/fwlink/p/?LinkId=623630) 
 
 On Windows 10 for desktop editions, the customized Start works by: 
@@ -379,7 +376,7 @@ The following sample LayoutModification.xml shows how you can configure the Star
   <RequiredStartGroupsCollection>
     <RequiredStartGroups
       Region="DE|ES|FR|GB|IT|US">
-	  <AppendGroup
+      <AppendGroup
         Name="Fabrikam Group 1">
         <start:Tile
           AppUserModelID="Microsoft.Office.Word_8wekyb3d8bbwe!microsoft.word"
@@ -396,7 +393,7 @@ The following sample LayoutModification.xml shows how you can configure the Star
           Size="2x2"
           Row="0"
           Column="4"/>
-      </AppendGroup>	  
+      </AppendGroup>      
 
       <AppendGroup
         Name="Fabrikam Group 2">
@@ -425,18 +422,18 @@ The following sample LayoutModification.xml shows how you can configure the Star
           Size="2x2"
           Row="0"
           Column="0"/>
-		<start:SecondaryTile
+        <start:SecondaryTile
           AppUserModelID="Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge"
           TileID="FabrikamWeblinkTile"
           Arguments="http://www.fabrikam.com"
           DisplayName="Fabrikam"
           Square150x150LogoUri="ms-appx:///Assets/MicrosoftEdgeSquare150x150.png"
           ShowNameOnSquare150x150Logo="true"
-		  BackgroundColor="#FF112233"
-		  Size="2x2"
+          BackgroundColor="#FF112233"
+          Size="2x2"
           Row="0"
           Column="2"/>
-      </AppendGroup>	  
+      </AppendGroup>      
 
     </RequiredStartGroups>
   </RequiredStartGroupsCollection> 
diff --git a/windows/configuration/start/start-secondary-tiles.md b/windows/configuration/start/start-secondary-tiles.md
index ed8870250d..3ed8ef32e6 100644
--- a/windows/configuration/start/start-secondary-tiles.md
+++ b/windows/configuration/start/start-secondary-tiles.md
@@ -1,24 +1,18 @@
 ---
 title: Add image for secondary Microsoft Edge tiles
 description: Add app tiles on Windows 10 that's a secondary tile. 
-
 ms.topic: article 
-
 ms.date: 12/31/2017
 --- 
 
 # Add image for secondary Microsoft Edge tiles  
 
-**Applies to** 
-
-- Windows 10 
-
 App tiles are the Start screen tiles that represent and launch an app. A tile that allows a user to go to a specific location in an app is a *secondary tile*. Some examples of secondary tiles include: 
 
 - Weather updates for a specific city in a weather app
 - A summary of upcoming events in a calendar app
 - Status and updates from an important contact in a social app
-- A website in Microsoft Edge 
+- A website in Microsoft Edge
 
 In a Start layout for Windows 10, version 1703, you can include secondary tiles for Microsoft Edge that display a custom image, rather than a tile with the standard Microsoft Edge logo.  
 
@@ -78,7 +72,7 @@ In Windows 10, version 1703, by using the PowerShell cmdlet `export-StartLayoutE
 
     Use a file name of your choice—for example, StartLayoutMarketing.xml. Include the .xml file name extension. The [Export-StartLayout](/powershell/module/startlayout/export-startlayout) cmdlet doesn't append the file name extension, and the policy settings require the extension. 
 
-3. If you’d like to change the image for a secondary tile to your own custom image, open the layout.xml file, and look for the images that the tile references.
+3. If you'd like to change the image for a secondary tile to your own custom image, open the layout.xml file, and look for the images that the tile references.
    - For example, your layout.xml contains `Square150x150LogoUri="ms-appdata:///local/PinnedTiles/21581260870/hires.png" Wide310x150LogoUri="ms-appx:///"` 
 
    - Open `C:\Users\<username>\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState\PinnedTiles\21581260870\` and replace those images with your customized images. 
diff --git a/windows/configuration/start/supported-csp-start-menu-layout-windows.md b/windows/configuration/start/supported-csp-start-menu-layout-windows.md
index 511d060b9c..bc9da688a6 100644
--- a/windows/configuration/start/supported-csp-start-menu-layout-windows.md
+++ b/windows/configuration/start/supported-csp-start-menu-layout-windows.md
@@ -1,19 +1,14 @@
 ---
 title: Supported CSP policies to customize Start menu on Windows 11 | Microsoft Docs
 description: See a list of the Policy CSP - Start items that are supported on Windows 11 to customize the Start menu.
-ms.reviewer: ericpapa 
-
 ms.date: 12/31/2017
 ms.topic: article
+appliesto:
+- ✅ <a href=/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
 --- 
 
 # Supported configuration service provider (CSP) policies for Windows 11 Start menu 
 
-**Applies to**: 
-
-- Windows 11
-- Windows 11, version 22H2 
-
 The Windows OS exposes CSPs that are used by MDM providers, like [Microsoft Intune](/mem/intune/fundamentals/what-is-intune). In an MDM policy, these CSPs are settings that you configure in a policy. When the policy is ready, you deploy the policy to your devices. 
 
 This article lists the CSPs that are available to customize the Start menu for Windows 11 devices. Windows 11 uses the [Policy CSP - Start](/windows/client-management/mdm/policy-csp-start). For more general information, see [Configuration service provider (CSP) reference](/windows/client-management/mdm/configuration-service-provider-reference). 
diff --git a/windows/configuration/start/windows-10-start-layout-options-and-policies.md b/windows/configuration/start/windows-10-start-layout-options-and-policies.md
index c12bd19658..440863ea67 100644
--- a/windows/configuration/start/windows-10-start-layout-options-and-policies.md
+++ b/windows/configuration/start/windows-10-start-layout-options-and-policies.md
@@ -5,13 +5,7 @@ ms.topic: article
 ms.date: 08/05/2021
 --- 
 
-# Customize the Start menu and taskbar layout on Windows 10 and later devices 
-
-**Applies to**: 
-
-- Windows 10 version 1607 and later
-- Windows Server 2016 with Desktop Experience
-- Windows Server 2019 with Desktop Experience 
+# Customize the Start menu and taskbar layout on Windows 10 and later devices
 
 > **Looking for consumer information?** [See what's on the Start menu](https://support.microsoft.com/help/17195/windows-10-see-whats-on-the-menu)
 >
diff --git a/windows/configuration/wcd/wcd-accountmanagement.md b/windows/configuration/wcd/wcd-accountmanagement.md
index ad17ea4b07..097f3cf34e 100644
--- a/windows/configuration/wcd/wcd-accountmanagement.md
+++ b/windows/configuration/wcd/wcd-accountmanagement.md
@@ -1,10 +1,10 @@
 ---
 title: AccountManagement
-description: This section describes the account management settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the account management settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 ms.topic: reference
 
-ms.date: 04/30/2018 
---- 
+ms.date: 04/30/2018
+---
 
 # AccountManagement (Windows Configuration Designer reference)
 
@@ -18,33 +18,33 @@ Use these settings to configure the Account Manager service.
 | [EnableProfileManager](#enableprofilemanager) |  |  | ✅ |  |
 | [ProfileInactivityThreshold](#profileinactivitythreshold) |  |  | ✅ |  |
 | [StorageCapacityStartDeletion](#storagecapacitystartdeletion) |  |  | ✅ |  |
-| [StorageCapacityStopDeletion](#storagecapacitystopdeletion) |  |  | ✅ |  | 
+| [StorageCapacityStopDeletion](#storagecapacitystopdeletion) |  |  | ✅ |  |
 
 >[!NOTE]
->Although the AccountManagement settings are available in advanced provisioning for other editions, you should only use them for HoloLens devices. 
+>Although the AccountManagement settings are available in advanced provisioning for other editions, you should only use them for HoloLens devices.
 
 
-## DeletionPolicy 
+## DeletionPolicy
 
-Use this setting to set a policy for deleting accounts. 
+Use this setting to set a policy for deleting accounts.
 
 - **Delete immediately**: When the account signs out, it will be deleted immediately.
 - **Delete at storage capacity threshold**: Accounts will be deleted when available disk space falls below the threshold you set for **StorageCapacityStartDeletion**. When the available disk space reaches the threshold you set for **StorageCapacityStopDeletion**, the Account Manager will stop deleting accounts.
-- **Delete at storage capacity threshold and profile inactivity threshold**: This setting will apply the same disk space checks as noted above, and will also delete accounts if they have not signed in within the number of days specified by **ProfileInactivityThreshold**. 
+- **Delete at storage capacity threshold and profile inactivity threshold**: This setting will apply the same disk space checks as noted above, and will also delete accounts if they have not signed in within the number of days specified by **ProfileInactivityThreshold**.
 
-## EnableProfileManager 
+## EnableProfileManager
 
-Set as **True** to enable automatic account management. If this is not set to **True**, no automatic account management will occur. 
+Set as **True** to enable automatic account management. If this is not set to **True**, no automatic account management will occur.
 
 
-## ProfileInactivityThreshold 
+## ProfileInactivityThreshold
 
-If you set **DeletionPolicy** as **Delete at storage capacity threshold and profile inactivity threshold**, use this setting to configure the number of days after which an account that has not signed in will be deleted. 
+If you set **DeletionPolicy** as **Delete at storage capacity threshold and profile inactivity threshold**, use this setting to configure the number of days after which an account that has not signed in will be deleted.
 
-## StorageCapacityStartDeletion 
+## StorageCapacityStartDeletion
 
-Enter the percent of total storage available for user profiles. If **DeletionPolicy** is set to **Delete at storage capacity threshold** or **Delete at storage capacity threshold and profile inactivity threshold**, profiles will be deleted when available storage capacity falls below this threshold, until the value that you set for **StorageCapacityStopDeletion** is reached. Profiles that have been inactive the longest will be deleted first. 
+Enter the percent of total storage available for user profiles. If **DeletionPolicy** is set to **Delete at storage capacity threshold** or **Delete at storage capacity threshold and profile inactivity threshold**, profiles will be deleted when available storage capacity falls below this threshold, until the value that you set for **StorageCapacityStopDeletion** is reached. Profiles that have been inactive the longest will be deleted first.
 
-## StorageCapacityStopDeletion 
+## StorageCapacityStopDeletion
 
 Enter the percent of total storage at which to stop deleting profiles. If **DeletionPolicy** is set to **Delete at storage capacity threshold** or **Delete at storage capacity threshold and profile inactivity threshold**, profiles will be deleted when available storage capacity falls below the threshold set for **StorageCapacityStartDeletion**, until the value that you set for **StorageCapacityStopDeletion** is reached. Profiles that have been inactive the longest will be deleted first.
diff --git a/windows/configuration/wcd/wcd-accounts.md b/windows/configuration/wcd/wcd-accounts.md
index 28b6be333d..d8b1b5cc38 100644
--- a/windows/configuration/wcd/wcd-accounts.md
+++ b/windows/configuration/wcd/wcd-accounts.md
@@ -1,39 +1,39 @@
 ---
 title: Accounts
-description: This section describes the account settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the account settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 04/30/2018 
+ms.date: 04/30/2018
 
---- 
+---
 
-# Accounts (Windows Configuration Designer reference) 
+# Accounts (Windows Configuration Designer reference)
 
-Use these settings to join a device to an Active Directory domain or a Microsoft Entra tenant, or to add local user accounts to the device. 
+Use these settings to join a device to an Active Directory domain or a Microsoft Entra tenant, or to add local user accounts to the device.
 
-## Applies to 
+## Applies to
 
 | Setting groups | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | :---: | :---: | :---: | :---: | 
+| --- | :---: | :---: | :---: | :---: |
 | [Azure](#azure) | ✅ | ✅ | ✅ |  |
 | [ComputerAccount](#computeraccount) | ✅ | ✅ |   |  ✅ |
-| [Users](#users) | ✅ | ✅ | ✅ |  | 
+| [Users](#users) | ✅ | ✅ | ✅ |  |
 
 
-## Azure 
+## Azure
 
-The **Azure > Authority** and **Azure > BPRT** settings for bulk Microsoft Entra enrollment can only be configured using one of the provisioning wizards. After you get a bulk token for Microsoft Entra enrollment in a wizard, you can switch to the advanced editor to configure more provisioning settings. For information about using the wizards, see: 
+The **Azure > Authority** and **Azure > BPRT** settings for bulk Microsoft Entra enrollment can only be configured using one of the provisioning wizards. After you get a bulk token for Microsoft Entra enrollment in a wizard, you can switch to the advanced editor to configure more provisioning settings. For information about using the wizards, see:
 
 - [Instructions for desktop wizard](../provisioning-packages/provision-pcs-for-initial-deployment.md)
-- [Instructions for the kiosk wizard](../kiosk-single-app.md#wizard) 
+- [Instructions for the kiosk wizard](../kiosk-single-app.md#wizard)
 
-## ComputerAccount 
+## ComputerAccount
 
-Specifies the settings you can configure when joining a device to a domain, including the computer name and the account to use for joining the computer to the domain. 
+Specifies the settings you can configure when joining a device to a domain, including the computer name and the account to use for joining the computer to the domain.
 
 >[!NOTE]
->If you want to create a provisioning package that joins a device to Active Directory AND sets `HideOobe`, and you want to apply that package during OOBE, we also recommend setting the `ComputerName` and creating a local admin account in the provisioning package. 
+>If you want to create a provisioning package that joins a device to Active Directory AND sets `HideOobe`, and you want to apply that package during OOBE, we also recommend setting the `ComputerName` and creating a local admin account in the provisioning package.
 
 | Setting | Value | Description |
 | --- | --- | --- |
@@ -41,11 +41,11 @@ Specifies the settings you can configure when joining a device to a domain, incl
 | AccountOU | Enter the full path for the organizational unit. For example: OU=testOU,DC=domain,DC=Domain,DC=com.  | Name of organizational unit for the computer account  |
 | ComputerName | On desktop PCs, this setting specifies the DNS hostname of the computer (Computer Name) up to 63 characters. Use `%RAND:x%` to generate x number of random digits in the name, where x must be a number less than 63. For domain-joined computers, the unique name must use `%RAND:x%`. Use `%SERIAL%` to generate the name with the `computer's` serial number embedded. If the serial number exceeds the character limit, it will be truncated from the beginning of the sequence. The character restriction limit doesn't count the length of the macros, including `%RAND:x%` and `%SERIAL%`. This setting is supported only in Windows 10, version 1803 and later. To change this setting in Windows 10 version 1709 and earlier releases, use the **ComputerName** setting under **Accounts**. | Specifies the name of the Windows device (computer name on PCs)  |
 | DomainName | String (can't be empty) | Specify the name of the domain that the device will join  |
-| Password | String (can't be empty) | Corresponds to the password of the user account that's authorized to join the computer account to the domain.  | 
+| Password | String (can't be empty) | Corresponds to the password of the user account that's authorized to join the computer account to the domain.  |
 
-## Users 
+## Users
 
-Use these settings to add local user accounts to the device. 
+Use these settings to add local user accounts to the device.
 
 | Setting | Value | Description |
 | --- | --- | --- |
diff --git a/windows/configuration/wcd/wcd-admxingestion.md b/windows/configuration/wcd/wcd-admxingestion.md
index 3b42ef6421..40a939c84f 100644
--- a/windows/configuration/wcd/wcd-admxingestion.md
+++ b/windows/configuration/wcd/wcd-admxingestion.md
@@ -1,109 +1,109 @@
 ---
 title: ADMXIngestion
-description: This section describes the ADMXIngestion settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the ADMXIngestion settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 09/06/2017 
+ms.date: 09/06/2017
 
---- 
+---
 
-# ADMXIngestion (Windows Configuration Designer reference) 
+# ADMXIngestion (Windows Configuration Designer reference)
 
-Starting in Windows 10, version 1703, you can import (*ingest*) Group Policy administrative templates (ADMX files) and configure values for ADMX-backed policies in a provisioning package. To see which types of ADMX-backed policies can be applied, see [Win32 and Desktop Bridge app policy configuration overview](/windows/client-management/mdm/win32-and-centennial-app-policy-configuration).  
+Starting in Windows 10, version 1703, you can import (*ingest*) Group Policy administrative templates (ADMX files) and configure values for ADMX-backed policies in a provisioning package. To see which types of ADMX-backed policies can be applied, see [Win32 and Desktop Bridge app policy configuration overview](/windows/client-management/mdm/win32-and-centennial-app-policy-configuration).
 
-- The settings under [ConfigADMXInstalledPolicy](#configadmxinstalledpolicy) allow you to set values for policies in the imported ADMX file. 
+- The settings under [ConfigADMXInstalledPolicy](#configadmxinstalledpolicy) allow you to set values for policies in the imported ADMX file.
 
-- The settings under [ConfigOperations](#configoperations) specify the ADMX file to be imported. 
+- The settings under [ConfigOperations](#configoperations) specify the ADMX file to be imported.
 
 
 >[!IMPORTANT]
->Only device scope policies (class="Machine" or class="Both") can be set using a provisioning package. 
+>Only device scope policies (class="Machine" or class="Both") can be set using a provisioning package.
 
-## Applies to 
+## Applies to
 
 | Setting groups | Windows client | Surface Hub | HoloLens | IoT Enterprise |
 | --- | :---: | :---: | :---: | :---: |
 | [ConfigADMXInstalledPolicy](#configadmxinstalledpolicy)  | ✅ |  |  | ✅ |
-| [ConfigOperations](#configoperations)  | ✅ |  |   | ✅ | 
+| [ConfigOperations](#configoperations)  | ✅ |  |   | ✅ |
 
-## ConfigOperations 
+## ConfigOperations
 
-Use **ConfigOperations** to import ADMX policies from an ADMX file. 
+Use **ConfigOperations** to import ADMX policies from an ADMX file.
 
-1. Enter an app name, and then click **Add**.  
+1. Enter an app name, and then click **Add**.
 
     This can be any name you assign, so choose something descriptive to help you identify its purpose. For example, if you are importing ADMX for Chromium Edge, enter an app name.
-    
 
-    Example, `MSEdgeEfficiencyMode` 
 
-2. Select the app name in the Customizations pane, select a setting type, and then click **Add**.  
+    Example, `MSEdgeEfficiencyMode`
 
-    The choices, **Policy** and **Preference**, have no impact on the behavior of the settings, and are only provided for your convenience should you want to categorize the settings you add. 
+2. Select the app name in the Customizations pane, select a setting type, and then click **Add**.
 
-    
+    The choices, **Policy** and **Preference**, have no impact on the behavior of the settings, and are only provided for your convenience should you want to categorize the settings you add.
 
-3. Select the setting type in the Customizations pane. In the **AdmxFileUid** field, enter the name of the ADMX file or a unique ID for the file, and then click **Add**. 
 
-    The **AdmxFileUid** can be any string, but must be unique in the provisioning package. Using the name of the ADMX file will help you identify the file in the future. 
 
-    
+3. Select the setting type in the Customizations pane. In the **AdmxFileUid** field, enter the name of the ADMX file or a unique ID for the file, and then click **Add**.
 
-    Example, `MSEdgeEfficiencyMode` 
+    The **AdmxFileUid** can be any string, but must be unique in the provisioning package. Using the name of the ADMX file will help you identify the file in the future.
+
+
+
+    Example, `MSEdgeEfficiencyMode`
 
     >[!NOTE]
-    >Keeping the AdmxFileUid and AppName the same will help prevent authorizing errors.  
+    >Keeping the AdmxFileUid and AppName the same will help prevent authorizing errors.
 
-4. Select the AdmxFileUid in the Customizations pane, and paste the contents of the ADMX file in the text field. Before copying the contents of the ADMX file, you must convert it to a single-line. See [Convert multi-line to single line](#convert) for instructions. 
+4. Select the AdmxFileUid in the Customizations pane, and paste the contents of the ADMX file in the text field. Before copying the contents of the ADMX file, you must convert it to a single-line. See [Convert multi-line to single line](#convert) for instructions.
 
     >[!NOTE]
-    >When you have a large ADMX file, you may want to only include specific settings. Instead of pasting in the entire ADMX file, you can paste just one or more specific policies (after converting them to single-line).  
+    >When you have a large ADMX file, you may want to only include specific settings. Instead of pasting in the entire ADMX file, you can paste just one or more specific policies (after converting them to single-line).
+
 
-    
 
     Example, EfficiencyMode
     ```XML
     <policy class="Both" displayName="$(string.EfficiencyMode)" explainText="$(string.EfficiencyMode_Explain)" key="Software\Policies\Microsoft\Edge" name="EfficiencyMode" presentation="$(presentation.EfficiencyMode)">      <parentCategory ref="Performance"/>      <supportedOn ref="SUPPORTED_WIN7_V96"/>      <elements>        <enum id="EfficiencyMode" valueName="EfficiencyMode">          <item displayName="$(string.EfficiencyMode_AlwaysActive)">            <value>              <decimal value="0"/>            </value>          </item>          <item displayName="$(string.EfficiencyMode_NeverActive)">            <value>              <decimal value="1"/>            </value>          </item>          <item displayName="$(string.EfficiencyMode_ActiveWhenUnplugged)">            <value>              <decimal value="2"/>            </value>          </item>          <item displayName="$(string.EfficiencyMode_ActiveWhenUnpluggedBatteryLow)">            <value>              <decimal value="3"/>            </value>          </item>        </enum>      </elements>    </policy>
     ```
-    
-
-5. Repeat for each ADMX, or set of ADMX policies, that you want to add, and then configure [ConfigADMXInstalledPolicy](#configadmxinstalledpolicy) for each one. 
-
-<span id="convert"/> 
 
 
-## ConfigADMXInstalledPolicy 
+5. Repeat for each ADMX, or set of ADMX policies, that you want to add, and then configure [ConfigADMXInstalledPolicy](#configadmxinstalledpolicy) for each one.
+
+<span id="convert"/>
+
+
+## ConfigADMXInstalledPolicy
 
 >[!IMPORTANT]
->Configure the settings to import the ADMX file in [ConfigOperations](#configoperations) first.  
+>Configure the settings to import the ADMX file in [ConfigOperations](#configoperations) first.
 
-In **ConfigADMXInstalledPolicy**, you provide a policy setting and value for that policy from the imported ADMX. You will need information from the ADMX that you import in **ConfigOperations** to complete **ConfigADMXInstalledPolicy**. 
+In **ConfigADMXInstalledPolicy**, you provide a policy setting and value for that policy from the imported ADMX. You will need information from the ADMX that you import in **ConfigOperations** to complete **ConfigADMXInstalledPolicy**.
 
-1. Enter an area name, and then click **Add**. The structure of the area name is the following: 
+1. Enter an area name, and then click **Add**. The structure of the area name is the following:
 
     `<AppName (from ConfigOperations)>~<SettingType>~<category name from ADMX>`
-    
 
-    See [Category and policy in ADMX](#category-and-policy-in-admx) for more information. A setting may have multiple levels of category names, as in the following example. 
 
-    
+    See [Category and policy in ADMX](#category-and-policy-in-admx) for more information. A setting may have multiple levels of category names, as in the following example.
+
+
 
     Example: `MSEdgeEfficiencyMode~Policy~microsoft_edge~Performance`
-    
-
-2. Select the area name in the Customization pane, enter a policy name from the ADMX, and then click **Add**.  
-
-    Example, `EfficiencyMode`. 
-
-3. Select the policy name in the Customization pane, and then enter a value from the ADMX in the text field.  
-
-    Example, `<enabled/><data id="EfficiencyMode" Value="2">`. 
 
 
-## Category and policy in ADMX 
+2. Select the area name in the Customization pane, enter a policy name from the ADMX, and then click **Add**.
 
-The following samples show the ADMX file for Chromium Edge used in the examples in the procedures above. The first sample highlights the category names. 
+    Example, `EfficiencyMode`.
+
+3. Select the policy name in the Customization pane, and then enter a value from the ADMX in the text field.
+
+    Example, `<enabled/><data id="EfficiencyMode" Value="2">`.
+
+
+## Category and policy in ADMX
+
+The following samples show the ADMX file for Chromium Edge used in the examples in the procedures above. The first sample highlights the category names.
 
 ```XML
   <categories>
@@ -113,9 +113,9 @@ The following samples show the ADMX file for Chromium Edge used in the examples
     </category>
   </categories>
 ```
-<!--![Snippet of ADMX shows category names highlighted.](../images/admx-category.png)--> 
+<!--![Snippet of ADMX shows category names highlighted.](../images/admx-category.png)-->
 
-The next sample highlights the specific policy. 
+The next sample highlights the specific policy.
 
 ```XML
     <policy class="Both" displayName="$(string.EfficiencyMode)" explainText="$(string.EfficiencyMode_Explain)" key="Software\Policies\Microsoft\Edge" name="EfficiencyMode" presentation="$(presentation.EfficiencyMode)">
@@ -147,18 +147,18 @@ The next sample highlights the specific policy.
       </elements>
     </policy>
 ```
-<!--![Snipped of ADMX shows policy setting highlighted.](../images/admx-policy.png)--> 
+<!--![Snipped of ADMX shows policy setting highlighted.](../images/admx-policy.png)-->
 
 
-## Convert multi-line to single line 
+## Convert multi-line to single line
 
-Use the following PowerShell cmdlet to remove carriage returns and line feeds from a multi-line file to create a single-line file that you can paste in **AdmxFileUid**. 
+Use the following PowerShell cmdlet to remove carriage returns and line feeds from a multi-line file to create a single-line file that you can paste in **AdmxFileUid**.
 
 ```PS
 $outputFile = "output.admx"
 $inputFile = "input.admx"
 (Get-Content $inputFile -Raw).Replace("`r`n","") | Set-Content $outputFile -Force
-``` 
+```
 
 ## Configuration Samples
 Example: Edge Efficiency Mode
@@ -200,9 +200,9 @@ Example: Edge Efficiency Mode
     </Customizations>
   </Settings>
 </WindowsCustomizations>
-``` 
+```
 
-## Related topics 
+## Related topics
 
 - [Policy configuration service provider (CSP): ADMX-backed policies](/windows/client-management/mdm/policy-configuration-service-provider)
 - [Understanding ADMX-backed policies](/windows/client-management/mdm/understanding-admx-backed-policies)
diff --git a/windows/configuration/wcd/wcd-assignedaccess.md b/windows/configuration/wcd/wcd-assignedaccess.md
index b40cd910e0..b691f61675 100644
--- a/windows/configuration/wcd/wcd-assignedaccess.md
+++ b/windows/configuration/wcd/wcd-assignedaccess.md
@@ -1,44 +1,44 @@
 ---
 title: AssignedAccess
-description: This section describes the AssignedAccess setting that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the AssignedAccess setting that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 04/30/2018 
+ms.date: 04/30/2018
 
---- 
+---
 
-# AssignedAccess (Windows Configuration Designer reference) 
+# AssignedAccess (Windows Configuration Designer reference)
 
-Use this setting to configure single use (kiosk) devices. 
+Use this setting to configure single use (kiosk) devices.
 
-## Applies to 
+## Applies to
 
 | Setting | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
 | [AssignedAccessSettings](#assignedaccesssettings)  | ✅ |  | ✅ |  |
-| [MultiAppAssignedAccessSettings](#multiappassignedaccesssettings) | ✅ |  | ✅ |  | 
+| [MultiAppAssignedAccessSettings](#multiappassignedaccesssettings) | ✅ |  | ✅ |  |
 
 
-## AssignedAccessSettings 
+## AssignedAccessSettings
 
-Enter the account and the application you want to use for Assigned access, using [the AUMID](../find-the-application-user-model-id-of-an-installed-app.md). When that user account signs in on the device, only the specified app will run.  
+Enter the account and the application you want to use for Assigned access, using [the AUMID](../find-the-application-user-model-id-of-an-installed-app.md). When that user account signs in on the device, only the specified app will run.
 
-**Example**: 
+**Example**:
 
-`{"Account":"domain\user", "AUMID":"Microsoft.WindowsCalculator_8wekyb3d8bbwe!App"}` 
+`{"Account":"domain\user", "AUMID":"Microsoft.WindowsCalculator_8wekyb3d8bbwe!App"}`
 
-## MultiAppAssignedAccessSettings 
+## MultiAppAssignedAccessSettings
 
 >[!NOTE]
->MultiAppAssignedAccessSettings is supported on Windows 10, version 1709 only. 
+>MultiAppAssignedAccessSettings is supported on Windows 10, version 1709 only.
 
-Use this setting to configure a kiosk device that runs more than one app. 
+Use this setting to configure a kiosk device that runs more than one app.
 
 1. Create an assigned access configuration XML file for multiple apps [(desktop](../lock-down-windows-10-to-specific-apps.md) or [HoloLens)](/hololens/hololens-provisioning).
 2. In Windows Configuration Designer, select **MultiAppAssignedAccessSettings**.
-3. Browse to and select the assigned access configuration XML file. 
+3. Browse to and select the assigned access configuration XML file.
 
-## Related topics 
+## Related topics
 
 - [AssignedAccess configuration service provider (CSP)](/windows/client-management/mdm/assignedaccess-csp)
diff --git a/windows/configuration/wcd/wcd-browser.md b/windows/configuration/wcd/wcd-browser.md
index e673a885af..ae06fd2c37 100644
--- a/windows/configuration/wcd/wcd-browser.md
+++ b/windows/configuration/wcd/wcd-browser.md
@@ -1,18 +1,18 @@
 ---
 title: Browser
-description: This section describes the Browser settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the Browser settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 10/02/2018 
+ms.date: 10/02/2018
 
---- 
+---
 
-# Browser (Windows Configuration Designer reference) 
+# Browser (Windows Configuration Designer reference)
 
-Use to configure browser settings that should only be set by OEMs who are part of the Partner Search Code program. 
+Use to configure browser settings that should only be set by OEMs who are part of the Partner Search Code program.
 
-## Applies to 
+## Applies to
 
 | Setting groups | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
@@ -20,79 +20,79 @@ Use to configure browser settings that should only be set by OEMs who are part o
 | [FavoriteBarItems](#favoritebaritems) | ✅ |  |  |  |
 | [Favorites](#favorites) |  |  |  |  |
 | [PartnerSearchCode](#partnersearchcode)  | ✅ | ✅ |  |  |
-| [SearchProviders](#searchproviders) |   |   |  |  | 
+| [SearchProviders](#searchproviders) |   |   |  |  |
 
 
-## AllowPrelaunch 
+## AllowPrelaunch
 
-Use this setting to allow Microsoft Edge to pre-launch during Windows sign-in, when the system is idle, and each time that Microsoft Edge is closed. Pre-launch minimizes the amount of time required to start Microsoft Edge. 
+Use this setting to allow Microsoft Edge to pre-launch during Windows sign-in, when the system is idle, and each time that Microsoft Edge is closed. Pre-launch minimizes the amount of time required to start Microsoft Edge.
 
-Select between **Prevent Pre-launching** and **Allow Pre-launching**. 
+Select between **Prevent Pre-launching** and **Allow Pre-launching**.
 
-## FavoriteBarItems 
+## FavoriteBarItems
 
-Use to add items to the Favorites Bar in Microsoft Edge. 
+Use to add items to the Favorites Bar in Microsoft Edge.
 
 1. Enter a name for the item, and select **Add**. (The name you enter here's only used to distinguish the group of settings, and isn't shown on the device when the settings are applied.)
-2. In **Available customizations**, select the item that you added, and then configure the following settings for that item: 
+2. In **Available customizations**, select the item that you added, and then configure the following settings for that item:
 
 Setting | Description
 --- | ---
 ItemFavIconFile | Enter the path to the icon file, local to the device where the browser will run. The icon file must be added to the device to the specified path.
 ItemName | Enter the name for the item, which will be displayed on the Favorites Bar.
-ItemUrl | Enter the target URL for the item. 
+ItemUrl | Enter the target URL for the item.
 
-## Favorites 
+## Favorites
 
-Use to configure the default list of Favorites that show up in the browser. 
+Use to configure the default list of Favorites that show up in the browser.
 
-To add a new item under the browser's **Favorites** list: 
+To add a new item under the browser's **Favorites** list:
 
-1. In the **Name** field, enter a friendly name for the item, and then click **Add**. 
+1. In the **Name** field, enter a friendly name for the item, and then click **Add**.
 
-2. In the **Available customizations** pane, select the friendly name that you created, and in the text field, enter the URL for the item. 
+2. In the **Available customizations** pane, select the friendly name that you created, and in the text field, enter the URL for the item.
 
-For example, to include the corporate Web site to the list of browser favorites, a company called Contoso can specify **Contoso** as the value for the name and `http://www.contoso.com` for the URL.  
+For example, to include the corporate Web site to the list of browser favorites, a company called Contoso can specify **Contoso** as the value for the name and `http://www.contoso.com` for the URL.
 
 
-## PartnerSearchCode 
+## PartnerSearchCode
 
 >[!IMPORTANT]
->This setting should only be set by OEMs who are part of the Partner Search Code program. 
+>This setting should only be set by OEMs who are part of the Partner Search Code program.
 
-Set the value to a character string that corresponds to the OEM's Partner Search Code. This identification code must match the one assigned to you by Microsoft. 
+Set the value to a character string that corresponds to the OEM's Partner Search Code. This identification code must match the one assigned to you by Microsoft.
 
-OEMs who are part of the program only have one PartnerSearchCode which should be used for all Windows 10 for desktop editions images. 
-
-  
+OEMs who are part of the program only have one PartnerSearchCode which should be used for all Windows 10 for desktop editions images.
 
 
-## SearchProviders 
 
-Contains the settings you can use to configure the default and other search providers. 
 
-### Default 
+## SearchProviders
 
-Use *Default* to specify a name that matches one of the search providers you enter in [SearchProviderList](#searchproviderlist). If you don't specify a default search provider, this search provider will default to Microsoft Bing.  
+Contains the settings you can use to configure the default and other search providers.
 
-#### Specific region guidance 
+### Default
 
-Some countries/regions require specific, default search providers. The following table lists the applicable countries/regions and information for configuring the necessary search provider. 
+Use *Default* to specify a name that matches one of the search providers you enter in [SearchProviderList](#searchproviderlist). If you don't specify a default search provider, this search provider will default to Microsoft Bing.
+
+#### Specific region guidance
+
+Some countries/regions require specific, default search providers. The following table lists the applicable countries/regions and information for configuring the necessary search provider.
 
 >[!NOTE]
->For Russia + Commonwealth of Independent States (CIS), the independent states consist of Russia, Ukraine, Georgia, The Republic of Azerbaijan, Republic Of Belarus, The Republic of Kazakhstan, The Kyrgyz Republic, The Republic of Moldova, The Republic of Tajikistan, The Republic of Armenia, Turkmenistan, The Republic of Uzbekistan, and Türkiye. 
+>For Russia + Commonwealth of Independent States (CIS), the independent states consist of Russia, Ukraine, Georgia, The Republic of Azerbaijan, Republic Of Belarus, The Republic of Kazakhstan, The Kyrgyz Republic, The Republic of Moldova, The Republic of Tajikistan, The Republic of Armenia, Turkmenistan, The Republic of Uzbekistan, and Türkiye.
 
- 
 
-### SearchProviderList 
 
-Use to specify a list of extra search providers. 
+### SearchProviderList
 
-1. In the **Name** field, enter a name for the item, and then click **Add**. 
+Use to specify a list of extra search providers.
 
-2. In the **Available customizations** pane, select the name that you created, and in the text field, enter the URL for the other search provider. 
+1. In the **Name** field, enter a name for the item, and then click **Add**.
 
-For example, to specify Yandex in Russia and Commonwealth of Independent States (CIS), set the value of URL to "https://yandex.ru/search/touch/?text={searchTerm}&clid=2234144". 
+2. In the **Available customizations** pane, select the name that you created, and in the text field, enter the URL for the other search provider.
 
-When configured with multiple search providers, the browser can display up to 10 search providers. 
+For example, to specify Yandex in Russia and Commonwealth of Independent States (CIS), set the value of URL to "https://yandex.ru/search/touch/?text={searchTerm}&clid=2234144".
+
+When configured with multiple search providers, the browser can display up to 10 search providers.
 
diff --git a/windows/configuration/wcd/wcd-cellular.md b/windows/configuration/wcd/wcd-cellular.md
index ad83e02fce..2b7c0cb133 100644
--- a/windows/configuration/wcd/wcd-cellular.md
+++ b/windows/configuration/wcd/wcd-cellular.md
@@ -1,77 +1,77 @@
 ---
 title: Cellular
-description: This section describes the Cellular settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the Cellular settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
 ms.date: 12/31/2017
---- 
+---
 
-# Cellular (Windows Configuration Designer reference) 
+# Cellular (Windows Configuration Designer reference)
 
-Use to configure settings for cellular connections. 
+Use to configure settings for cellular connections.
 
 >[!IMPORTANT]
->These settings are intended to be used only by manufacturers, mobile operators, and solution providers when configuring devices, and are not intended for use by administrators in the enterprise. 
+>These settings are intended to be used only by manufacturers, mobile operators, and solution providers when configuring devices, and are not intended for use by administrators in the enterprise.
 
-## Applies to 
+## Applies to
 
 | Setting groups | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| All settings | ✅ |  |  |  | 
+| All settings | ✅ |  |  |  |
 
-## PerDevice 
+## PerDevice
 
-See [SignalBarMappingTable](#signalbarmappingtable) 
+See [SignalBarMappingTable](#signalbarmappingtable)
 
-## PerSimSettings 
+## PerSimSettings
 
-To begin, enter a SIM integrated circuit card identifier (**SimIccid**), and click **Add**. In the **Customizations** pane, select the SimIccid that you just entered and configure the following settings for it. 
+To begin, enter a SIM integrated circuit card identifier (**SimIccid**), and click **Add**. In the **Customizations** pane, select the SimIccid that you just entered and configure the following settings for it.
 
-### AccountExperienceURL 
+### AccountExperienceURL
 
-Enter the URL for the mobile operator's web page. 
+Enter the URL for the mobile operator's web page.
 
-### AppID 
+### AppID
 
-Enter the AppID for the mobile operator's app in Microsoft Store. 
+Enter the AppID for the mobile operator's app in Microsoft Store.
 
-### BrandingIcon 
+### BrandingIcon
 
-Browse to and select an .ico file. 
+Browse to and select an .ico file.
 
-### BrandingIconPath 
+### BrandingIconPath
 
-Enter the destination path for the BrandingIcon .ico file. 
+Enter the destination path for the BrandingIcon .ico file.
 
-### BrandingName 
+### BrandingName
 
-Enter the service provider name for the mobile operator. 
+Enter the service provider name for the mobile operator.
 
-### DataClassMappingTable 
+### DataClassMappingTable
 
-Enter a customized string for the appropriate [data class](/windows/desktop/api/mbnapi/ne-mbnapi-mbn_data_class). 
+Enter a customized string for the appropriate [data class](/windows/desktop/api/mbnapi/ne-mbnapi-mbn_data_class).
 
-### NetworkBlockList 
+### NetworkBlockList
 
-Enter a comma-separated list of mobile country code (MCC) and mobile network code (MCC) pairs (MCC:MNC). 
+Enter a comma-separated list of mobile country code (MCC) and mobile network code (MCC) pairs (MCC:MNC).
 
 
-### SignalBarMappingTable 
+### SignalBarMappingTable
 
 >[!NOTE]
->SignalBarMappingTable can be configured per device or per sim. 
+>SignalBarMappingTable can be configured per device or per sim.
 
-Use the **SignalBarMappingTable** settings to customize the number of bars displayed based on signal strength. Set a signal strength minimum for each bar number. 
+Use the **SignalBarMappingTable** settings to customize the number of bars displayed based on signal strength. Set a signal strength minimum for each bar number.
 
 1. Expand **SignalBarMappingTable**, select a bar number in **SignalForBars**, and select **Add**.
-2. Select the signal bar number in **Available customizations**, and enter a minimum signal strength value, between 0 and 31. 
+2. Select the signal bar number in **Available customizations**, and enter a minimum signal strength value, between 0 and 31.
 
-### SIMBlockList 
+### SIMBlockList
 
-Enter a comma-separated list of mobile country code (MCC) and mobile network code (MCC) pairs (MCC:MNC). 
+Enter a comma-separated list of mobile country code (MCC) and mobile network code (MCC) pairs (MCC:MNC).
 
 
-### UseBrandingNameOnRoaming 
+### UseBrandingNameOnRoaming
 
 Select an option for displaying the BrandingName when the device is roaming.
diff --git a/windows/configuration/wcd/wcd-changes.md b/windows/configuration/wcd/wcd-changes.md
index de6a437b18..38430550db 100644
--- a/windows/configuration/wcd/wcd-changes.md
+++ b/windows/configuration/wcd/wcd-changes.md
@@ -1,15 +1,15 @@
 ---
 title: Changes to settings in Windows Configuration Designer
-description: This section describes the changes to settings in Windows Configuration Designer in Windows 10, version 1809. 
+description: This section describes the changes to settings in Windows Configuration Designer in Windows 10, version 1809.
 
 ms.topic: reference
 
 ms.date: 12/31/2017
---- 
+---
 
-# Changes to settings in Windows Configuration Designer 
+# Changes to settings in Windows Configuration Designer
 
-## Settings added in Windows 10, version 1903 
+## Settings added in Windows 10, version 1903
 
 - [DeviceUpdateCenter](wcd-deviceupdatecenter.md)
 - [Privacy](wcd-privacy.md)
@@ -18,13 +18,13 @@ ms.date: 12/31/2017
 - [OOBE > EnableCortanaVoice](wcd-oobe.md#enablecortanavoice)
 - [Policies > LocalPoliciesSecurityOptions](wcd-policies.md#localpoliciessecurityoptions)
 - [Policies > Power](wcd-policies.md#power)
-- [StorageD3InModernStandby](wcd-storaged3inmodernstandby.md) 
+- [StorageD3InModernStandby](wcd-storaged3inmodernstandby.md)
 
-## Settings removed in Windows 10, version 1903 
+## Settings removed in Windows 10, version 1903
 
-- [WLAN](wcd-wlan.md) 
+- [WLAN](wcd-wlan.md)
 
-## Settings added in Windows 10, version 1809 
+## Settings added in Windows 10, version 1809
 
 
 - [Browser > AllowPrelaunch](wcd-browser.md#allowprelaunch)
@@ -52,7 +52,7 @@ ms.date: 12/31/2017
     - ConfigureOpenMicrosoftEdgeWith
     - ConfigureTelemetryForMicrosoft365
     - FirstRunURL
-    - PreventCertErrorOverrides 
+    - PreventCertErrorOverrides
 
     - PreventTurningOffRequiredExtensions
     - SetHomeButtonURL
@@ -83,13 +83,13 @@ ms.date: 12/31/2017
     - UpdateNotificationLevel
 - [UnifiedWriteFilter > OverlayFlags](wcd-unifiedwritefilter.md#overlayflags)
 - [UnifiedWriteFilter > ResetPersistentState](wcd-unifiedwritefilter.md#resetpersistentstate)
-- [WindowsHelloForBusiness](wcd-windowshelloforbusiness.md) 
+- [WindowsHelloForBusiness](wcd-windowshelloforbusiness.md)
 
 
-## Settings removed in Windows 10, version 1809 
+## Settings removed in Windows 10, version 1809
 
 - [CellCore](wcd-cellcore.md)
 - [Policies > Browser:](wcd-policies.md#browser)
     - AllowBrowser
-    - PreventTabReloading 
+    - PreventTabReloading
 
diff --git a/windows/configuration/wcd/wcd-cleanpc.md b/windows/configuration/wcd/wcd-cleanpc.md
index 0b2468a771..b20a26cd10 100644
--- a/windows/configuration/wcd/wcd-cleanpc.md
+++ b/windows/configuration/wcd/wcd-cleanpc.md
@@ -1,26 +1,26 @@
 ---
 title: CleanPC
-description: This section describes the CleanPC settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the CleanPC settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 09/06/2017 
+ms.date: 09/06/2017
 
---- 
+---
 
-# CleanPC (Windows Configuration Designer reference) 
+# CleanPC (Windows Configuration Designer reference)
 
-Use to remove user-installed and pre-installed applications, with the option to persist user data. 
+Use to remove user-installed and pre-installed applications, with the option to persist user data.
 
-## Applies to 
+## Applies to
 
 | Settings  | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
 | CleanPCRetainingUserData | ✅ |  |  |  |
-| CleanPCWithoutRetainingUserData | ✅ |  |  |  | 
+| CleanPCWithoutRetainingUserData | ✅ |  |  |  |
 
-For each setting, the options are **Enable** and **Not configured**.  
+For each setting, the options are **Enable** and **Not configured**.
 
-## Related topics 
+## Related topics
 
 - [CleanPC configuration service provider (CSP)](/windows/client-management/mdm/cleanpc-csp)
diff --git a/windows/configuration/wcd/wcd-connections.md b/windows/configuration/wcd/wcd-connections.md
index aca204c303..fa874d2817 100644
--- a/windows/configuration/wcd/wcd-connections.md
+++ b/windows/configuration/wcd/wcd-connections.md
@@ -1,47 +1,46 @@
 ---
 title: Connections
-description: This section describes the Connections settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the Connections settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 04/30/2018 
+ms.date: 04/30/2018
 
---- 
+---
 
-# Connections (Windows Configuration Designer reference) 
+# Connections (Windows Configuration Designer reference)
 
-Use to configure settings related to various types of phone connections. 
+Use to configure settings related to various types of phone connections.
 
-## Applies to 
+## Applies to
 
 | Setting groups  | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | :---: | :---: | :---: | :---: | 
-
-| All settings  | ✅ | ✅ |  |  | 
+| --- | :---: | :---: | :---: | :---: |
+| All settings  | ✅ | ✅ |  |  |
 
 
 For each setting group:
 1. In **Available customizations**, select the setting group (such as **Cellular**), enter a friendly name for the connection, and then click **Add**.
-2. In **Available customizations**, select the name that you created.  
+2. In **Available customizations**, select the name that you created.
 
-## Cellular 
+## Cellular
 
-See [CM_CellularEntries configuration service provider (CSP)](/windows/client-management/mdm/cm-cellularentries-csp) for settings and values. 
+See [CM_CellularEntries configuration service provider (CSP)](/windows/client-management/mdm/cm-cellularentries-csp) for settings and values.
 
-## EnterpriseAPN 
+## EnterpriseAPN
 
-See [Configure cellular settings for tablets and PCs](../cellular/provisioning-apn.md) and 
+See [Configure cellular settings for tablets and PCs](../cellular/provisioning-apn.md) and
 
-[EnterpriseAPN CSP](/windows/client-management/mdm/enterpriseapn-csp) for settings and values. 
+[EnterpriseAPN CSP](/windows/client-management/mdm/enterpriseapn-csp) for settings and values.
 
-## General 
+## General
 
-Use **General > DataRoam** to set the default value for the **Default roaming options** option in the **Settings > cellular + SIM** area on the device. Select between **DoNotRoam**, **DomesticRoaming**, or **InternationalRoaming**.  
+Use **General > DataRoam** to set the default value for the **Default roaming options** option in the **Settings > cellular + SIM** area on the device. Select between **DoNotRoam**, **DomesticRoaming**, or **InternationalRoaming**.
 
-## Policies 
+## Policies
 
-See [CMPolicy CSP](/windows/client-management/mdm/cmpolicy-csp) for settings and values. 
+See [CMPolicy CSP](/windows/client-management/mdm/cmpolicy-csp) for settings and values.
 
-## Proxies 
+## Proxies
 
 See [CM_ProxyEntries CSP](/windows/client-management/mdm/cm-proxyentries-csp) for settings and values.
diff --git a/windows/configuration/wcd/wcd-countryandregion.md b/windows/configuration/wcd/wcd-countryandregion.md
index d8c52c5547..28494f8e02 100644
--- a/windows/configuration/wcd/wcd-countryandregion.md
+++ b/windows/configuration/wcd/wcd-countryandregion.md
@@ -1,22 +1,22 @@
 ---
 title: CountryAndRegion
-description: This section describes the CountryAndRegion settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the CountryAndRegion settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 04/30/2018 
+ms.date: 04/30/2018
 
---- 
+---
 
-# CountryAndRegion (Windows Configuration Designer reference) 
+# CountryAndRegion (Windows Configuration Designer reference)
 
-Use to configure a setting that partners must customize to ship Windows devices to specific countries/regions. 
+Use to configure a setting that partners must customize to ship Windows devices to specific countries/regions.
 
-## Applies to 
+## Applies to
 
 | Setting groups  | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| CountryCodeForExtendedCapabilityPrompts | ✅  | ✅ |  |  | 
+| CountryCodeForExtendedCapabilityPrompts | ✅  | ✅ |  |  |
 
-You can set the **CountryCodeForExtendedCapabilityPrompts** setting for **China** to enable additional capability prompts when apps use privacy-sensitive features (such as Contacts or Microphone). 
+You can set the **CountryCodeForExtendedCapabilityPrompts** setting for **China** to enable additional capability prompts when apps use privacy-sensitive features (such as Contacts or Microphone).
 
diff --git a/windows/configuration/wcd/wcd-desktopbackgroundandcolors.md b/windows/configuration/wcd/wcd-desktopbackgroundandcolors.md
index 5adf2b5c3d..2ebbdf81e3 100644
--- a/windows/configuration/wcd/wcd-desktopbackgroundandcolors.md
+++ b/windows/configuration/wcd/wcd-desktopbackgroundandcolors.md
@@ -1,20 +1,20 @@
 ---
 title: DesktopBackgroundAndColors
-description: This section describes the DesktopBackgrounAndColors settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the DesktopBackgrounAndColors settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 09/21/2017 
+ms.date: 09/21/2017
 
---- 
+---
 
-# DesktopBackgroundAndColors (Windows Configuration Designer reference) 
+# DesktopBackgroundAndColors (Windows Configuration Designer reference)
 
-Do not use. Instead, use the [Personalization settings](wcd-personalization.md). 
+Do not use. Instead, use the [Personalization settings](wcd-personalization.md).
 
-## Applies to 
+## Applies to
 
 | Setting groups  | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| All settings | ✅  |  |  |  | 
+| All settings | ✅  |  |  |  |
 
diff --git a/windows/configuration/wcd/wcd-developersetup.md b/windows/configuration/wcd/wcd-developersetup.md
index d072492984..f779a650ad 100644
--- a/windows/configuration/wcd/wcd-developersetup.md
+++ b/windows/configuration/wcd/wcd-developersetup.md
@@ -1,33 +1,33 @@
 ---
 title: DeveloperSetup
-description: This section describes the DeveloperSetup settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the DeveloperSetup settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 09/06/2017 
+ms.date: 09/06/2017
 
---- 
+---
 
-# DeveloperSetup (Windows Configuration Designer reference) 
+# DeveloperSetup (Windows Configuration Designer reference)
 
-Use to unlock developer mode on HoloLens devices and configure authentication to Windows Device Portal. 
+Use to unlock developer mode on HoloLens devices and configure authentication to Windows Device Portal.
 
-## Applies to 
+## Applies to
 
 | Setting groups  | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
 | [EnableDeveloperMode](#developersetupsettings-enabledevelopermode) |   |  | ✅ |  |
-| [AuthenticationMode](#windowsdeviceportalsettings-authentication-mode) |   |  | ✅ |  | 
+| [AuthenticationMode](#windowsdeviceportalsettings-authentication-mode) |   |  | ✅ |  |
 
 
-## DeveloperSetupSettings: EnableDeveloperMode 
+## DeveloperSetupSettings: EnableDeveloperMode
 
-When this setting is configured as **True**, the device is unlocked for developer functionality. 
+When this setting is configured as **True**, the device is unlocked for developer functionality.
 
-## WindowsDevicePortalSettings: Authentication Mode 
+## WindowsDevicePortalSettings: Authentication Mode
 
-When AuthenticationMode is set to **Basic Auth**, enter a user name and password to enable the device to connect to and authenticate with the Windows Device Portal. 
+When AuthenticationMode is set to **Basic Auth**, enter a user name and password to enable the device to connect to and authenticate with the Windows Device Portal.
 
-## Related topics 
+## Related topics
 
 - [Device Portal for HoloLens](/windows/uwp/debug-test-perf/device-portal-hololens)
diff --git a/windows/configuration/wcd/wcd-deviceupdatecenter.md b/windows/configuration/wcd/wcd-deviceupdatecenter.md
index f3dcec5a14..3feec57886 100644
--- a/windows/configuration/wcd/wcd-deviceupdatecenter.md
+++ b/windows/configuration/wcd/wcd-deviceupdatecenter.md
@@ -1,19 +1,19 @@
 ---
 title: DeviceUpdateCenter
-description: This section describes the DeviceUpdateCenter settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the DeviceUpdateCenter settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
 ms.date: 12/31/2017
---- 
+---
 
-# DeviceUpdateCenter (Windows Configuration Designer reference) 
+# DeviceUpdateCenter (Windows Configuration Designer reference)
 
-Do not use **DeviceUpdateCenter** settings at this time.  
+Do not use **DeviceUpdateCenter** settings at this time.
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| All settings | ✅  |  |  |  | 
+| All settings | ✅  |  |  |  |
 
diff --git a/windows/configuration/wcd/wcd-dmclient.md b/windows/configuration/wcd/wcd-dmclient.md
index f3ddcf60ee..6f9af456b6 100644
--- a/windows/configuration/wcd/wcd-dmclient.md
+++ b/windows/configuration/wcd/wcd-dmclient.md
@@ -1,25 +1,25 @@
 ---
 title: DMClient
-description: This section describes the DMClient setting that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the DMClient setting that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 04/30/2018 
+ms.date: 04/30/2018
 
---- 
+---
 
-# DMClient (Windows Configuration Designer reference) 
+# DMClient (Windows Configuration Designer reference)
 
-Use to specify enterprise-specific mobile device management configuration setting. 
+Use to specify enterprise-specific mobile device management configuration setting.
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| UpdateManagementServiceAddress | ✅  | ✅ |  | ✅ | 
+| UpdateManagementServiceAddress | ✅  | ✅ |  | ✅ |
 
-For the **UpdateManagementServiceAddress** setting, enter a list of servers. The first server in the semi-colon delimited list is the server that will be used to instantiate MDM sessions.  
+For the **UpdateManagementServiceAddress** setting, enter a list of servers. The first server in the semi-colon delimited list is the server that will be used to instantiate MDM sessions.
 
-## Related topics 
+## Related topics
 
 - [DMClient configuration service provider (CSP)](/windows/client-management/mdm/dmclient-csp)
diff --git a/windows/configuration/wcd/wcd-editionupgrade.md b/windows/configuration/wcd/wcd-editionupgrade.md
index 312ea35b4b..81c6ae79d0 100644
--- a/windows/configuration/wcd/wcd-editionupgrade.md
+++ b/windows/configuration/wcd/wcd-editionupgrade.md
@@ -1,44 +1,44 @@
 ---
 title: EditionUpgrade
-description: This section describes the EditionUpgrade settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the EditionUpgrade settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 04/30/2018 
+ms.date: 04/30/2018
 
---- 
+---
 
-# EditionUpgrade (Windows Configuration Designer reference) 
+# EditionUpgrade (Windows Configuration Designer reference)
 
-Use to upgrade the edition of Windows 10 on the device. [Learn about Windows 10 edition upgrades.](/windows/deployment/upgrade/windows-10-edition-upgrades) 
+Use to upgrade the edition of Windows 10 on the device. [Learn about Windows 10 edition upgrades.](/windows/deployment/upgrade/windows-10-edition-upgrades)
 
-## Applies to 
+## Applies to
 
 | Setting  | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
 | [ChangeProductKey](#changeproductkey) | ✅  |  |  |  |
 | [UpgradeEditionWithLicense](#upgradeeditionwithlicense) | ✅  |  | ✅ |  |
-| [UpgradeEditionWithProductKey](#upgradeeditionwithproductkey) | ✅  |  |  |  | 
+| [UpgradeEditionWithProductKey](#upgradeeditionwithproductkey) | ✅  |  |  |  |
 
 
-## ChangeProductKey 
+## ChangeProductKey
 
-Enter a product key, which will be used to update the existing product key on the device.  
+Enter a product key, which will be used to update the existing product key on the device.
 
-## UpgradeEditionWithLicense 
+## UpgradeEditionWithLicense
 
-Browse to and select a license XML file for the edition upgrade.  
+Browse to and select a license XML file for the edition upgrade.
 
 
-## UpgradeEditionWithProductKey 
+## UpgradeEditionWithProductKey
 
-Enter a product key for an edition upgrade of Windows 10 devices. 
+Enter a product key for an edition upgrade of Windows 10 devices.
 
-If a product key is entered in a provisioning package and the user begins installation of the package, a notification is shown to the user that their system will restart to complete the package installation. Upon explicit consent from the user to proceed, the package continues installation and changepk.exe runs using the product key. The user will receive a reminder notification 30 seconds before the automatic restart. 
+If a product key is entered in a provisioning package and the user begins installation of the package, a notification is shown to the user that their system will restart to complete the package installation. Upon explicit consent from the user to proceed, the package continues installation and changepk.exe runs using the product key. The user will receive a reminder notification 30 seconds before the automatic restart.
 
-After the device restarts, the edition upgrade process completes. The user will receive a notification of the successful upgrade. 
+After the device restarts, the edition upgrade process completes. The user will receive a notification of the successful upgrade.
 
 
-## Related topics 
+## Related topics
 
 - [WindowsLicensing configuration service provider (CSP)](/windows/client-management/mdm/windowslicensing-csp)
diff --git a/windows/configuration/wcd/wcd-firewallconfiguration.md b/windows/configuration/wcd/wcd-firewallconfiguration.md
index e357703c66..9d06cde72b 100644
--- a/windows/configuration/wcd/wcd-firewallconfiguration.md
+++ b/windows/configuration/wcd/wcd-firewallconfiguration.md
@@ -1,25 +1,25 @@
 ---
 title: FirewallConfiguration
-description: This section describes the FirewallConfiguration setting that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the FirewallConfiguration setting that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 09/06/2017 
+ms.date: 09/06/2017
 
---- 
+---
 
-# FirewallConfiguration (Windows Configuration Designer reference) 
+# FirewallConfiguration (Windows Configuration Designer reference)
 
-Use to enable AllJoyn router to work on public networks. 
+Use to enable AllJoyn router to work on public networks.
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| EnableAllJoynOnPublicNetwork |   |  |  | ✅ | 
+| EnableAllJoynOnPublicNetwork |   |  |  | ✅ |
 
-Set to **True** or **False**. 
+Set to **True** or **False**.
 
-## Related topics 
+## Related topics
 
 - [AllJoyn - Wikipedia](https://wikipedia.org/wiki/AllJoyn)
diff --git a/windows/configuration/wcd/wcd-firstexperience.md b/windows/configuration/wcd/wcd-firstexperience.md
index 047b010f0a..91d8cf60da 100644
--- a/windows/configuration/wcd/wcd-firstexperience.md
+++ b/windows/configuration/wcd/wcd-firstexperience.md
@@ -1,23 +1,22 @@
 ---
 title: FirstExperience
-description: This section describes the FirstExperience settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the FirstExperience settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 08/08/2018 
+ms.date: 08/08/2018
 
---- 
+---
 
-# FirstExperience (Windows Configuration Designer reference) 
+# FirstExperience (Windows Configuration Designer reference)
 
-Use these settings to configure the out-of-box experience (OOBE) to set up HoloLens. 
+Use these settings to configure the out-of-box experience (OOBE) to set up HoloLens.
 
-## Applies to 
+## Applies to
 
 | Setting | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| All settings |   |  | X |  | 
-
+| All settings |   |  | X |  |
 | Setting | Description |
 | --- | --- |
 | PreferredRegion | Enter the [geographical location identifier](/windows/win32/intl/table-of-geographical-locations) for the region. |
diff --git a/windows/configuration/wcd/wcd-folders.md b/windows/configuration/wcd/wcd-folders.md
index 3adc93425b..1dda3beee1 100644
--- a/windows/configuration/wcd/wcd-folders.md
+++ b/windows/configuration/wcd/wcd-folders.md
@@ -1,21 +1,21 @@
 ---
 title: Folders
-description: This section describes the Folders settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the Folders settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 04/30/2018 
+ms.date: 04/30/2018
 
---- 
+---
 
-# Folders (Windows Configuration Designer reference) 
+# Folders (Windows Configuration Designer reference)
 
-Use to add files to the device. 
+Use to add files to the device.
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| PublicDocuments | ✅  | ✅ |  |  | 
+| PublicDocuments | ✅  | ✅ |  |  |
 
 Browse to and select a file or files that will be included in the provisioning package and added to the public profile documents folder on the target device. You can use the **Relative path to directory on target device** field to create a new folder within the public profile documents folder.
diff --git a/windows/configuration/wcd/wcd-hotspot.md b/windows/configuration/wcd/wcd-hotspot.md
index 1942d8f33e..f4125a5cf9 100644
--- a/windows/configuration/wcd/wcd-hotspot.md
+++ b/windows/configuration/wcd/wcd-hotspot.md
@@ -1,13 +1,13 @@
 ---
 title: HotSpot
-description: This section describes the HotSpot settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the HotSpot settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 12/18/2018 
+ms.date: 12/18/2018
 
---- 
+---
 
-# HotSpot (Windows Configuration Designer reference) 
+# HotSpot (Windows Configuration Designer reference)
 
 Do not use. Enterprise admins who want to configure settings for mobile hotspots should use [Policies > Wifi](wcd-policies.md#wifi). Mobile operators should use the [Country and Operator Settings Asset (COSA) format](/windows-hardware/drivers/mobilebroadband/cosa-overview).
diff --git a/windows/configuration/wcd/wcd-kioskbrowser.md b/windows/configuration/wcd/wcd-kioskbrowser.md
index 935cc90419..0ec08f9957 100644
--- a/windows/configuration/wcd/wcd-kioskbrowser.md
+++ b/windows/configuration/wcd/wcd-kioskbrowser.md
@@ -1,25 +1,25 @@
 ---
 title: KioskBrowser
-description: This section describes the KioskBrowser settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the KioskBrowser settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 10/02/2018 
+ms.date: 10/02/2018
 
---- 
+---
 
-# KioskBrowser (Windows Configuration Designer reference) 
+# KioskBrowser (Windows Configuration Designer reference)
 
-Use KioskBrowser settings to configure Internet sharing. 
+Use KioskBrowser settings to configure Internet sharing.
 
-## Applies to 
+## Applies to
 
 | Setting groups | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| All settings |  |  |  | ✅ | 
+| All settings |  |  |  | ✅ |
 
 >[!NOTE]
->To configure Kiosk Browser settings for Windows client, go to [Policies > KioskBrowser](wcd-policies.md#kioskbrowser). 
+>To configure Kiosk Browser settings for Windows client, go to [Policies > KioskBrowser](wcd-policies.md#kioskbrowser).
 
 Kiosk Browser settings | Use this setting to
 --- | ---
@@ -28,16 +28,16 @@ Blocked URLs | Specify URLs that people can't navigate to. You can use wildcards
 Default URL | Specify the URL that Kiosk Browser will open with. **Tip!** Make sure your blocked URLs don't include your default URL.
 Enable Home Button | Show a Home button in Kiosk Browser. Home will return the browser to the default URL.
 Enable Navigation Buttons | Show forward and back buttons in Kiosk Browser.
-Restart on Idle Time | Specify when Kiosk Browser should restart in a fresh state after an amount of idle time since the last user interaction. 
+Restart on Idle Time | Specify when Kiosk Browser should restart in a fresh state after an amount of idle time since the last user interaction.
 
 > [!IMPORTANT]
 > To configure multiple URLs for **Blocked URL Exceptions** or **Blocked URLs** in Windows Configuration Designer:
-> 
+>
 
 > 1. Create the provisioning package. When ready to export, close the project in Windows Configuration Designer.
-> 2. Open the customizations.xml file in the project folder (e.g C:\Users\name\Documents\Windows Imaging and Configuration Designer (WICD)\Project_18). 
+> 2. Open the customizations.xml file in the project folder (e.g C:\Users\name\Documents\Windows Imaging and Configuration Designer (WICD)\Project_18).
 
-> 3. Insert the null character string in between each URL (e.g www.bing.com`&#xF000;`www.contoso.com). 
+> 3. Insert the null character string in between each URL (e.g www.bing.com`&#xF000;`www.contoso.com).
 
 > 4. Save the XML file.
 > 5. Open the project again in Windows Configuration Designer.
diff --git a/windows/configuration/wcd/wcd-licensing.md b/windows/configuration/wcd/wcd-licensing.md
index 9ef2f6e278..c1dad05ecb 100644
--- a/windows/configuration/wcd/wcd-licensing.md
+++ b/windows/configuration/wcd/wcd-licensing.md
@@ -1,29 +1,29 @@
 ---
 title: Licensing
-description: This section describes the Licensing settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the Licensing settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 09/06/2017 
+ms.date: 09/06/2017
 
---- 
+---
 
-# Licensing (Windows Configuration Designer reference) 
+# Licensing (Windows Configuration Designer reference)
 
-Use for settings related to Microsoft licensing programs.  
+Use for settings related to Microsoft licensing programs.
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
 | [AllowWindowsEntitlementReactivation](#allowwindowsentitlementreactivation) | ✅  |  |  |  |
-| [DisallowKMSClientOnlineAVSValidation](#disallowkmsclientonlineavsvalidation) | ✅  |  |  |  | 
+| [DisallowKMSClientOnlineAVSValidation](#disallowkmsclientonlineavsvalidation) | ✅  |  |  |  |
 
-## AllowWindowsEntitlementReactivation 
+## AllowWindowsEntitlementReactivation
 
-Enable or disable Windows license reactivation. 
+Enable or disable Windows license reactivation.
 
-## DisallowKMSClientOnlineAVSValidation 
+## DisallowKMSClientOnlineAVSValidation
 
-Enable this setting to prevent the device from sending data to Microsoft regarding its activation state. 
+Enable this setting to prevent the device from sending data to Microsoft regarding its activation state.
 
diff --git a/windows/configuration/wcd/wcd-location.md b/windows/configuration/wcd/wcd-location.md
index d9cace80fc..fa397b8cd6 100644
--- a/windows/configuration/wcd/wcd-location.md
+++ b/windows/configuration/wcd/wcd-location.md
@@ -1,23 +1,23 @@
 ---
 title: Location
-description: This section describes the Location settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the Location settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
- 
+
 
 ms.date: 12/31/2017
---- 
+---
 
-# Location (Windows Configuration Designer reference) 
+# Location (Windows Configuration Designer reference)
 
-Use Location settings to configure location services. 
+Use Location settings to configure location services.
 
-## Applies to 
+## Applies to
 
 | Setting groups | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| [EnableLocation](#enablelocation) |  |  |  | ✅ | 
+| [EnableLocation](#enablelocation) |  |  |  | ✅ |
 
-## EnableLocation 
+## EnableLocation
 
 Use this setting to enable or disable location services for the device.
diff --git a/windows/configuration/wcd/wcd-maps.md b/windows/configuration/wcd/wcd-maps.md
index ad5a02649a..657bd0c5c9 100644
--- a/windows/configuration/wcd/wcd-maps.md
+++ b/windows/configuration/wcd/wcd-maps.md
@@ -1,46 +1,46 @@
 ---
 title: Maps
-description: This section describes the Maps settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the Maps settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
- 
+
 
 ms.date: 12/31/2017
---- 
+---
 
-# Maps (Windows Configuration Designer reference) 
+# Maps (Windows Configuration Designer reference)
 
-Use for settings related to Maps.  
+Use for settings related to Maps.
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
 | [ChinaVariantWin10](#chinavariantwin10) | ✅  | ✅ |  |  |
 | [UseExternalStorage](#useexternalstorage) | ✅  | ✅ |  |  |
-| [UseSmallerCache](#usesmallercache) | ✅  | ✅ |  |  | 
+| [UseSmallerCache](#usesmallercache) | ✅  | ✅ |  |  |
 
 
-## ChinaVariantWin10 
+## ChinaVariantWin10
 
-Use **ChinaVariantWin10** to specify that the Windows device is intended to ship in China. When set to **True**, maps approved by the State Bureau of Surveying and Mapping in China are used. These maps are obtained from a server located in China. 
+Use **ChinaVariantWin10** to specify that the Windows device is intended to ship in China. When set to **True**, maps approved by the State Bureau of Surveying and Mapping in China are used. These maps are obtained from a server located in China.
 
-This customization may result in different maps, servers, or other configuration changes on the device. 
+This customization may result in different maps, servers, or other configuration changes on the device.
 
 
-## UseExternalStorage 
+## UseExternalStorage
 
-Use to store map data on an SD card. 
+Use to store map data on an SD card.
 
-Map data is used by the Maps application and the map control for third-party applications. This data can be store on an SD card, which provides the advantage of saving internal memory space for user data and allows the user to download more offline map data. Microsoft recommends enabling the **UseExternalStorage** setting on devices that have less than 8 GB of user storage and an SD card slot. 
+Map data is used by the Maps application and the map control for third-party applications. This data can be store on an SD card, which provides the advantage of saving internal memory space for user data and allows the user to download more offline map data. Microsoft recommends enabling the **UseExternalStorage** setting on devices that have less than 8 GB of user storage and an SD card slot.
 
-You can use **UseExternalStorage** whether or not you include an SD card with preloaded map data on the phone. If set to **True**, the OS only allows the user to download offline maps when an SD card is present. If no SD card is present, users can view and cache maps, but they can't download a region of offline maps until an SD card is inserted. 
+You can use **UseExternalStorage** whether or not you include an SD card with preloaded map data on the phone. If set to **True**, the OS only allows the user to download offline maps when an SD card is present. If no SD card is present, users can view and cache maps, but they can't download a region of offline maps until an SD card is inserted.
 
-If set to **False**, map data will always be stored on the internal data partition of the device. 
+If set to **False**, map data will always be stored on the internal data partition of the device.
 
 >[!NOTE]
->SD card performance can affect the quality of the Maps experience when maps are stored on the SD card. When an SD card is used, Microsoft recommends that you test the Maps experience and the speed of map downloads with the specific SD card part that will be used on retail phones to determine if performance is satisfactory. 
+>SD card performance can affect the quality of the Maps experience when maps are stored on the SD card. When an SD card is used, Microsoft recommends that you test the Maps experience and the speed of map downloads with the specific SD card part that will be used on retail phones to determine if performance is satisfactory.
 
-## UseSmallerCache 
+## UseSmallerCache
 
 Don't use this setting.
diff --git a/windows/configuration/wcd/wcd-networkproxy.md b/windows/configuration/wcd/wcd-networkproxy.md
index fc89b588fc..1aa276024c 100644
--- a/windows/configuration/wcd/wcd-networkproxy.md
+++ b/windows/configuration/wcd/wcd-networkproxy.md
@@ -1,49 +1,49 @@
 ---
 title: NetworkProxy
-description: This section describes the NetworkProxy settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the NetworkProxy settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
- 
+
 
 ms.date: 12/31/2017
---- 
+---
 
-# NetworkProxy (Windows Configuration Designer reference) 
+# NetworkProxy (Windows Configuration Designer reference)
 
-Use for settings related to NetworkProxy.  
+Use for settings related to NetworkProxy.
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| All settings |   | ✅ |  |  | 
+| All settings |   | ✅ |  |  |
 
 
-## AutoDetect 
+## AutoDetect
 
-Automatically detect network proxy settings.  
+Automatically detect network proxy settings.
 
 |  Value | Description |
 | --- | --- |
 | 0 | Disabled. Don't automatically detect settings. |
-| 1 | Enabled. Automatically detect settings. | 
+| 1 | Enabled. Automatically detect settings. |
 
-## ProxyServer 
+## ProxyServer
 
-Node for configuring a static proxy for Ethernet and Wi-Fi connections. The same proxy server is used for all protocols - including HTTP, HTTPS, FTP, and SOCKS. These settings don't apply to VPN connections. 
+Node for configuring a static proxy for Ethernet and Wi-Fi connections. The same proxy server is used for all protocols - including HTTP, HTTPS, FTP, and SOCKS. These settings don't apply to VPN connections.
 
 | Setting | Description |
 | --- | --- |
 | ProxyAddress | Address to the proxy server. Specify an address in the format `server:port`. |
 | ProxyExceptions | Addresses that shouldn't use the proxy server. The system won't use the proxy server for addresses that begin with the values specified in this node. Use semicolons (;) to separate entries. |
-| UseProxyForLocalAddresses | Whether the proxy server should be used for local (intranet) addresses.</br></br>- 0 = Disabled. Don't use the proxy server for local addresses.</br>- 1 = Enabled. Use the proxy server for local addresses.  | 
+| UseProxyForLocalAddresses | Whether the proxy server should be used for local (intranet) addresses.</br></br>- 0 = Disabled. Don't use the proxy server for local addresses.</br>- 1 = Enabled. Use the proxy server for local addresses.  |
 
 
-## SetupScriptUrl 
+## SetupScriptUrl
 
-Address to the PAC script you want to use.  
+Address to the PAC script you want to use.
 
 
-## Related topics 
+## Related topics
 
 - [NetworkProxy configuration service provider (CSP)](/windows/client-management/mdm/networkproxy-csp)
diff --git a/windows/configuration/wcd/wcd-networkqospolicy.md b/windows/configuration/wcd/wcd-networkqospolicy.md
index a48a2235cd..4dd7a245eb 100644
--- a/windows/configuration/wcd/wcd-networkqospolicy.md
+++ b/windows/configuration/wcd/wcd-networkqospolicy.md
@@ -1,25 +1,25 @@
 ---
 title: NetworkQoSPolicy
-description: This section describes the NetworkQoSPolicy settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the NetworkQoSPolicy settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
- 
+
 
 ms.date: 12/31/2017
---- 
+---
 
-# NetworkQoSPolicy (Windows Configuration Designer reference) 
+# NetworkQoSPolicy (Windows Configuration Designer reference)
 
-Use to create network Quality of Service (QoS) policies. A QoS policy performs a set of actions on network traffic based on a set of matching conditions.  
+Use to create network Quality of Service (QoS) policies. A QoS policy performs a set of actions on network traffic based on a set of matching conditions.
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| All settings |   | ✅ |  |  | 
+| All settings |   | ✅ |  |  |
 
 1. In **Available customizations**, select **NetworkQoSPolicy**, enter a friendly name for the account, and then click **Add**.
-2. In **Available customizations**, select the name that you just created. The following table describes the settings you can configure.  
+2. In **Available customizations**, select the name that you just created. The following table describes the settings you can configure.
 
 | Setting | Description |
 | --- | --- |
@@ -28,8 +28,8 @@ Use to create network Quality of Service (QoS) policies. A QoS policy performs a
 | DSCPAction | Enter the differentiated services code point (DSCP) value to apply to match with network traffic. Valid values are 0-63. |
 | IPProtocolMatchCondition | Select between **Both TCP and UDP**, **TCP**, and **UDP** to specify the IP protocol used to match the network traffic.   |
 | PriorityValue8021Action | Specify the IEEE 802.1p value. Valid values are 0 through 7. |
-| SourcePortMatchCondition | Specify a single port or range of ports. Valid values are [first port number]-[last port number], or [port number]. | 
+| SourcePortMatchCondition | Specify a single port or range of ports. Valid values are [first port number]-[last port number], or [port number]. |
 
-## Related topics 
+## Related topics
 
 - [NetworkQoSPolicy configuration service provider (CSP)](/windows/client-management/mdm/networkqospolicy-csp)
diff --git a/windows/configuration/wcd/wcd-personalization.md b/windows/configuration/wcd/wcd-personalization.md
index 1b79a2483d..09be8c2062 100644
--- a/windows/configuration/wcd/wcd-personalization.md
+++ b/windows/configuration/wcd/wcd-personalization.md
@@ -1,42 +1,42 @@
 ---
 title: Personalization
-description: This section describes the Personalization settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the Personalization settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
- 
+
 
 ms.date: 12/31/2017
---- 
+---
 
-# Personalization (Windows Configuration Designer reference) 
+# Personalization (Windows Configuration Designer reference)
 
-Use to configure settings to personalize a PC. 
+Use to configure settings to personalize a PC.
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
 | [DeployDesktopImage](#deploydesktopimage) | ✅  |  |  |  |
 | [DeployLockScreenImage](#deploylockscreenimage) | ✅  |  |  |  |
 | [DesktopImageUrl](#desktopimageurl) | ✅  |  |  |  |
-| [LockScreenImageUrl](#lockscreenimageurl) | ✅  |  |  |  | 
+| [LockScreenImageUrl](#lockscreenimageurl) | ✅  |  |  |  |
 
-## DeployDesktopImage 
+## DeployDesktopImage
 
-Deploy a .jpg, .jpeg, or .png image to the device to be used as a desktop image. If you have a local file and want to embed it into the package being deployed, you configure this setting and [DesktopImageUrl](#desktopimageurl). 
+Deploy a .jpg, .jpeg, or .png image to the device to be used as a desktop image. If you have a local file and want to embed it into the package being deployed, you configure this setting and [DesktopImageUrl](#desktopimageurl).
 
-When using **DeployDesktopImage** and [DeployLockScreenImageFile](#deploylockscreenimage, the file names need to be different.  
+When using **DeployDesktopImage** and [DeployLockScreenImageFile](#deploylockscreenimage, the file names need to be different.
 
-## DeployLockScreenImage 
+## DeployLockScreenImage
 
-Deploy a .jpg, .jpeg, or .png image to the device to be used as lock screen image. If you have a local file and want to embed it into the package being deployed, you configure this setting and [LockScreenImageUrl](#lockscreenimageurl). 
+Deploy a .jpg, .jpeg, or .png image to the device to be used as lock screen image. If you have a local file and want to embed it into the package being deployed, you configure this setting and [LockScreenImageUrl](#lockscreenimageurl).
 
-When using [DeployDesktopImage](#deploydesktopimage) and **DeployLockScreenImageFile**, the file names need to be different. 
+When using [DeployDesktopImage](#deploydesktopimage) and **DeployLockScreenImageFile**, the file names need to be different.
 
-## DesktopImageUrl 
+## DesktopImageUrl
 
-Specify a .jpg, .jpeg, or .png image to be used as desktop image. This setting can take an HTTP or HTTPS URL to a remote image to be downloaded or a file URL to a local image. If you have a local file and want to embed it into the package being deployed, you also set [DeployDesktopImage](#deploydesktopimage). 
+Specify a .jpg, .jpeg, or .png image to be used as desktop image. This setting can take an HTTP or HTTPS URL to a remote image to be downloaded or a file URL to a local image. If you have a local file and want to embed it into the package being deployed, you also set [DeployDesktopImage](#deploydesktopimage).
 
-## LockScreenImageUrl 
+## LockScreenImageUrl
 
 Specify a .jpg, .jpeg, or .png image to be used as Lock Screen Image. This setting can take an HTTP or HTTPS URL to a remote image to be downloaded or a file URL to an existing local image. If you have a local file and want to embed it into the package being deployed, you also set [DeployLockScreenImage](#deploylockscreenimage).
diff --git a/windows/configuration/wcd/wcd-policies.md b/windows/configuration/wcd/wcd-policies.md
index b6f47051c5..950caf44f0 100644
--- a/windows/configuration/wcd/wcd-policies.md
+++ b/windows/configuration/wcd/wcd-policies.md
@@ -1,81 +1,77 @@
 ---
 title: Policies
-description: This section describes the Policies settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the Policies settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
 ms.date: 12/31/2017
---- 
+---
 
-# Policies (Windows Configuration Designer reference) 
+# Policies (Windows Configuration Designer reference)
 
-This section describes the **Policies** settings that you can configure in [provisioning packages](../provisioning-packages/provisioning-packages.md) for Windows 10 using Windows Configuration Designer. Each setting below links to its supported values, as documented in the [Policy configuration service provider (CSP)](/windows/client-management/mdm/policy-configuration-service-provider).   
+This section describes the **Policies** settings that you can configure in [provisioning packages](../provisioning-packages/provisioning-packages.md) for Windows 10 using Windows Configuration Designer. Each setting below links to its supported values, as documented in the [Policy configuration service provider (CSP)](/windows/client-management/mdm/policy-configuration-service-provider).
 
-## AboveLock 
+## AboveLock
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: |  :---: | :---: | :---: |
 | [AllowActionCenterNotifications](/windows/client-management/mdm/policy-configuration-service-provider#abovelock-allowactioncenternotifications)  | Allow Action Center notifications above the device lock screen. |  |   |  |  |
-| [AllowToasts](/windows/client-management/mdm/policy-configuration-service-provider#abovelock-allowtoasts)  | Allow toast notifications above the device lock screen.  | ✅  |   |   |  | 
+| [AllowToasts](/windows/client-management/mdm/policy-configuration-service-provider#abovelock-allowtoasts)  | Allow toast notifications above the device lock screen.  | ✅  |   |   |  |
 
-## Accounts 
+## Accounts
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
-| --- | --- | :---: | :---: | :---: | :---: | 
-
+| --- | --- | :---: | :---: | :---: | :---: |
 | [AllowAddingNonMicrosoftAccountManually](/windows/client-management/mdm/policy-configuration-service-provider#accounts-allowaddingnonmicrosoftaccountsmanually) | Whether users can add non-Microsoft email accounts  | ✅ |   |  |  |
 | [AllowMicrosoftAccountConnection](/windows/client-management/mdm/policy-configuration-service-provider#accounts-allowmicrosoftaccountconnection) | Whether users can use a Microsoft account for non-email-related connection authentication and services  | ✅ |   | ✅ |  |
 | [AllowMicrosoftAccountSigninAssistant](/windows/client-management/mdm/policy-configuration-service-provider#accounts-allowmicrosoftaccountsigninassistant) | Disable the **Microsoft Account Sign-In Assistant** (wlidsvc) NT service | ✅ |  |  |  |
-| [DomainNamesForEmailSync](/windows/client-management/mdm/policy-configuration-service-provider#accounts-domainnamesforemailsync) | List of domains that are allowed to sync email on the devices | ✅ |  |  |  | 
+| [DomainNamesForEmailSync](/windows/client-management/mdm/policy-configuration-service-provider#accounts-domainnamesforemailsync) | List of domains that are allowed to sync email on the devices | ✅ |  |  |  |
 
 
-## ApplicationDefaults 
+## ApplicationDefaults
 
 | Setting | Description | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | --- | :---: | :---: | :---: | :---: | 
-
-| [DefaultAssociationsConfiguration](/windows/client-management/mdm/policy-configuration-service-provider#applicationdefaults-defaultassociationsconfiguration) | Set default file type and protocol associations  | ✅ |  |  |  | 
+| --- | --- | :---: | :---: | :---: | :---: |
+| [DefaultAssociationsConfiguration](/windows/client-management/mdm/policy-configuration-service-provider#applicationdefaults-defaultassociationsconfiguration) | Set default file type and protocol associations  | ✅ |  |  |  |
 
 
-## ApplicationManagement 
+## ApplicationManagement
 
 
 | Setting | Description | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | --- | :---: | :---: | :---: | :---: | 
-
+| --- | --- | :---: | :---: | :---: | :---: |
 | [AllowAllTrustedApps](/windows/client-management/mdm/policy-configuration-service-provider#applicationmanagement-allowalltrustedapps) | Whether non-Microsoft Store apps are allowed | ✅ |   |  | ✅ |
 | [AllowAppStoreAutoUpdate](/windows/client-management/mdm/policy-configuration-service-provider#applicationmanagement-allowappstoreautoupdate)  | Whether automatic update of apps from Microsoft Store is allowed  | ✅  |   |   | ✅ |
 | [AllowDeveloperUnlock](/windows/client-management/mdm/policy-configuration-service-provider#applicationmanagement-allowdeveloperunlock)  | Whether developer unlock of device is allowed  | ✅  | ✅  | ✅  | ✅ |
-| [AllowGameDVR](/windows/client-management/mdm/policy-configuration-service-provider#applicationmanagement-allowgamedvr)  |Whether DVR and broadcasting are allowed   | ✅  |  |   |   |  
-
+| [AllowGameDVR](/windows/client-management/mdm/policy-configuration-service-provider#applicationmanagement-allowgamedvr)  |Whether DVR and broadcasting are allowed   | ✅  |  |   |   |
 | [AllowSharedUserAppData](/windows/client-management/mdm/policy-configuration-service-provider#applicationmanagement-allowshareduserappdata)  | Whether multiple users of the same app can share data  | ✅  |   |   |  |
 | [AllowStore](/windows/client-management/mdm/policy-configuration-service-provider#applicationmanagement-allowstore)  | Whether app store is allowed at device  |   |    |   |  |
 | [ApplicationRestrictions](/windows/client-management/mdm/policy-configuration-service-provider#applicationmanagement-applicationrestrictions)  | An XML blob that specifies app restrictions, such as an allowlist, disallow list, etc.  |   |   |  |  |
 | [LaunchAppAfterLogOn](/windows/client-management/mdm/policy-configuration-service-provider#applicationmanagement-launchappafterlogon)  |Whether to launch an app or apps when the user signs in.   | ✅  |   |   |  |
 | [RestrictAppDataToSystemVolume](/windows/client-management/mdm/policy-configuration-service-provider#applicationmanagement-restrictappdatatosystemvolume)  | Whether app data is restricted to the system drive  | ✅  |   |   | ✅ |
-| [RestrictAppToSystemVolume](/windows/client-management/mdm/policy-configuration-service-provider#applicationmanagement-restrictapptosystemvolume)  | Whether the installation of apps is restricted to the system drive   | ✅  |   |   | ✅ | 
-
- 
+| [RestrictAppToSystemVolume](/windows/client-management/mdm/policy-configuration-service-provider#applicationmanagement-restrictapptosystemvolume)  | Whether the installation of apps is restricted to the system drive   | ✅  |   |   | ✅ |
 
 
-## Authentication 
+
+
+## Authentication
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: |  :---: | :---: | :---: |
 | [AllowFastReconnect](/windows/client-management/mdm/policy-csp-authentication#authentication-allowfastreconnect) | Allows EAP Fast Reconnect from being attempted for EAP Method TLS. | ✅ | ✅ | ✅ | ✅ |
 | [EnableFastFirstSignin](/windows/client-management/mdm/policy-csp-authentication#authentication-enablefastfirstsignin) | Enables a quick first sign-in experience for a user by automatically connecting new non-admin Azure AD accounts to the pre-configured candidate local accounts. | ✅ | ✅ |  | ✅ |
 | [EnableWebSignin](/windows/client-management/mdm/policy-csp-authentication#authentication-enablewebsignin) | Enables Windows sign-in support for non-ADFS federated providers (for example, SAML). | ✅ |  ✅ |  | ✅ |
-| [PreferredAadTenantDomainName](/windows/client-management/mdm/policy-csp-authentication#authentication-preferredaadtenantdomainname) | Specifies the preferred domain among available domains in the Azure AD tenant. | ✅ |  ✅ |  | ✅ | 
+| [PreferredAadTenantDomainName](/windows/client-management/mdm/policy-csp-authentication#authentication-preferredaadtenantdomainname) | Specifies the preferred domain among available domains in the Azure AD tenant. | ✅ |  ✅ |  | ✅ |
 
 
-## BitLocker 
+## BitLocker
 
 | Setting | Description | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: | :---: | :---: | :---: |
-| [EncryptionMethod](/windows/client-management/mdm/policy-configuration-service-provider#bitlocker-encryptionmethod)  | Specify BitLocker drive encryption method and cipher strength | ✅ |  |  |  | 
+| [EncryptionMethod](/windows/client-management/mdm/policy-configuration-service-provider#bitlocker-encryptionmethod)  | Specify BitLocker drive encryption method and cipher strength | ✅ |  |  |  |
 
 
-## Bluetooth 
+## Bluetooth
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: | :---: | :---: | :---: |
@@ -84,9 +80,9 @@ This section describes the **Policies** settings that you can configure in [prov
 | [AllowPrepairing](/windows/client-management/mdm/policy-configuration-service-provider#bluetooth-allowprepairing)  | Whether to allow specific bundled Bluetooth peripherals to automatically pair with the host device  | ✅  | ✅ | ✅ | ✅ |
 | AllowPromptedProximalConnections | Whether Windows will prompt users when Bluetooth devices that are connectable are in range of the user's device  | ✅  |  ✅ | ✅ | ✅ |
 | [LocalDeviceName](/windows/client-management/mdm/policy-configuration-service-provider#bluetooth-localdevicename)  | Set the local Bluetooth device name  | ✅  |  ✅ | ✅ | ✅ |
-| [ServicesAllowedList](/windows/client-management/mdm/policy-configuration-service-provider#bluetooth-servicesallowedlist)  | Set a list of allowable services and profiles  | ✅  |  ✅  | ✅  | ✅ | 
+| [ServicesAllowedList](/windows/client-management/mdm/policy-configuration-service-provider#bluetooth-servicesallowedlist)  | Set a list of allowable services and profiles  | ✅  |  ✅  | ✅  | ✅ |
 
-## Browser 
+## Browser
 
 | Setting | Description | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: | :---: | :---: | :---: |
@@ -147,18 +143,17 @@ PreventTabPreloading | Prevent Microsoft Edge from starting and loading the Star
 | [ShowMessageWhenOpeningSitesInInternetExplorer](/windows/client-management/mdm/policy-configuration-service-provider#browser-showmessagewhenopeningsitesininternetexplorer) | Specify whether users should see a full interstitial page in Microsoft Edge when opening sites that are configured to open in Internet Explorer using the Enterprise Site list. | ✅ |   |  |  |
 | [SyncFavoritesBetweenIEAndMicrosoftEdge](/windows/client-management/mdm/policy-configuration-service-provider#browser-syncfavoritesbetweenieandmicrosoftedge)  | Specify whether favorites are kept in sync between Internet Explorer and Microsoft Edge.  | ✅  |    |   |  |
 | [UnlockHomeButton](/windows/client-management/mdm/policy-csp-browser#browser-unlockhomebutton)  | Specify whether users can make changes to the Home button.  | ✅  |    |   |  |
-[UseSharedFolderForBooks](/windows/client-management/mdm/policy-csp-browser#browser-usesharedfolderforbooks) | Specify whether organizations should use a folder shared across users to store books from the Books Library. | ✅  |   |   |  | 
+[UseSharedFolderForBooks](/windows/client-management/mdm/policy-csp-browser#browser-usesharedfolderforbooks) | Specify whether organizations should use a folder shared across users to store books from the Books Library. | ✅  |   |   |  |
 
 
-## Camera 
+## Camera
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
-| --- | --- | :---: | :---: | :---: | :---: | 
-
-| [AllowCamera](/windows/client-management/mdm/policy-configuration-service-provider#camera-allowcamera) | Disable or enable the camera. | ✅ |  ✅ |  |  | 
+| --- | --- | :---: | :---: | :---: | :---: |
+| [AllowCamera](/windows/client-management/mdm/policy-configuration-service-provider#camera-allowcamera) | Disable or enable the camera. | ✅ |  ✅ |  |  |
 
 
-## Connectivity 
+## Connectivity
 
 | Setting | Description | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: | :---: | :---: | :---: |
@@ -171,23 +166,22 @@ PreventTabPreloading | Prevent Microsoft Edge from starting and loading the Star
 | [AllowVPNOverCellular](/windows/client-management/mdm/policy-configuration-service-provider#connectivity-allowvpnovercellular) | Specify what type of underlying connections VPN is allowed to use. |✅ |  ✅ |  | ✅ |
 | [AllowVPNRoamingOverCellular](/windows/client-management/mdm/policy-configuration-service-provider#connectivity-allowvpnroamingovercellular) | Prevent the device from connecting to VPN when the device roams over cellular networks. | ✅ | ✅ |  | ✅ |
 | HideCellularConnectionMode | Hide the checkbox that lets the user change the connection mode. | ✅ | ✅ |  | ✅ |
-| HideCellularRoamingOption | Hide the dropdown menu that lets the user change the roaming preferences.  | ✅ |  ✅ |  | ✅ | 
+| HideCellularRoamingOption | Hide the dropdown menu that lets the user change the roaming preferences.  | ✅ |  ✅ |  | ✅ |
 
-## CredentialProviders 
+## CredentialProviders
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: |  :---: | :---: | :---: |
-[DisableAutomaticReDeploymentCredentials](/windows/client-management/mdm/policy-csp-credentialproviders) | This setting disables the visibility of the credential provider that triggers the PC refresh on a device. This policy doesn't actually trigger the refresh. The admin user is required to authenticate to trigger the refresh on the target device. The Windows 10 Autopilot Reset feature allows admin to reset devices to a known good managed state while preserving the management enrollment. After the automatic redeployment is triggered, the devices are for ready for use by information workers or students. | ✅ |  |  |  | 
+[DisableAutomaticReDeploymentCredentials](/windows/client-management/mdm/policy-csp-credentialproviders) | This setting disables the visibility of the credential provider that triggers the PC refresh on a device. This policy doesn't actually trigger the refresh. The admin user is required to authenticate to trigger the refresh on the target device. The Windows 10 Autopilot Reset feature allows admin to reset devices to a known good managed state while preserving the management enrollment. After the automatic redeployment is triggered, the devices are for ready for use by information workers or students. | ✅ |  |  |  |
 
-## Cryptography 
+## Cryptography
 
 | Setting | Description | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | --- | :---: | :---: | :---: | :---: | 
-
+| --- | --- | :---: | :---: | :---: | :---: |
 | [AllowFipsAlgorithmPolicy](/windows/client-management/mdm/policy-configuration-service-provider#cryptography-allowfipsalgorithmpolicy) | Allow or disallow the Federal Information Processing Standard (FIPS) policy. | ✅ |   |  |  |
-| [TLSCiperSuites](/windows/client-management/mdm/policy-configuration-service-provider#cryptography-tlsciphersuites)  | List the Cryptographic Cipher Algorithms allowed for SSL connections. Format is a semicolon delimited list. Last write win.  | ✅  |   |   |  | 
+| [TLSCiperSuites](/windows/client-management/mdm/policy-configuration-service-provider#cryptography-tlsciphersuites)  | List the Cryptographic Cipher Algorithms allowed for SSL connections. Format is a semicolon delimited list. Last write win.  | ✅  |   |   |  |
 
-## Defender 
+## Defender
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: | :---: | :---: | :---: |
@@ -216,9 +210,9 @@ PreventTabPreloading | Prevent Microsoft Edge from starting and loading the Star
 | [ScheduleScanTime](/windows/client-management/mdm/policy-configuration-service-provider#defender-schedulescantime)  | Select the time of day that the Windows Defender scan should run.  |  ✅ |   |   |  |
 | [SignatureUpdateInterval](/windows/client-management/mdm/policy-configuration-service-provider#defender-signatureupdateinterval) | Specify the interval (in hours) that will be used to check for signatures, so instead of using the ScheduleDay and ScheduleTime the check for new signatures will be set according to the interval. | ✅ |  |  |  |
 | [SubmitSamplesConsent](/windows/client-management/mdm/policy-configuration-service-provider#defender-submitsamplesconsent) | Checks for the user consent level in Windows Defender to send data. | ✅ |  |  |  |
-| [ThreatSeverityDefaultAction](/windows/client-management/mdm/policy-configuration-service-provider#defender-threatseveritydefaultaction)  | Specify any valid threat severity levels and the corresponding default action ID to take.  |  ✅ |   |   |  | 
+| [ThreatSeverityDefaultAction](/windows/client-management/mdm/policy-configuration-service-provider#defender-threatseveritydefaultaction)  | Specify any valid threat severity levels and the corresponding default action ID to take.  |  ✅ |   |   |  |
 
-## DeliveryOptimization 
+## DeliveryOptimization
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: | :---: | :---: | :---: |
@@ -245,19 +239,18 @@ PreventTabPreloading | Prevent Microsoft Edge from starting and loading the Star
 | [DOPercentageMaxForeDownloadBandwidth](/windows/client-management/mdm/policy-configuration-service-provider#deliveryoptimization-dopercentagemaxforegroundbandwidth) | Specify the maximum foreground download bandwidth that Delivery Optimization uses across all concurrent download activities as a percentage of available download bandwidth. | ✅ |  |  |  |
 | [DORestrictPeerSelectionBy](/windows/client-management/mdm/policy-configuration-service-provider#deliveryoptimization-dorestrictpeerselectionby) | Set this policy to restrict peer selection by the selected option. | ✅ |  |  |  |
 | [DOSetHoursToLimitBackgroundDownloadBandwidth](/windows/client-management/mdm/policy-configuration-service-provider#deliveryoptimization-dosethourstolimitbackgrounddownloadbandwidth) | Specify the maximum background download bandwidth that Delivery Optimization uses during and outside business hours across all concurrent download activities as a percentage of available download bandwidth.  | ✅ |  |  |  |
-| [DOSetHoursToLimitForegroundDownloadBandwidth](/windows/client-management/mdm/policy-configuration-service-provider#deliveryoptimization-dosethourstolimitforegrounddownloadbandwidth) | Specify the maximum foreground download bandwidth that Delivery Optimization uses during and outside business hours across all concurrent download activities as a percentage of available download bandwidth. | ✅ |  |  |  | 
+| [DOSetHoursToLimitForegroundDownloadBandwidth](/windows/client-management/mdm/policy-configuration-service-provider#deliveryoptimization-dosethourstolimitforegrounddownloadbandwidth) | Specify the maximum foreground download bandwidth that Delivery Optimization uses during and outside business hours across all concurrent download activities as a percentage of available download bandwidth. | ✅ |  |  |  |
 
-## DeviceGuard 
+## DeviceGuard
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: |  :---: | :---: | :---: |
-[EnableVirtualizationBasedSecurity](/windows/client-management/mdm/policy-csp-deviceguard) | Turns on virtualization based security(VBS) at the next reboot. virtualization based security uses the Windows Hypervisor to provide support for security services.  | ✅ |  |  |  | 
+[EnableVirtualizationBasedSecurity](/windows/client-management/mdm/policy-csp-deviceguard) | Turns on virtualization based security(VBS) at the next reboot. virtualization based security uses the Windows Hypervisor to provide support for security services.  | ✅ |  |  |  |
 
-## DeviceLock 
+## DeviceLock
 
 | Setting | Description | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | --- | :---: | :---: | :---: | :---: | 
-
+| --- | --- | :---: | :---: | :---: | :---: |
 | [AllowIdleReturnWithoutPassword](/windows/client-management/mdm/policy-configuration-service-provider#devicelock-allowidlereturnwithoutpassword) | Specify whether the user must input a PIN or password when the device resumes from an idle state. |  |   |  |  |
 | [AllowScreenTimeoutWhileLockedUserConfig](/windows/client-management/mdm/policy-configuration-service-provider#devicelock-allowscreentimeoutwhilelockeduserconfig) | Specify whether to show a user-configurable setting to control the screen timeout while on the lock screen. |  |   |  |  |
 | [AllowSimpleDevicePassword](/windows/client-management/mdm/policy-configuration-service-provider#devicelock-allowsimpledevicepassword) | Specify whether PINs or passwords such as "1111" or "1234" are allowed. For the desktop, it also controls the use of picture passwords. | ✅ |  | ✅ |  |
@@ -269,18 +262,18 @@ PreventTabPreloading | Prevent Microsoft Edge from starting and loading the Star
 | [MaxInactivityTimeDeviceLock](/windows/client-management/mdm/policy-configuration-service-provider#devicelock-maxinactivitytimedevicelock) |Specify the maximum amount of time (in minutes) allowed after the device is idle that will cause the device to become PIN or password locked.  | ✅ |   | ✅ |  |
 | [MinDevicePasswordComplexCharacters](/windows/client-management/mdm/policy-configuration-service-provider#devicelock-mindevicepasswordcomplexcharacters) | Specify the number of complex element types (uppercase and lowercase letters, numbers, and punctuation) required for a strong PIN or password. | ✅ |   | ✅ |  |
 | [MinDevicePasswordLength](/windows/client-management/mdm/policy-configuration-service-provider#devicelock-mindevicepasswordlength) | Specify the minimum number or characters required in the PIN or password. | ✅ |   | ✅ |  |
-| [ScreenTimeoutWhileLocked](/windows/client-management/mdm/policy-configuration-service-provider#devicelock-screentimeoutwhilelocked) | Specify the duration in seconds for the screen timeout while on the lock screen. |  |   |  |  | 
+| [ScreenTimeoutWhileLocked](/windows/client-management/mdm/policy-configuration-service-provider#devicelock-screentimeoutwhilelocked) | Specify the duration in seconds for the screen timeout while on the lock screen. |  |   |  |  |
 
 
-## DeviceManagement 
+## DeviceManagement
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: |  :---: | :---: | :---: |
-| DisableMDMEnrollment | Use this setting to prevent the device from enrolling in MDM. | ✅ |   |  |  | 
+| DisableMDMEnrollment | Use this setting to prevent the device from enrolling in MDM. | ✅ |   |  |  |
 
- 
 
-## Experience 
+
+## Experience
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: | :---: | :---: | :---: |
@@ -301,68 +294,65 @@ PreventTabPreloading | Prevent Microsoft Edge from starting and loading the Star
 | [AllowWindowsSpotlightOnActionCenter](/windows/client-management/mdm/policy-configuration-service-provider#experience-allowwindowsspotlightonactioncenter) | Prevent Windows Spotlight notifications from being displayed in the Action Center. | ✅ | |  |  |
 | [AllowWindowsSpotlightWindowsWelcomeExperience](/windows/client-management/mdm/policy-configuration-service-provider#experience-allowwindowsspotlightwindowswelcomeexperience) | Turn off the Windows Spotlight Windows welcome experience feature. | ✅ |  |  |  |
 | [AllowWindowsTips](/windows/client-management/mdm/policy-configuration-service-provider#experience-allowwindowstips) | Enable or disable Windows Tips. | ✅ |  |  |  |
-| [ConfigureWindowsSpotlightOnLockScreen](/windows/client-management/mdm/policy-configuration-service-provider#experience-configurewindowsspotlightonlockscreen) | Specify whether Spotlight should be used on the user's lock screen. | ✅ |  |  |  | 
+| [ConfigureWindowsSpotlightOnLockScreen](/windows/client-management/mdm/policy-configuration-service-provider#experience-configurewindowsspotlightonlockscreen) | Specify whether Spotlight should be used on the user's lock screen. | ✅ |  |  |  |
 
-## ExploitGuard 
+## ExploitGuard
 
 | Setting | Description | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | --- | :---: | :---: | :---: | :---: | 
-
-| [ExploitProtectionSettings](/windows/client-management/mdm/policy-csp-exploitguard) | See the [explanation of ExploitProtectionSettings](/windows/client-management/mdm/policy-csp-exploitguard) in the Policy CSP for instructions. In the **ExploitProtectionSettings** field, you can enter a path (local, UNC, or URI) to the mitigation options config, or you can enter the XML for the config. | ✅ |   |  |  | 
+| --- | --- | :---: | :---: | :---: | :---: |
+| [ExploitProtectionSettings](/windows/client-management/mdm/policy-csp-exploitguard) | See the [explanation of ExploitProtectionSettings](/windows/client-management/mdm/policy-csp-exploitguard) in the Policy CSP for instructions. In the **ExploitProtectionSettings** field, you can enter a path (local, UNC, or URI) to the mitigation options config, or you can enter the XML for the config. | ✅ |   |  |  |
 
 
-## Games 
+## Games
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: |  :---: | :---: | :---: |
-| [AllowAdvancedGamingServices](/windows/client-management/mdm/policy-configuration-service-provider#games-allowadvancedgamingservices) | Currently not supported. | ✅ |  |  |  | 
+| [AllowAdvancedGamingServices](/windows/client-management/mdm/policy-configuration-service-provider#games-allowadvancedgamingservices) | Currently not supported. | ✅ |  |  |  |
 
 
-## KioskBrowser 
+## KioskBrowser
 
-These settings apply to the **Kiosk Browser** app available in Microsoft Store. For more information, see [Guidelines for web browsers](../guidelines-for-assigned-access-app.md#guidelines-for-web-browsers). 
+These settings apply to the **Kiosk Browser** app available in Microsoft Store. For more information, see [Guidelines for web browsers](../guidelines-for-assigned-access-app.md#guidelines-for-web-browsers).
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
-| --- | --- | :---: | :---: | :---: | :---: | 
-
+| --- | --- | :---: | :---: | :---: | :---: |
 |[BlockedUrlExceptions](/windows/client-management/mdm/policy-csp-kioskbrowser#kioskbrowser-blockedurlexceptions) | List of exceptions to the blocked website URLs (with wildcard support). This setting is used to configure URLs kiosk browsers are allowed to navigate to, which are a subset of the blocked URLs. | ✅ |  |  |  |
 |[BlockedUrls](/windows/client-management/mdm/policy-csp-kioskbrowser#kioskbrowser-blockedurls) | List of blocked website URLs (with wildcard support). This setting is used to configure blocked URLs kiosk browsers can't navigate to. | ✅ |  |  |  |
 |[DefaultURL](/windows/client-management/mdm/policy-csp-kioskbrowser#kioskbrowser-defaulturl) | Configures the default URL kiosk browsers to navigate on launch and restart.  | ✅ |  |  |  |
 |[EnableEndSessionButton](/windows/client-management/mdm/policy-csp-kioskbrowser#kioskbrowser-enableendsessionbutton) | Enable/disable kiosk browser's end session button.  | ✅ |  |  |  |
 |[EnableHomeButton](/windows/client-management/mdm/policy-csp-kioskbrowser#kioskbrowser-enablehomebutton) | Enable/disable kiosk browser's home button.  | ✅ |  |  |  |
 |[EnableNavigationButtons](/windows/client-management/mdm/policy-csp-kioskbrowser#kioskbrowser-enablenavigationbuttons) | Enable/disable kiosk browser's navigation buttons (forward/back). | ✅ |  |  |  |
-|[RestartOnIdleTime](/windows/client-management/mdm/policy-csp-kioskbrowser#kioskbrowser-restartonidletime) | Amount of time in minutes the session is idle until the kiosk browser restarts in a fresh state.  The value is an int 1-1440 that specifies the number of minutes the session is idle until the kiosk browser restarts in a fresh state. The default value is empty, which means there's no idle timeout within the kiosk browser. | ✅ |  |  |  | 
+|[RestartOnIdleTime](/windows/client-management/mdm/policy-csp-kioskbrowser#kioskbrowser-restartonidletime) | Amount of time in minutes the session is idle until the kiosk browser restarts in a fresh state.  The value is an int 1-1440 that specifies the number of minutes the session is idle until the kiosk browser restarts in a fresh state. The default value is empty, which means there's no idle timeout within the kiosk browser. | ✅ |  |  |  |
 
-To configure multiple URLs for **Blocked URL Exceptions** or **Blocked URLs** in Windows Configuration Designer: 
+To configure multiple URLs for **Blocked URL Exceptions** or **Blocked URLs** in Windows Configuration Designer:
 
 1. Create the provisioning package. When ready to export, close the project in Windows Configuration Designer.
-2. Open the customizations.xml file in the project folder (e.g C:\Users\name\Documents\Windows Imaging and Configuration Designer (WICD)\Project_18). 
+2. Open the customizations.xml file in the project folder (e.g C:\Users\name\Documents\Windows Imaging and Configuration Designer (WICD)\Project_18).
 
-3. Insert the null character string in between each URL (e.g www.bing.com&#xF000;www.contoso.com). 
+3. Insert the null character string in between each URL (e.g www.bing.com&#xF000;www.contoso.com).
 
 4. Save the XML file.
 5. Open the project again in Windows Configuration Designer.
-6. Export the package. Ensure you don't revisit the created policies under Kiosk Browser or else the null character will be removed. 
+6. Export the package. Ensure you don't revisit the created policies under Kiosk Browser or else the null character will be removed.
 
-## LocalPoliciesSecurityOptions 
+## LocalPoliciesSecurityOptions
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: | :---: | :---: | :---: |
 | [InteractiveLogon_DoNotDisplayLastSignedIn](/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions#localpoliciessecurityoptions-interactivelogon-donotdisplaylastsignedin) | Specify whether the Windows sign-in screen will show the username of the last person who signed in. | ✅ |  |  |  |
 | [Shutdown_AllowSystemtobeShutDownWithoutHavingToLogOn](/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions#localpoliciessecurityoptions-shutdown-allowsystemtobeshutdownwithouthavingtologon) | Specify whether a computer can be shut down without signing in. | ✅ |   |  |  |
-| [UserAccountControl_BehaviorOfTheElevationPromptForStandardUsers](/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions#localpoliciessecurityoptions-useraccountcontrol-behavioroftheelevationpromptforstandardusers) | Configure how an elevation prompt should behave for standard users. | ✅ |  |  |  | 
+| [UserAccountControl_BehaviorOfTheElevationPromptForStandardUsers](/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions#localpoliciessecurityoptions-useraccountcontrol-behavioroftheelevationpromptforstandardusers) | Configure how an elevation prompt should behave for standard users. | ✅ |  |  |  |
 
-## Location 
+## Location
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: |  :---: | :---: | :---: |
-| [EnableLocation](/windows/client-management/mdm/policy-configuration-service-provider#location-enablelocation) | Don't use. |  |  |  |  | 
+| [EnableLocation](/windows/client-management/mdm/policy-configuration-service-provider#location-enablelocation) | Don't use. |  |  |  |  |
 
-## Power 
+## Power
 
 | Setting | Description | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | --- | :---: | :---: | :---: | :---: | 
-
+| --- | --- | :---: | :---: | :---: | :---: |
 | [AllowStandbyStatesWhenSleepingOnBattery](/windows/client-management/mdm/policy-csp-power#allowstandbystateswhensleepingonbattery) | Specify whether Windows can use standby states when putting the computer in a sleep state while on battery. | ✅ |  |  |  |
 | [AllowStandbyWhenSleepingPluggedIn](/windows/client-management/mdm/policy-csp-power#allowstandbystateswhensleepingpluggedin) | Specify whether Windows can use standby states when putting the computer in a sleep state while plugged in. | ✅ |  |  |  |
 | [DisplayOffTimeoutOnBattery](/windows/client-management/mdm/policy-csp-power#displayofftimeoutonbattery) | Specify the period of inactivity before Windows turns off the display while on battery. | ✅ |  |  |  |
@@ -384,20 +374,20 @@ To configure multiple URLs for **Blocked URL Exceptions** or **Blocked URLs** in
 | [TurnOffHybridSleepOnBattery](/windows/client-management/mdm/policy-csp-power#turnoffhybridsleeponbattery) | Turn off hybrid sleep while on battery. | ✅ |   |  |  |
 | [TurnOffHybridSleepPluggedIn](/windows/client-management/mdm/policy-csp-power#turnoffhybridsleeppluggedin) | Turn off hybrid sleep while plugged in. | ✅ |  |  |  |
 | [UnattendedSleepTimeoutOnBattery](/windows/client-management/mdm/policy-csp-power#unattendedsleeptimeoutonbattery) | Specify the period of inactivity before Windows transitions the system to sleep automatically when a user isn't present while on battery. | ✅ |  |  |  |
-| [UnattendedSleepTimeoutPluggedIn](/windows/client-management/mdm/policy-csp-power#unattendedsleeptimeoutpluggedin) | Specify the period of inactivity before Windows transitions the system to sleep automatically when a user isn't present while plugged in.  | ✅ |  |  |  | 
+| [UnattendedSleepTimeoutPluggedIn](/windows/client-management/mdm/policy-csp-power#unattendedsleeptimeoutpluggedin) | Specify the period of inactivity before Windows transitions the system to sleep automatically when a user isn't present while plugged in.  | ✅ |  |  |  |
 
-## Privacy 
+## Privacy
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: | :---: | :---: | :---: |
 | [AllowAutoAcceptPairingAndPrivacyConsentPrompts](/windows/client-management/mdm/policy-configuration-service-provider#privacy-allowautoacceptpairingandprivacyconsentprompts) | Allow or disallow the automatic acceptance of the pairing and privacy user consent dialog boxes when launching apps. |  |   |  |  |
-| [AllowInputPersonalization](/windows/client-management/mdm/policy-configuration-service-provider#privacy-allowinputpersonalization) | Allow the use of cloud-based speech services for Cortana, dictation, or Store apps. | ✅ |   | ✅ |  | 
+| [AllowInputPersonalization](/windows/client-management/mdm/policy-configuration-service-provider#privacy-allowinputpersonalization) | Allow the use of cloud-based speech services for Cortana, dictation, or Store apps. | ✅ |   | ✅ |  |
 
 
-## Search 
+## Search
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
-| --- | --- | :---: | :---: | :---: | :---: | 
+| --- | --- | :---: | :---: | :---: | :---: |
 
 [AllowCloudSearch](/windows/client-management/mdm/policy-csp-search#search-allowcloudsearch) | Allow search and Cortana to search cloud sources like OneDrive and SharePoint. T   | ✅ |   |  |  |
 [AllowCortanaInAAD](/windows/client-management/mdm/policy-csp-search#search-allowcortanainaad) | This setting specifies whether the Cortana consent page can appear in the Azure Active Directory (AAD) device out-of-box-experience (OOBE) flow.    | ✅ |   |  |  |
@@ -411,11 +401,11 @@ To configure multiple URLs for **Blocked URL Exceptions** or **Blocked URLs** in
 | [DisableRemovableDriveIndexing](/windows/client-management/mdm/policy-configuration-service-provider#search-disableremovabledriveindexing) | Configure whether locations on removable drives can be added to libraries. | ✅ |   |  |  |
 | [PreventIndexingLowDiskSpaceMB](/windows/client-management/mdm/policy-configuration-service-provider#search-preventindexinglowdiskspacemb) | Prevent indexing from continuing after less than the specified amount of hard drive space is left on the same drive as the index location. | ✅ |   |  |  |
 | [PreventRemoteQueries](/windows/client-management/mdm/policy-configuration-service-provider#search-preventremotequeries) | If enabled, clients will be unable to query this device's index remotely. | ✅ |   |  |  |
-| [SafeSearchPermissions](/windows/client-management/mdm/policy-configuration-service-provider#search-safesearchpermissions) | Specify the level of safe search (filtering adult content) required. |  |   |  |  | 
+| [SafeSearchPermissions](/windows/client-management/mdm/policy-configuration-service-provider#search-safesearchpermissions) | Specify the level of safe search (filtering adult content) required. |  |   |  |  |
 
- 
 
-## Security 
+
+## Security
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: | :---: | :---: | :---: |
@@ -425,9 +415,9 @@ To configure multiple URLs for **Blocked URL Exceptions** or **Blocked URLs** in
 | [AntiTheftMode](/windows/client-management/mdm/policy-configuration-service-provider#security-antitheftmode) | Allow or disallow Anti Theft Mode on the device. |  |   |  |  |
 | [RequireDeviceEncryption](/windows/client-management/mdm/policy-configuration-service-provider#security-requiredeviceencryption) | Specify whether encryption is required. | ✅ |  ✅ | ✅ | ✅ |
 | [RequireProvisioningPackageSignature](/windows/client-management/mdm/policy-configuration-service-provider#security-requireprovisioningpackagesignature) | Specify whether provisioning packages must have a certificate signed by a device-trusted authority. | ✅ |  ✅ |  | ✅ |
-| [RequireRetrieveHealthCertificateOnBoot](/windows/client-management/mdm/policy-configuration-service-provider#security-requireretrievehealthcertificateonboot) | Specify whether to retrieve and post TCG Boot logs, and get or cache an encrypted or signed Health Attestation Report from the Microsoft Health Attestation Service when a device boots or reboots. | ✅ |   |  |  | 
+| [RequireRetrieveHealthCertificateOnBoot](/windows/client-management/mdm/policy-configuration-service-provider#security-requireretrievehealthcertificateonboot) | Specify whether to retrieve and post TCG Boot logs, and get or cache an encrypted or signed Health Attestation Report from the Microsoft Health Attestation Service when a device boots or reboots. | ✅ |   |  |  |
 
-## Settings 
+## Settings
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: |  :---: | :---: | :---: |
@@ -435,9 +425,9 @@ To configure multiple URLs for **Blocked URL Exceptions** or **Blocked URLs** in
 | [AllowDataSense](/windows/client-management/mdm/policy-configuration-service-provider#settings-allowdatasense) | Allow the user to change Data Sense settings. |  |   |  |  |
 | [AllowVPN](/windows/client-management/mdm/policy-configuration-service-provider#settings-allowvpn) | Allow the user to change VPN settings. |  |   | ✅ |  |
 | [ConfigureTaskbarCalendar](/windows/client-management/mdm/policy-configuration-service-provider#settings-configuretaskbarcalendar) | Configure the default setting for showing other calendars (besides the default calendar for the locale) in the taskbar clock and calendar flyout. | ✅ |   |  |  |
-[PageVisiblityList](/windows/client-management/mdm/policy-csp-settings#settings-pagevisibilitylist) | Allows IT admins to prevent specific pages in the System Settings app from being visible or accessible. Pages are identified by a shortened version of their already [published URIs](/windows/uwp/launch-resume/launch-settings-app#ms-settings-uri-scheme-reference), which is the URI minus the "ms-settings:" prefix. For example, if the URI for a settings page is "ms-settings:foo", the page identifier used in the policy will be just "foo". Multiple page identifiers are separated by semicolons.  | ✅ |   |  |  | 
+[PageVisiblityList](/windows/client-management/mdm/policy-csp-settings#settings-pagevisibilitylist) | Allows IT admins to prevent specific pages in the System Settings app from being visible or accessible. Pages are identified by a shortened version of their already [published URIs](/windows/uwp/launch-resume/launch-settings-app#ms-settings-uri-scheme-reference), which is the URI minus the "ms-settings:" prefix. For example, if the URI for a settings page is "ms-settings:foo", the page identifier used in the policy will be just "foo". Multiple page identifiers are separated by semicolons.  | ✅ |   |  |  |
 
-## Start 
+## Start
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: |  :---: | :---: | :---: |
@@ -447,11 +437,9 @@ To configure multiple URLs for **Blocked URL Exceptions** or **Blocked URLs** in
 | [AllowPinnedFolderHomeGroup](/windows/client-management/mdm/policy-csp-start#start-allowpinnedfolderhomegroup) | Control the visibility of the Home Group shortcut on the Start menu.  | ✅ |  |  |  |
 | [AllowPinnedFolderMusic](/windows/client-management/mdm/policy-csp-start#start-allowpinnedfoldermusic) | Control the visibility of the Music shortcut on the Start menu.  | ✅ |  |  |  |
 | [AllowPinnedFolderNetwork](/windows/client-management/mdm/policy-csp-start#start-allowpinnedfoldernetwork) | Control the visibility of the Network shortcut on the Start menu.  | ✅ |  |  |  |
-| [AllowPinnedFolderPersonalFolder](/windows/client-management/mdm/policy-csp-start#start-allowpinnedfolderpersonalfolder) | Control the visibility of the Personal Folder shortcut on the Start menu.  | ✅ |  |  |  |  
-
+| [AllowPinnedFolderPersonalFolder](/windows/client-management/mdm/policy-csp-start#start-allowpinnedfolderpersonalfolder) | Control the visibility of the Personal Folder shortcut on the Start menu.  | ✅ |  |  |  |
 | [AllowPinnedFolderPictures](/windows/client-management/mdm/policy-csp-start#start-allowpinnedfolderpictures) | Control the visibility of the Pictures shortcut on the Start menu.  | ✅ |  |  |  |
-| [AllowPinnedFolderSettings](/windows/client-management/mdm/policy-csp-start#start-allowpinnedfoldersettings) | Control the visibility of the Settings shortcut on the Start menu.  | ✅ |  |  |  |  
-
+| [AllowPinnedFolderSettings](/windows/client-management/mdm/policy-csp-start#start-allowpinnedfoldersettings) | Control the visibility of the Settings shortcut on the Start menu.  | ✅ |  |  |  |
 | [AllowPinnedFolderVideos](/windows/client-management/mdm/policy-csp-start#start-allowpinnedfoldervideos)  |Control the visibility of the Videos shortcut on the Start menu.   | ✅ |  |  |  |
 | DisableContextMenus | Prevent context menus from being invoked in the Start menu.  | ✅ |  |  |  |
 | [ForceStartSize](/windows/client-management/mdm/policy-configuration-service-provider#start-forcestartsize) | Force the size of the Start screen. | ✅ |  |  |  |
@@ -472,13 +460,12 @@ To configure multiple URLs for **Blocked URL Exceptions** or **Blocked URLs** in
 | [HideUserTile](/windows/client-management/mdm/policy-configuration-service-provider#start-hideusertile)  |  Hide the user tile. | ✅ |  |   |  |
 | [ImportEdgeAssets](/windows/client-management/mdm/policy-configuration-service-provider#start-importedgeassets) | Import Edge assets for secondary tiles. For more information, see [Add image for secondary Microsoft Edge tiles](../start-secondary-tiles.md).  | ✅ |  |  |  |
 | [NoPinningToTaskbar](/windows/client-management/mdm/policy-configuration-service-provider#start-nopinningtotaskbar) | Prevent users from pinning and unpinning apps on the taskbar. | ✅ |  |  |  |
-| [StartLayout](/windows/client-management/mdm/policy-configuration-service-provider#start-startlayout) | Apply a custom Start layout. For more information, see [Customize Windows 10 Start and taskbar with provisioning packages](../customize-windows-10-start-screens-by-using-provisioning-packages-and-icd.md) | ✅ |  |  |  | 
+| [StartLayout](/windows/client-management/mdm/policy-configuration-service-provider#start-startlayout) | Apply a custom Start layout. For more information, see [Customize Windows 10 Start and taskbar with provisioning packages](../customize-windows-10-start-screens-by-using-provisioning-packages-and-icd.md) | ✅ |  |  |  |
 
-## System 
+## System
 
 | Setting | Description | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | --- | :---: | :---: | :---: | :---: | 
-
+| --- | --- | :---: | :---: | :---: | :---: |
 | [AllowBuildPreview](/windows/client-management/mdm/policy-configuration-service-provider#system-allowbuildpreview) | Specify whether users can access the Insider build controls in the **Advanced Options** for Windows Update. | ✅ |  |  |  |
 | [AllowEmbeddedMode](/windows/client-management/mdm/policy-configuration-service-provider#system-allowembeddedmode) | Specify whether to set general purpose device to be in embedded mode. | ✅ |  ✅ |  | ✅ |
 | [AllowExperimentation](/windows/client-management/mdm/policy-configuration-service-provider#system-allowexperimentation) | Determine the level that Microsoft can experiment with the product to study user preferences or device behavior. | ✅ |  |  | |
@@ -491,10 +478,10 @@ ConfigureTelemetryOptInSettingsUx | This policy setting determines whether peopl
 | DisableDeviceDelete | Specify whether the delete diagnostic data is enabled in the Diagnostic & Feedback Settings page. | ✅ |  |  |  |
 | DisableDataDiagnosticViewer | Configure whether users can enable and launch the Diagnostic Data Viewer from the Diagnostic & Feedback Settings page. | ✅ |  |  |  |
 | [DisableOneDriveFileSync](/windows/client-management/mdm/policy-configuration-service-provider#system-disableonedrivefilesync) | Prevent apps and features from working with files on OneDrive. | ✅ | |  |  |
-| [LimitEnhancedDiagnosticDataWindowsAnalytics](/windows/client-management/mdm/policy-csp-system#system-limitenhanceddiagnosticdatawindowsanalytics) | This policy setting, in combination with the System/AllowTelemetry policy setting, enables organizations to send Microsoft a specific set of diagnostic data for IT insights via Windows Analytics services. To enable this behavior you must enable this policy setting, and set Allow Telemetry to level 2 (Enhanced). When you configure these policy settings, a basic level of diagnostic data plus other events that are required for Windows Analytics are sent to Microsoft. These events are documented in [Windows 10, version 1703 basic level Windows diagnostic events and fields](/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields). Enabling enhanced diagnostic data in the System/AllowTelemetry policy in combination with not configuring this policy will also send the required events for Windows Analytics, plus other enhanced level diagnostic data. This setting has no effect on computers configured to send full, basic or security level diagnostic data to Microsoft. If you disable or don't configure this policy setting, then the level of diagnostic data sent to Microsoft is determined by the System/AllowTelemetry policy.  | ✅ |  |  |  | 
+| [LimitEnhancedDiagnosticDataWindowsAnalytics](/windows/client-management/mdm/policy-csp-system#system-limitenhanceddiagnosticdatawindowsanalytics) | This policy setting, in combination with the System/AllowTelemetry policy setting, enables organizations to send Microsoft a specific set of diagnostic data for IT insights via Windows Analytics services. To enable this behavior you must enable this policy setting, and set Allow Telemetry to level 2 (Enhanced). When you configure these policy settings, a basic level of diagnostic data plus other events that are required for Windows Analytics are sent to Microsoft. These events are documented in [Windows 10, version 1703 basic level Windows diagnostic events and fields](/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields). Enabling enhanced diagnostic data in the System/AllowTelemetry policy in combination with not configuring this policy will also send the required events for Windows Analytics, plus other enhanced level diagnostic data. This setting has no effect on computers configured to send full, basic or security level diagnostic data to Microsoft. If you disable or don't configure this policy setting, then the level of diagnostic data sent to Microsoft is determined by the System/AllowTelemetry policy.  | ✅ |  |  |  |
 
 
-## TextInput 
+## TextInput
 
 | Setting | Description | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: |  :---: | :---: | :---: |
@@ -507,22 +494,20 @@ ConfigureTelemetryOptInSettingsUx | This policy setting determines whether peopl
 | [AllowJapaneseUserDictionary](/windows/client-management/mdm/policy-configuration-service-provider#textinput-allowjapaneseuserdictionary) | Allow the Japanese user dictionary. | ✅ |  |  |  |
 | [AllowKeyboardTextSuggestions](/windows/client-management/mdm/policy-configuration-service-provider#textinput-allowkeyboardtextsuggestions) | Specify whether text prediction is enabled or disabled for the on-screen keyboard, touch keyboard, and handwriting recognition tool. | ✅ |  |  |  |
 | [AllowLanguageFeaturesUninstall](/windows/client-management/mdm/policy-configuration-service-provider#textinput-allowlanguagefeaturesuninstall) | All language features to be uninstalled. | ✅ |  |  |  |
-| AllowUserInputsFromMiracastRecevier | Don't use. Instead, use [WirelessDisplay](#wirelessdisplay)/[AllowUserInputFromWirelessDisplayReceiver](/windows/client-management/mdm/policy-configuration-service-provider#wirelessdisplay-allowuserinputfromwirelessdisplayreceiver)  |  |  |  |  |  
-
+| AllowUserInputsFromMiracastRecevier | Don't use. Instead, use [WirelessDisplay](#wirelessdisplay)/[AllowUserInputFromWirelessDisplayReceiver](/windows/client-management/mdm/policy-configuration-service-provider#wirelessdisplay-allowuserinputfromwirelessdisplayreceiver)  |  |  |  |  |
 | [ExcludeJapaneseIMEExceptISO208](/windows/client-management/mdm/policy-configuration-service-provider#textinput-excludejapaneseimeexceptjis0208) | Allow users to restrict character code range of conversion by setting the character filter.  | ✅ |  |  |  |
 | [ExcludeJapaneseIMEExceptISO208andEUDC](/windows/client-management/mdm/policy-configuration-service-provider#textinput-excludejapaneseimeexceptjis0208andeudc) | Allow users to restrict character code range of conversion by setting the character filter.  | ✅ |  |  |  |
-| [ExcludeJapaneseIMEExceptShiftJIS](/windows/client-management/mdm/policy-configuration-service-provider#textinput-excludejapaneseimeexceptshiftjis) | Allow users to restrict character code range of conversion by setting the character filter. | ✅ |  |  |  | 
+| [ExcludeJapaneseIMEExceptShiftJIS](/windows/client-management/mdm/policy-configuration-service-provider#textinput-excludejapaneseimeexceptshiftjis) | Allow users to restrict character code range of conversion by setting the character filter. | ✅ |  |  |  |
 
 
-## TimeLanguageSettings 
+## TimeLanguageSettings
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
-| --- | --- | :---: | :---: | :---: | :---: | 
-
-| [AllowSet24HourClock](/windows/client-management/mdm/policy-configuration-service-provider#timelanguagesettings-allowset24hourclock) | Configure the default clock setting to be the 24 hour format. |  |  |  |  | 
+| --- | --- | :---: | :---: | :---: | :---: |
+| [AllowSet24HourClock](/windows/client-management/mdm/policy-configuration-service-provider#timelanguagesettings-allowset24hourclock) | Configure the default clock setting to be the 24 hour format. |  |  |  |  |
 
 
-## Update 
+## Update
 
 | Setting | Description | Windows client | Surface Hub | HoloLens | IoT Core |
 |---------|-------------|:--------------:|:-----------:|:--------:|:--------:|
@@ -571,9 +556,9 @@ ConfigureTelemetryOptInSettingsUx | This policy setting determines whether peopl
 | [SetEDURestart](/windows/client-management/mdm/policy-configuration-service-provider#update-setedurestart) | Skip the check for battery level to ensure that the reboot will happen at ScheduledInstallTime. | ✅ | ✅ | | ✅ |
 | UpdateNotificationLevel | Specify whether to enable or disable Windows Update notifications, including restart warnings. | ✅ | ✅ | | ✅ |
 | [UpdateServiceUrl](/windows/client-management/mdm/policy-configuration-service-provider#update-updateserviceurl) | Configure the device to check for updates from a WSUS server instead of Microsoft Update. | ✅ | ✅ | ✅ | ✅ |
-| [UpdateServiceUrlAlternate](/windows/client-management/mdm/policy-configuration-service-provider#update-updateserviceurlalternate) | Specify an alternate intranet server to host updates from Microsoft Update. | ✅ | ✅ | ✅ | ✅ | 
+| [UpdateServiceUrlAlternate](/windows/client-management/mdm/policy-configuration-service-provider#update-updateserviceurlalternate) | Specify an alternate intranet server to host updates from Microsoft Update. | ✅ | ✅ | ✅ | ✅ |
 
-## WiFi 
+## WiFi
 
 | Setting | Description | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: | :---: | :---: | :---: |
@@ -581,25 +566,24 @@ ConfigureTelemetryOptInSettingsUx | This policy setting determines whether peopl
 | [AllowInternetSharing](/windows/client-management/mdm/policy-configuration-service-provider#wifi-allowinternetsharing) | Allow Internet sharing. | ✅ |   |  |  |
 | [AllowManualWiFiConfiguration](/windows/client-management/mdm/policy-configuration-service-provider#wifi-allowmanualwificonfiguration) | Allow connecting to Wi-Fi outside of MDM server-installed networks. |  |   |  |  |
 | [AllowWiFi](/windows/client-management/mdm/policy-configuration-service-provider#wifi-allowwifi) | Allow Wi-Fi connections. |  |   |  |  |
-| [WLANScanMode](/windows/client-management/mdm/policy-configuration-service-provider#wifi-wlanscanmode) | Configure the WLAN scanning behavior and how aggressively devices should be actively scanning for Wi-Fi networks to get devices connected. | ✅ | ✅ |  | ✅ | 
+| [WLANScanMode](/windows/client-management/mdm/policy-configuration-service-provider#wifi-wlanscanmode) | Configure the WLAN scanning behavior and how aggressively devices should be actively scanning for Wi-Fi networks to get devices connected. | ✅ | ✅ |  | ✅ |
 
-## WindowsInkWorkspace 
+## WindowsInkWorkspace
 
 | Setting | Description | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: | :---: | :---: | :---: |
 | [AllowSuggestedAppsInWindowsInkWorkspace](/windows/client-management/mdm/policy-configuration-service-provider#windowsinkworkspace-allowsuggestedappsinwindowsinkworkspace) | Show recommended app suggestions in the ink workspace. | ✅ |  |  |  |
-| [AllowWindowsInkWorkspace](/windows/client-management/mdm/policy-configuration-service-provider#windowsinkworkspace-allowwindowsinkworkspace) | Specify whether to allow the user to access the ink workspace. | ✅ |  |  |  | 
+| [AllowWindowsInkWorkspace](/windows/client-management/mdm/policy-configuration-service-provider#windowsinkworkspace-allowwindowsinkworkspace) | Specify whether to allow the user to access the ink workspace. | ✅ |  |  |  |
 
 
-## WindowsLogon 
+## WindowsLogon
 
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
-| --- | --- | :---: | :---: | :---: | :---: | 
+| --- | --- | :---: | :---: | :---: | :---: |
+| [HideFastUserSwitching](/windows/client-management/mdm/policy-configuration-service-provider#windowslogon-hidefastuserswitching) | Hide the **Switch account** button on the sign-in screen, Start, and the Task Manager. | ✅ |  |  |  |
 
-| [HideFastUserSwitching](/windows/client-management/mdm/policy-configuration-service-provider#windowslogon-hidefastuserswitching) | Hide the **Switch account** button on the sign-in screen, Start, and the Task Manager. | ✅ |  |  |  | 
-
-## WirelessDisplay 
+## WirelessDisplay
 
 | Setting | Description | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: |  :---: | :---: | :---: |
diff --git a/windows/configuration/wcd/wcd-privacy.md b/windows/configuration/wcd/wcd-privacy.md
index 66ea7c7c6d..ca74f470f4 100644
--- a/windows/configuration/wcd/wcd-privacy.md
+++ b/windows/configuration/wcd/wcd-privacy.md
@@ -1,26 +1,26 @@
 ---
 title: Privacy
-description: This section describes the Privacy settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the Privacy settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
 ms.date: 12/31/2017
---- 
+---
 
-# Privacy (Windows Configuration Designer reference) 
+# Privacy (Windows Configuration Designer reference)
 
-Use **Privacy** to configure settings for app activation with voice. 
+Use **Privacy** to configure settings for app activation with voice.
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client |  Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| All settings | ✅  |  ✅ |  | ✅ | 
+| All settings | ✅  |  ✅ |  | ✅ |
 
-## LetAppsActivateWithVoice 
-
-Select between **User is in control**, **Force allow**, or **Force deny**. 
-
-## LetAppsActivateWithVoiceAboveLock 
+## LetAppsActivateWithVoice
+
+Select between **User is in control**, **Force allow**, or **Force deny**.
+
+## LetAppsActivateWithVoiceAboveLock
 
 Select between **User is in control**, **Force allow**, or **Force deny**.
diff --git a/windows/configuration/wcd/wcd-provisioningcommands.md b/windows/configuration/wcd/wcd-provisioningcommands.md
index c83f27b220..6fc53122f4 100644
--- a/windows/configuration/wcd/wcd-provisioningcommands.md
+++ b/windows/configuration/wcd/wcd-provisioningcommands.md
@@ -1,26 +1,25 @@
 ---
 title: ProvisioningCommands
-description: This section describes the ProvisioningCommands settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the ProvisioningCommands settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 09/06/2017 
+ms.date: 09/06/2017
 
---- 
+---
 
-# ProvisioningCommands (Windows Configuration Designer reference) 
+# ProvisioningCommands (Windows Configuration Designer reference)
 
-Use ProvisioningCommands settings to install Windows desktop applications using a provisioning package.  
+Use ProvisioningCommands settings to install Windows desktop applications using a provisioning package.
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | :---: | :---: | :---: | :---: | 
+| --- | :---: | :---: | :---: | :---: |
+| All settings | ✅  |  |  |  |
+
+For instructions on adding apps to provisioning packages, see [Provision PCs with apps](../provisioning-packages/provision-pcs-with-apps.md).
+
 
-| All settings | ✅  |  |  |  |   
-
-For instructions on adding apps to provisioning packages, see [Provision PCs with apps](../provisioning-packages/provision-pcs-with-apps.md). 
-
- 
 
 
diff --git a/windows/configuration/wcd/wcd-sharedpc.md b/windows/configuration/wcd/wcd-sharedpc.md
index 1124b2ef72..58f8edb0cc 100644
--- a/windows/configuration/wcd/wcd-sharedpc.md
+++ b/windows/configuration/wcd/wcd-sharedpc.md
@@ -1,27 +1,27 @@
 ---
 title: SharedPC
-description: This section describes the SharedPC settings that you can configure in provisioning packages for Windows using Windows Configuration Designer. 
+description: This section describes the SharedPC settings that you can configure in provisioning packages for Windows using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 10/16/2017 
+ms.date: 10/16/2017
 
---- 
+---
 
-# SharedPC (Windows Configuration Designer reference) 
+# SharedPC (Windows Configuration Designer reference)
 
-Use SharedPC settings to optimize Windows devices for shared use scenarios, such as touchdown spaces in an enterprise and temporary customer use in retail. 
+Use SharedPC settings to optimize Windows devices for shared use scenarios, such as touchdown spaces in an enterprise and temporary customer use in retail.
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | :---: | :---: | :---: | :---: | 
+| --- | :---: | :---: | :---: | :---: |
 
-| All settings | ✅  |  |  |  | 
+| All settings | ✅  |  |  |  |
 
-## AccountManagement 
+## AccountManagement
 
-Use these settings to configure settings for accounts allowed on the shared PC. 
+Use these settings to configure settings for accounts allowed on the shared PC.
 
 | Setting | Value | Description |
 | --- | --- | --- |
@@ -32,20 +32,20 @@ Use these settings to configure settings for accounts allowed on the shared PC.
 | EnableAccountManager  | True or false  | Set as **True** to enable automatic account management. When set to **False**, no automatic account management will be done.  |
 | InactiveThreshold  | Number  | If you set **DeletionPolicy** to **Delete at disk space threshold and inactive threshold**, set the number of days after which an account that hasn't signed in will be deleted.  |
 | KioskModeAUMID  | String  | Set an Application User Model ID (AUMID) to enable the kiosk account on the sign in screen. A new account will be created and will use assigned access to only run the app specified by the AUMID. The app must be installed on the PC. Set the name of the account using **KioskModeUserTileDisplayText**, or a default name will be used. [Find the Application User Model ID of an installed app](/previous-versions/windows/embedded/dn449300(v=winembedded.82))  |
-| KioskModeUserTileDisplayText  | String  | Sets the display text on the kiosk account if **KioskModeAUMID** has been set.  | 
+| KioskModeUserTileDisplayText  | String  | Sets the display text on the kiosk account if **KioskModeAUMID** has been set.  |
 
-## EnableSharedPCMode 
+## EnableSharedPCMode
 
-Set as **True** to enable **Shared PC Mode**. This setting controls this API: [IsEnabled](/uwp/api/windows.system.profile.sharedmodesettings). 
+Set as **True** to enable **Shared PC Mode**. This setting controls this API: [IsEnabled](/uwp/api/windows.system.profile.sharedmodesettings).
 
-## EnableSharedPCModeWithOneDriveSync 
+## EnableSharedPCModeWithOneDriveSync
 
-Set as **True** to enable **Shared PC Mode**. This setting controls this API: [IsEnabled](/uwp/api/windows.system.profile.sharedmodesettings). 
+Set as **True** to enable **Shared PC Mode**. This setting controls this API: [IsEnabled](/uwp/api/windows.system.profile.sharedmodesettings).
 
 
-## PolicyCustomization 
+## PolicyCustomization
 
-Use these settings to configure additional Shared PC policies. 
+Use these settings to configure additional Shared PC policies.
 
 | Setting | Value | Description |
 | --- | --- | --- |
@@ -55,8 +55,8 @@ Use these settings to configure additional Shared PC policies.
 | SetEduPolicies  | True or false  | Set to **True** for PCs that will be used in a school. For more information, see [Windows 10 configuration recommendations for education customers](/education/windows/configure-windows-for-education). This setting controls this API: [IsEducationEnvironment](/uwp/api/windows.system.profile.educationsettings)  |
 | SetPowerPolicies  | True or false  | When set as **True**:</br></br>- Prevents users from changing power settings</br>- Turns off hibernate</br>- Overrides all power state transitions to sleep, such as a lid close.  |
 | SignInOnResume  | True or false  | This setting specifies if the user is required to sign in with a password when the PC wakes from sleep.  |
-| SleepTimeout  | Number  | Specifies all timeouts for when the PC should sleep. Enter the amount of idle time in seconds. If you don't set sleep timeout, the default of 1 hour applies.  | 
+| SleepTimeout  | Number  | Specifies all timeouts for when the PC should sleep. Enter the amount of idle time in seconds. If you don't set sleep timeout, the default of 1 hour applies.  |
 
-## Related articles 
+## Related articles
 
 - [Set up shared or guest PC](../set-up-shared-or-guest-pc.md)
diff --git a/windows/configuration/wcd/wcd-smisettings.md b/windows/configuration/wcd/wcd-smisettings.md
index fb93c725da..9264ee0f45 100644
--- a/windows/configuration/wcd/wcd-smisettings.md
+++ b/windows/configuration/wcd/wcd-smisettings.md
@@ -1,27 +1,26 @@
 ---
 title: SMISettings
-description: This section describes the SMISettings settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the SMISettings settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 03/30/2018 
+ms.date: 03/30/2018
 
---- 
+---
 
-# SMISettings (Windows Configuration Designer reference) 
+# SMISettings (Windows Configuration Designer reference)
 
-Use SMISettings settings to customize the device with custom shell, suppress Windows UI during boot and sign-in, and block or allow specific keys. 
+Use SMISettings settings to customize the device with custom shell, suppress Windows UI during boot and sign-in, and block or allow specific keys.
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | :---: | :---: | :---: | :---: | 
+| --- | :---: | :---: | :---: | :---: |
+| All settings | ✅  |  |  |  |
 
-| All settings | ✅  |  |  |  | 
+## All settings in SMISettings
 
-## All settings in SMISettings 
-
-The following table describes the settings in SMISettings. Some settings have more details in sections after the table. 
+The following table describes the settings in SMISettings. Some settings have more details in sections after the table.
 
 | Setting | Value | Description |
 | --- | --- | --- |
@@ -39,13 +38,13 @@ The following table describes the settings in SMISettings. Some settings have mo
 | KeyboardFilter | See [KeyboardFilter settings](#keyboardfilter-settings) | Use these settings to configure devices to suppress key presses or key combinations. |
 | NoLockScreen | True or false | Disables the lock screen functionality and UI elements  |
 | ShellLauncher | See [ShellLauncher settings](#shelllauncher-settings) | Settings used to specify the application or executable to use as the default custom shell. |
-| UIVerbosityLevel | Suppress or don't suppress | Disables the Windows status messages during device startup, sign-in, and shut down. | 
+| UIVerbosityLevel | Suppress or don't suppress | Disables the Windows status messages during device startup, sign-in, and shut down. |
 
-## BrandingNeutral values 
+## BrandingNeutral values
 
-The following table shows the possible values. You can combine these values using bitwise exclusive-OR logic to disable multiple Welcome screen UI elements. 
+The following table shows the possible values. You can combine these values using bitwise exclusive-OR logic to disable multiple Welcome screen UI elements.
 
-The default value is **17**, which disables all Welcome screen UI elements and the Switch user button. 
+The default value is **17**, which disables all Welcome screen UI elements and the Switch user button.
 
 | Value | Description |
 | --- | --- |
@@ -55,15 +54,15 @@ The default value is **17**, which disables all Welcome screen UI elements and t
 | 8 | Disables the Ease of access button |
 | 16 | Disables the Switch user button |
 | 32 | Disables the blocked shutdown resolver (BSDR) screen. Restarting or shutting down the system causes the OS to immediately force close any applications that are blocking the system shutdown. No UI is displayed, and users aren't given a chance to cancel the shutdown process. This value can result in a loss of data if any open applications have unsaved data. |
- 
 
-## CrashDumpEnabled values 
 
-If the system stops unexpectedly, choose the type of information to capture in a dump (.dmp) file. 
+## CrashDumpEnabled values
 
-The .dmp file is typically saved in %SystemRoot% as Memory.dmp. 
+If the system stops unexpectedly, choose the type of information to capture in a dump (.dmp) file.
 
-Set CrashDumpEnabled to one of the following values: 
+The .dmp file is typically saved in %SystemRoot% as Memory.dmp.
+
+Set CrashDumpEnabled to one of the following values:
 
 | Value | Description |
 | --- | --- |
@@ -73,13 +72,13 @@ Set CrashDumpEnabled to one of the following values:
 | 4 | Records the smallest amount of useful information. This value produces the same results as entering a value of 3. |
 | 7 | Records only the kernel memory. This value produces the same results as entering a value of 2. This is the default value. |
 | Any other value | Disables crash dump and doesn't record anything. |
- 
 
-## KeyboardFilter settings 
 
-Use these settings to suppress undesirable key presses or key combinations. KeyboardFilter works with physical keyboards, the Windows on-screen keyboard, and the touch keyboard. 
+## KeyboardFilter settings
 
-When you **enable** KeyboardFilter, many other settings become available for configuration. 
+Use these settings to suppress undesirable key presses or key combinations. KeyboardFilter works with physical keyboards, the Windows on-screen keyboard, and the touch keyboard.
+
+When you **enable** KeyboardFilter, many other settings become available for configuration.
 
 | Setting | Value | Description |
 | --- | --- | --- |
@@ -87,25 +86,25 @@ When you **enable** KeyboardFilter, many other settings become available for con
 | CustomScancodeFilters  | Allow or block | Blocks the list of custom scan codes. When a key is pressed on a physical keyboard, the keyboard sends a scan code to the keyboard driver. The driver then sends the scan code to the OS and the OS converts the scan code into a virtual key based on the current active layout.</br></br>Enter a custom scan code in **CustomScancodeFilter**, and then select it to allow or block it. For more information, see [WEKF_Scancode](/windows-hardware/customize/enterprise/wekf-scancode). |
 | DisableKeyboardFilterForAdministrators  | True or false | Disables the keyboard filter for administrators. |
 | ForceOffAccessibility  | True or false | Disables all Ease of Access features and prevents users from enabling them.  |
-| PredefinedKeyFilters  | Allow or block | Specifies the list of predefined keys. For each key, the value will default to **Allow**. Specifying **Block** will suppress the key combination.  | 
+| PredefinedKeyFilters  | Allow or block | Specifies the list of predefined keys. For each key, the value will default to **Allow**. Specifying **Block** will suppress the key combination.  |
 
-[Learn more about using keyboard filters.](/windows-hardware/customize/enterprise/keyboardfilter) 
+[Learn more about using keyboard filters.](/windows-hardware/customize/enterprise/keyboardfilter)
 
-## ShellLauncher settings 
+## ShellLauncher settings
 
-Use ShellLauncher to specify the application or executable to use as the default custom shell. One use of ShellLauncher is to [create a kiosk (fixed-purpose) device running a Windows desktop application](/windows/configuration/set-up-a-kiosk-for-windows-10-for-desktop-editions#shell-launcher-for-classic-windows-applications). 
+Use ShellLauncher to specify the application or executable to use as the default custom shell. One use of ShellLauncher is to [create a kiosk (fixed-purpose) device running a Windows desktop application](/windows/configuration/set-up-a-kiosk-for-windows-10-for-desktop-editions#shell-launcher-for-classic-windows-applications).
 
 >[!WARNING]
->Windows 10 doesn’t support setting a custom shell prior to OOBE. If you do, you won’t be able to deploy the resulting image. 
+>Windows 10 doesn't support setting a custom shell prior to OOBE. If you do, you won't be able to deploy the resulting image.
 
-You can also configure ShellLauncher to launch different shell applications for different users or user groups. 
+You can also configure ShellLauncher to launch different shell applications for different users or user groups.
 
 >[!IMPORTANT]
 >You may specify any executable file to be the default shell except C:\Windows\System32\Eshell.exe. Using Eshell.exe as the default shell will result in a blank screen after a user signs in.
 >
->You cannot use ShellLauncher to launch a Windows app as a custom shell. However, you can use Windows 10 application launcher to launch a Windows app at startup. 
+>You cannot use ShellLauncher to launch a Windows app as a custom shell. However, you can use Windows 10 application launcher to launch a Windows app at startup.
 
-ShellLauncher processes the Run and RunOnce registry keys before starting the custom shell. So, your custom shell doesn't need to handle the automatic startup of other applications or services. ShellLauncher also handles the behavior of the system when your custom shell exits. You can configure the shell exit behavior if the default behavior doesn't meet your needs. 
+ShellLauncher processes the Run and RunOnce registry keys before starting the custom shell. So, your custom shell doesn't need to handle the automatic startup of other applications or services. ShellLauncher also handles the behavior of the system when your custom shell exits. You can configure the shell exit behavior if the default behavior doesn't meet your needs.
 
 >[!IMPORTANT]
 >A custom shell is launched with the same level of user rights as the account that is signed in. This means that a user with administrator rights can perform any system action that requires administrator rights, including launching other applications with administrator rights, while a user without administrator rights cannot. If your shell application requires administrator rights and needs to be elevated, and User Account Control (UAC) is present on your device, you must disable UAC in order for ShellLauncher to launch the shell application.
diff --git a/windows/configuration/wcd/wcd-start.md b/windows/configuration/wcd/wcd-start.md
index 662dafb26b..776e808769 100644
--- a/windows/configuration/wcd/wcd-start.md
+++ b/windows/configuration/wcd/wcd-start.md
@@ -1,28 +1,27 @@
 ---
 title: Start
-description: This section describes the Start settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the Start settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 09/06/2017 
+ms.date: 09/06/2017
 
---- 
+---
 
-# Start (Windows Configuration Designer reference) 
+# Start (Windows Configuration Designer reference)
 
-Use Start settings to apply a customized Start screen to devices. 
+Use Start settings to apply a customized Start screen to devices.
 
-## Applies to 
+## Applies to
 
-| Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | :---: | :---: | :---: | :---: | 
-
-| StartLayout | ✅  | |  |  | 
+| Setting | Windows client | Surface Hub | HoloLens | IoT Core |
+|--|:-:|:-:|:-:|:-:|
+| StartLayout | ✅ |  |  |  |
 
 >[!IMPORTANT]
->The StartLayout setting is available in the advanced provisioning for Windows 10, but shouldn't be used. For Windows client, use [Policies > StartLayout](wcd-policies.md#start). 
+>The StartLayout setting is available in the advanced provisioning for Windows 10, but shouldn't be used. For Windows client, use [Policies > StartLayout](wcd-policies.md#start).
 
-## StartLayout 
+## StartLayout
 
-Use StartLayout to select the `LayoutModification.xml` file that applies a customized Start screen. 
+Use StartLayout to select the `LayoutModification.xml` file that applies a customized Start screen.
 
diff --git a/windows/configuration/wcd/wcd-startupapp.md b/windows/configuration/wcd/wcd-startupapp.md
index 644be56d3a..7e7a0e1e7a 100644
--- a/windows/configuration/wcd/wcd-startupapp.md
+++ b/windows/configuration/wcd/wcd-startupapp.md
@@ -1,22 +1,21 @@
 ---
 title: StartupApp
-description: This section describes the StartupApp settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the StartupApp settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 09/06/2017 
+ms.date: 09/06/2017
 
---- 
+---
 
-# StartupApp (Windows Configuration Designer reference) 
+# StartupApp (Windows Configuration Designer reference)
 
-Use StartupApp settings to configure the default app that will run on start for Windows 10 IoT Core (IoT Core) devices. 
+Use StartupApp settings to configure the default app that will run on start for Windows 10 IoT Core (IoT Core) devices.
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | :---: | :---: | :---: | :---: | 
-
-| Default |  |  |  |  ✅ | 
+| --- | :---: | :---: | :---: | :---: |
+| Default |  |  |  |  ✅ |
 
 Enter the [Application User Model ID (AUMID)](/windows-hardware/customize/enterprise/find-the-application-user-model-id-of-an-installed-app) for the default app.
diff --git a/windows/configuration/wcd/wcd-startupbackgroundtasks.md b/windows/configuration/wcd/wcd-startupbackgroundtasks.md
index 4a4a4cf444..860f909420 100644
--- a/windows/configuration/wcd/wcd-startupbackgroundtasks.md
+++ b/windows/configuration/wcd/wcd-startupbackgroundtasks.md
@@ -1,20 +1,20 @@
 ---
 title: StartupBackgroundTasks
-description: This section describes the StartupBackgroundTasks settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the StartupBackgroundTasks settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 09/06/2017 
+ms.date: 09/06/2017
 
---- 
+---
 
-# StartupBackgroundTasks (Windows Configuration Designer reference) 
+# StartupBackgroundTasks (Windows Configuration Designer reference)
 
-Documentation not available at this time. 
+Documentation not available at this time.
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| All settings |  |  |  |  ✅ | 
+| All settings |  |  |  |  ✅ |
 
diff --git a/windows/configuration/wcd/wcd-storaged3inmodernstandby.md b/windows/configuration/wcd/wcd-storaged3inmodernstandby.md
index e7193fcfa8..2c9ee4bc2e 100644
--- a/windows/configuration/wcd/wcd-storaged3inmodernstandby.md
+++ b/windows/configuration/wcd/wcd-storaged3inmodernstandby.md
@@ -1,24 +1,24 @@
 ---
 title: StorageD3InModernStandby
-description: This section describes the StorageD3InModernStandby settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the StorageD3InModernStandby settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
 ms.date: 12/31/2017
---- 
+---
 
-# StorageD3InModernStandby (Windows Configuration Designer reference) 
+# StorageD3InModernStandby (Windows Configuration Designer reference)
 
-Use **StorageD3InModernStandby** to enable or disable low-power state (D3) during standby. When set to **Enable Storage Device D3**, SATA and NVMe devices can enter the D3 state when: 
+Use **StorageD3InModernStandby** to enable or disable low-power state (D3) during standby. When set to **Enable Storage Device D3**, SATA and NVMe devices can enter the D3 state when:
 
 - The system transits to modern standby state.
-- If they're using a Microsoft inbox driver such as StorAHCI, StorNVMe 
+- If they're using a Microsoft inbox driver such as StorAHCI, StorNVMe
 
-[Learn more about device power states.](/windows-hardware/drivers/kernel/device-power-states) 
+[Learn more about device power states.](/windows-hardware/drivers/kernel/device-power-states)
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | :---: | :---: | :---: | :---: | 
+| --- | :---: | :---: | :---: | :---: |
 
 | All settings | ✅  | ✅ |  | ✅ |
diff --git a/windows/configuration/wcd/wcd-surfacehubmanagement.md b/windows/configuration/wcd/wcd-surfacehubmanagement.md
index d1712c3714..88350a4e57 100644
--- a/windows/configuration/wcd/wcd-surfacehubmanagement.md
+++ b/windows/configuration/wcd/wcd-surfacehubmanagement.md
@@ -1,34 +1,33 @@
 ---
 title: SurfaceHubManagement
-description: This section describes the SurfaceHubManagement settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the SurfaceHubManagement settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 09/06/2017 
+ms.date: 09/06/2017
 
---- 
+---
 
-# SurfaceHubManagement (Windows Configuration Designer reference) 
+# SurfaceHubManagement (Windows Configuration Designer reference)
 
-Use SurfaceHubManagement settings to set the administrator group that will manage a Surface Hub that is joined to the domain. 
+Use SurfaceHubManagement settings to set the administrator group that will manage a Surface Hub that is joined to the domain.
 
 >[!IMPORTANT]
->These settings should be used only in provisioning packages that are applied during OOBE. 
+>These settings should be used only in provisioning packages that are applied during OOBE.
 
- 
 
-## Applies to 
+
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | :---: | :---: | :---: | :---: | 
-
-| All settings |   | ✅ |  |   | 
+| --- | :---: | :---: | :---: | :---: |
+| All settings |   | ✅ |  |   |
 
 
-## GroupName 
+## GroupName
 
-Enter the group name for the administrators' group in Active Directory. 
+Enter the group name for the administrators' group in Active Directory.
 
-## GroupSid 
+## GroupSid
 
 Enter the SID or the administrators' group in Active Directory.
diff --git a/windows/configuration/wcd/wcd-takeatest.md b/windows/configuration/wcd/wcd-takeatest.md
index 8003a9c58b..705af5ef83 100644
--- a/windows/configuration/wcd/wcd-takeatest.md
+++ b/windows/configuration/wcd/wcd-takeatest.md
@@ -1,45 +1,45 @@
 ---
 title: TakeATest
-description: This section describes the TakeATest settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the TakeATest settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
-ms.date: 09/06/2017 
+ms.date: 09/06/2017
 
---- 
+---
 
-# TakeATest (Windows Configuration Designer reference) 
+# TakeATest (Windows Configuration Designer reference)
 
-Use TakeATest to configure the Take A Test app, a secure browser for test-taking. Many schools use online testing for formative and summative assessments. It's critical that students use a secure browser that prevents them from using other computer or Internet resources during the test. For more information, see [Take tests in Windows 10](/education/windows/take-tests-in-windows-10). 
+Use TakeATest to configure the Take A Test app, a secure browser for test-taking. Many schools use online testing for formative and summative assessments. It's critical that students use a secure browser that prevents them from using other computer or Internet resources during the test. For more information, see [Take tests in Windows 10](/education/windows/take-tests-in-windows-10).
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| All settings | ✅ |  |  |   | 
+| All settings | ✅ |  |  |   |
 
-## AllowScreenMonitoring 
+## AllowScreenMonitoring
 
-When set to True, students can record and take screen captures in the Take A Test app. 
+When set to True, students can record and take screen captures in the Take A Test app.
 
-## AllowTextSuggestions 
+## AllowTextSuggestions
 
-When set to True, students can see autofill suggestions from onscreen keyboards when typing in the Take A Test app. 
+When set to True, students can see autofill suggestions from onscreen keyboards when typing in the Take A Test app.
 
-## LaunchURI 
+## LaunchURI
 
-Enter a link to an assessment that will be automatically loaded when the Take A Test app is opened. 
+Enter a link to an assessment that will be automatically loaded when the Take A Test app is opened.
 
-## RequirePrinting 
+## RequirePrinting
 
-When set to True, students can print in the Take A Test app. 
+When set to True, students can print in the Take A Test app.
 
-## TesterAccount 
+## TesterAccount
 
-Enter the account to use when taking a test. 
+Enter the account to use when taking a test.
 
-To specify a domain account, enter **domain\user**. To specify a Microsoft Entra account, enter `username@tenant.com`. To specify a local account, enter the username. 
+To specify a domain account, enter **domain\user**. To specify a Microsoft Entra account, enter `username@tenant.com`. To specify a local account, enter the username.
 
-## Related articles 
+## Related articles
 
 - [SecureAssessment configuration service provider (CSP)](/windows/client-management/mdm/secureassessment-csp)
diff --git a/windows/configuration/wcd/wcd-time.md b/windows/configuration/wcd/wcd-time.md
index c4bbeebd72..2353f40a4b 100644
--- a/windows/configuration/wcd/wcd-time.md
+++ b/windows/configuration/wcd/wcd-time.md
@@ -1,33 +1,33 @@
 ---
 title: Time
-description: This section describes the Time settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the Time settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
 ms.date: 12/31/2017
---- 
+---
 
-# Time 
+# Time
 
-Use **Time** to configure settings for time zone setup for Windows 10, version (TBD) and later.  
+Use **Time** to configure settings for time zone setup for Windows 10, version (TBD) and later.
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| [ProvisionSetTimeZone](#provisionsettimezone) | ✅ |  |  |  | 
+| [ProvisionSetTimeZone](#provisionsettimezone) | ✅ |  |  |  |
 
-## ProvisionSetTimeZone 
+## ProvisionSetTimeZone
 
-Set to **True** to skip time zone assignment when the first user signs in, in which case the device will remain in its default time zone. For the proper configuration, you should also use **Policies > TimeLanguageSettings > ConfigureTimeZone** to set the default time zone. 
+Set to **True** to skip time zone assignment when the first user signs in, in which case the device will remain in its default time zone. For the proper configuration, you should also use **Policies > TimeLanguageSettings > ConfigureTimeZone** to set the default time zone.
 
 >[!TIP]
->Configuring a time zone in **Policies > TimeLanguageSettings > ConfigureTimeZone** accomplishes the same purpose as setting **ProvisionSetTimeZone** to **True**, so you don't need to configure both settings. 
+>Configuring a time zone in **Policies > TimeLanguageSettings > ConfigureTimeZone** accomplishes the same purpose as setting **ProvisionSetTimeZone** to **True**, so you don't need to configure both settings.
 
-Set to **False** for time zone assignment to occur when the first user signs in. The user will be prompted to select a time zone during first sign-in. 
+Set to **False** for time zone assignment to occur when the first user signs in. The user will be prompted to select a time zone during first sign-in.
 
 >[!NOTE]
->Do not set **Time > ProvisionSetTimeZone** to **False** and also set a time zone in **Policies > TimeLanguageSettings > ConfigureTimeZone**. 
+>Do not set **Time > ProvisionSetTimeZone** to **False** and also set a time zone in **Policies > TimeLanguageSettings > ConfigureTimeZone**.
+
 
- 
 
diff --git a/windows/configuration/wcd/wcd-unifiedwritefilter.md b/windows/configuration/wcd/wcd-unifiedwritefilter.md
index 97384e5c14..1e911e15ba 100644
--- a/windows/configuration/wcd/wcd-unifiedwritefilter.md
+++ b/windows/configuration/wcd/wcd-unifiedwritefilter.md
@@ -1,82 +1,82 @@
 ---
 title: UnifiedWriteFilter
-description: This section describes the UnifiedWriteFilter settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the UnifiedWriteFilter settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
- 
+
 
 ms.date: 12/31/2017
---- 
+---
 
-# UnifiedWriteFilter (reference) 
+# UnifiedWriteFilter (reference)
 
 
-Use UnifiedWriteFilter to configure settings for the Unified Write Filter (UWF). It helps protect your physical storage media, including most standard writable storage types that are supported by the OS, such as: 
+Use UnifiedWriteFilter to configure settings for the Unified Write Filter (UWF). It helps protect your physical storage media, including most standard writable storage types that are supported by the OS, such as:
 
 - Physical hard disks
 - Solidate-state drives
 - Internal USB devices
 - External SATA devices
-- And so on 
+- And so on
 
-You can also use UWF to make read-only media appear to the OS as a writeable volume. 
+You can also use UWF to make read-only media appear to the OS as a writeable volume.
 
 >[!IMPORTANT]
->You can't use UWF to protect external USB devices or flash drives. 
+>You can't use UWF to protect external USB devices or flash drives.
 
-UWF intercepts all write attempts to a protected volume and redirects these write attempts to a virtual overlay. This feature improves the reliability and stability of your device. It also reduces the wear on write-sensitive media, such as flash memory media like solid-state drives. 
+UWF intercepts all write attempts to a protected volume and redirects these write attempts to a virtual overlay. This feature improves the reliability and stability of your device. It also reduces the wear on write-sensitive media, such as flash memory media like solid-state drives.
 
-The overlay doesn't mirror the entire volume. It dynamically grows to keep track of redirected writes. Generally, the overlay is stored in system memory. You can cache a portion of the overlay on a physical volume. 
+The overlay doesn't mirror the entire volume. It dynamically grows to keep track of redirected writes. Generally, the overlay is stored in system memory. You can cache a portion of the overlay on a physical volume.
 
 >[!NOTE]
->UWF fully supports the NTFS system; however, during device startup, NTFS file system journal files can write to a protected volume before UWF has loaded and started protecting the volume.  
+>UWF fully supports the NTFS system; however, during device startup, NTFS file system journal files can write to a protected volume before UWF has loaded and started protecting the volume.
 
-[Learn more about the Unified Write Filter feature.](/windows-hardware/customize/enterprise/unified-write-filter) 
+[Learn more about the Unified Write Filter feature.](/windows-hardware/customize/enterprise/unified-write-filter)
 
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| All settings | ✅ |  |  |  ✅ | 
+| All settings | ✅ |  |  |  ✅ |
 
-## FilterEnabled 
+## FilterEnabled
 
-Set to **True** to enable UWF. 
+Set to **True** to enable UWF.
 
-## OverlayFlags 
+## OverlayFlags
 
-OverlayFlags specifies whether to allow writes to unused space on the volume to pass through, and not redirect to the overlay file. Enabling this setting helps conserve space on the overlay file.  
+OverlayFlags specifies whether to allow writes to unused space on the volume to pass through, and not redirect to the overlay file. Enabling this setting helps conserve space on the overlay file.
 
 - Value `0` (default value when [OverlayType](#overlaytype) isn't **Disk**): writes are redirected to the overlay file
-- Value `1`(default value when [OverlayType](#overlaytype) is  **Disk**): writes to unused space on the volume are allowed to pass through without being redirected to the overlay file. 
+- Value `1`(default value when [OverlayType](#overlaytype) is  **Disk**): writes to unused space on the volume are allowed to pass through without being redirected to the overlay file.
 
-## OverlaySize 
+## OverlaySize
 
-Enter the maximum overlay size, in megabytes (MB), for the UWF overlay. The minimum value for maximum overlay size is 1024. 
+Enter the maximum overlay size, in megabytes (MB), for the UWF overlay. The minimum value for maximum overlay size is 1024.
 
 >[!NOTE]
->UnifiedWriteFilter must be enabled for this setting to work. 
+>UnifiedWriteFilter must be enabled for this setting to work.
 
-## OverlayType 
+## OverlayType
 
-OverlayType specifies where the overlay is stored. Select between **RAM** (default) and **Disk** (pre-allocated file on the system volume).  
+OverlayType specifies where the overlay is stored. Select between **RAM** (default) and **Disk** (pre-allocated file on the system volume).
 
-## RegistryExclusions 
+## RegistryExclusions
 
-You can add or remove registry entries that will be excluded from UWF filtering. When a registry key is in the exclusion list, all writes to that registry key bypass UWF filtering. They're written directly to the registry and persist after the device restarts. 
+You can add or remove registry entries that will be excluded from UWF filtering. When a registry key is in the exclusion list, all writes to that registry key bypass UWF filtering. They're written directly to the registry and persist after the device restarts.
 
-Use **Add** to add a registry entry to the exclusion list after you restart the device. 
+Use **Add** to add a registry entry to the exclusion list after you restart the device.
 
-Use **Remove** to remove a registry entry from the exclusion list after you restart the device. 
+Use **Remove** to remove a registry entry from the exclusion list after you restart the device.
 
-## ResetPersistentState 
+## ResetPersistentState
 
-Set to **True** to reset UWF settings to the original state that was captured at installation time. 
+Set to **True** to reset UWF settings to the original state that was captured at installation time.
 
-## Volumes 
+## Volumes
 
-Enter a drive letter for a volume to be protected by UWF.  
+Enter a drive letter for a volume to be protected by UWF.
 
 >[!NOTE]
 >In the current OS release, Windows Configuration Designer contains a validation bug. To work around this issue, you must include a ":" after the drive letter when specifying the value for the setting. For example, if you are specifying the C drive, you must set DriveLetter to "C:" instead of just "C".
diff --git a/windows/configuration/wcd/wcd-usberrorsoemoverride.md b/windows/configuration/wcd/wcd-usberrorsoemoverride.md
index be6727e5a8..27ffbe7e32 100644
--- a/windows/configuration/wcd/wcd-usberrorsoemoverride.md
+++ b/windows/configuration/wcd/wcd-usberrorsoemoverride.md
@@ -1,26 +1,25 @@
 ---
 title: UsbErrorsOEMOverride
-description: This section describes the UsbErrorsOEMOverride settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the UsbErrorsOEMOverride settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
- 
+
 
 ms.date: 12/31/2017
---- 
+---
 
-# UsbErrorsOEMOverride (reference) 
+# UsbErrorsOEMOverride (reference)
 
 
-Allows an OEM to hide the USB option UI in Settings and all USB device errors.  
+Allows an OEM to hide the USB option UI in Settings and all USB device errors.
 
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | :---: | :---: | :---: | :---: | 
+| --- | :---: | :---: | :---: | :---: |
+| [HideUsbErrorNotifyOptionUI](#hideusberrornotifyoptionui) | ✅ | ✅ | ✅ |   |
 
-| [HideUsbErrorNotifyOptionUI](#hideusberrornotifyoptionui) | ✅ | ✅ | ✅ |   | 
-
-## HideUsbErrorNotifyOptionUI 
+## HideUsbErrorNotifyOptionUI
 
 Configure to **Show** or **Hide** the USB error notification.
diff --git a/windows/configuration/wcd/wcd-weakcharger.md b/windows/configuration/wcd/wcd-weakcharger.md
index b223ad46dd..f4fbc24a52 100644
--- a/windows/configuration/wcd/wcd-weakcharger.md
+++ b/windows/configuration/wcd/wcd-weakcharger.md
@@ -1,46 +1,45 @@
 ---
 title: WeakCharger
-description: This section describes the WeakCharger settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the WeakCharger settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
- 
+
 
 ms.date: 12/31/2017
---- 
+---
 
-# WeakCharger (reference) 
+# WeakCharger (reference)
 
 
-Use WeakCharger settings to configure the charger notification UI. 
+Use WeakCharger settings to configure the charger notification UI.
 
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | :---: | :---: | :---: | :---: | 
-
+| --- | :---: | :---: | :---: | :---: |
 | [HideWeakChargerNotifyOptionUI](#hideweakchargernotifyoptionui) | ✅ | ✅ |  |   |
-| [NotifyOnWeakCharger](#notifyonweakcharger) | ✅ | ✅ |  |   | 
+| [NotifyOnWeakCharger](#notifyonweakcharger) | ✅ | ✅ |  |   |
 
 
-## HideWeakChargerNotifyOptionUI 
+## HideWeakChargerNotifyOptionUI
 
-This setting determines whether the user sees the dialog that's displayed when the user connects the device to an incompatible charging source. By default, the OS shows the weak charger notification option UI.  
+This setting determines whether the user sees the dialog that's displayed when the user connects the device to an incompatible charging source. By default, the OS shows the weak charger notification option UI.
 
-Select between **Show Weak Charger Notifications UI** and **Hide Weak Charger Notifications UI**. 
+Select between **Show Weak Charger Notifications UI** and **Hide Weak Charger Notifications UI**.
 
-## NotifyOnWeakCharger 
+## NotifyOnWeakCharger
 
-This setting shows a warning when the user connects the device to an incompatible charging source. This warning is intended to notify users that their device may take longer to charge. Or, it may not charge at all. 
+This setting shows a warning when the user connects the device to an incompatible charging source. This warning is intended to notify users that their device may take longer to charge. Or, it may not charge at all.
 
-An incompatible charging source is one that doesn't behave like one of the following port types: 
+An incompatible charging source is one that doesn't behave like one of the following port types:
 
 - Charging downstream port
-- Standard downstream port 
+- Standard downstream port
 
-- Dedicated charging port 
+- Dedicated charging port
 
-The port types are defined by the USB Battery Charging Specification, Revision 1.2, available at `USB.org`. 
+The port types are defined by the USB Battery Charging Specification, Revision 1.2, available at `USB.org`.
 
-Select between **Disable Weak Charger Notifications UI** and **Enable Weak Charger Notifications UI**. 
+Select between **Disable Weak Charger Notifications UI** and **Enable Weak Charger Notifications UI**.
 
diff --git a/windows/configuration/wcd/wcd-windowshelloforbusiness.md b/windows/configuration/wcd/wcd-windowshelloforbusiness.md
index cb670d506a..8a18577b6c 100644
--- a/windows/configuration/wcd/wcd-windowshelloforbusiness.md
+++ b/windows/configuration/wcd/wcd-windowshelloforbusiness.md
@@ -1,28 +1,27 @@
 ---
 title: WindowsHelloForBusiness
-description: This section describes the Windows Hello for Business settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the Windows Hello for Business settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
- 
+
 
 ms.date: 12/31/2017
---- 
+---
 
-# WindowsHelloForBusiness (Windows Configuration Designer reference) 
+# WindowsHelloForBusiness (Windows Configuration Designer reference)
 
 
-Use WindowsHelloForBusiness settings to specify whether [FIDO2 security keys for Windows Hello](https://blogs.windows.com/business/2018/04/17/windows-hello-fido2-security-keys/) can be used to sign in to a Windows device configured for [Shared PC mode](wcd-sharedpc.md). 
+Use WindowsHelloForBusiness settings to specify whether [FIDO2 security keys for Windows Hello](https://blogs.windows.com/business/2018/04/17/windows-hello-fido2-security-keys/) can be used to sign in to a Windows device configured for [Shared PC mode](wcd-sharedpc.md).
 
-## Applies to 
+## Applies to
 
 | Setting groups | Windows client | Surface Hub | HoloLens | IoT Core |
-| --- | :---: | :---: | :---: | :---: | 
+| --- | :---: | :---: | :---: | :---: |
+| [SecurityKeys](#securitykeys) | ✅ |  |  |  |
 
-| [SecurityKeys](#securitykeys) | ✅ |  |  |  | 
+## SecurityKeys
 
-## SecurityKeys 
-
-Select the value: 
+Select the value:
 
 - `0`: Security keys for Windows Hello are disabled.
 - `1`: Security keys for Windows Hello are enabled on [Shared PCs](wcd-sharedpc.md).
diff --git a/windows/configuration/wcd/wcd-wlan.md b/windows/configuration/wcd/wcd-wlan.md
index d24281bc8e..f8d6a8918b 100644
--- a/windows/configuration/wcd/wcd-wlan.md
+++ b/windows/configuration/wcd/wcd-wlan.md
@@ -1,21 +1,21 @@
 ---
 title: WLAN
-description: This section describes the WLAN settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. 
+description: This section describes the WLAN settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer.
 
 ms.topic: reference
 
 ms.date: 12/31/2017
---- 
+---
 
-# WLAN (reference) 
+# WLAN (reference)
 
 
-Do not use at this time. Instead, use [ConnectivityProfiles > WLAN](wcd-connectivityprofiles.md#wlan) 
+Do not use at this time. Instead, use [ConnectivityProfiles > WLAN](wcd-connectivityprofiles.md#wlan)
 
 
-## Applies to 
+## Applies to
 
 | Setting   | Windows client | Surface Hub | HoloLens | IoT Core |
 | --- | :---: | :---: | :---: | :---: |
-| All settings |  |  |  |   | 
+| All settings |  |  |  |   |