From 93cddd6298ba17a98081154f5a85f4fe2ff8faff Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Fri, 21 Jul 2023 12:15:36 -0400
Subject: [PATCH] Changes for CloudDesktop CSP
---
.openpublishing.redirection.json | 7 +-
.../client-management/mdm/clouddesktop-csp.md | 148 ++++++++++++++++++
.../mdm/clouddesktop-ddf-file.md | 95 +++++++++++
.../mdm/policy-csp-cloudpc.md | 80 ----------
windows/client-management/mdm/toc.yml | 7 +-
5 files changed, 254 insertions(+), 83 deletions(-)
create mode 100644 windows/client-management/mdm/clouddesktop-csp.md
create mode 100644 windows/client-management/mdm/clouddesktop-ddf-file.md
delete mode 100644 windows/client-management/mdm/policy-csp-cloudpc.md
diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 5ec8592f63..ab4337caab 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -20785,6 +20785,11 @@
"redirect_url": "/windows/client-management/mdm/enterprisemodernappmanagement-csp#enterprisemodernappmanagement-xsd",
"redirect_document_id": false
},
+ {
+ "source_path": "windows/client-management/mdm/policy-csp-cloudpc.md",
+ "redirect_url": "/windows/client-management/mdm/clouddesktop-csp",
+ "redirect_document_id": false
+ },
{
"source_path": "education/windows/education-scenarios-store-for-business.md",
"redirect_url": "/windows/resources",
@@ -21934,7 +21939,7 @@
"source_path": "windows/deployment/update/update-compliance-schema-wudostatus.md",
"redirect_url": "/windows/deployment/update/wufb-reports-overview",
"redirect_document_id": false
- },
+ },
{
"source_path": "windows/deployment/update/update-compliance-schema-wudoaggregatedstatus.md",
"redirect_url": "/windows/deployment/update/wufb-reports-overview",
diff --git a/windows/client-management/mdm/clouddesktop-csp.md b/windows/client-management/mdm/clouddesktop-csp.md
new file mode 100644
index 0000000000..ff2a3b57e6
--- /dev/null
+++ b/windows/client-management/mdm/clouddesktop-csp.md
@@ -0,0 +1,148 @@
+---
+title: CloudDesktop CSP
+description: Learn more about the CloudDesktop CSP.
+author: vinaypamnani-msft
+manager: aaroncz
+ms.author: vinpa
+ms.date: 07/21/2023
+ms.localizationpriority: medium
+ms.prod: windows-client
+ms.technology: itpro-manage
+ms.topic: reference
+---
+
+
+
+
+# CloudDesktop CSP
+
+[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
+
+
+
+
+
+
+The following list shows the CloudDesktop configuration service provider nodes:
+
+- ./Device/Vendor/MSFT/CloudDesktop
+ - [EnableBootToCloudSharedPCMode](#enableboottocloudsharedpcmode)
+
+
+
+## EnableBootToCloudSharedPCMode
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
❌ Windows SE | ✅ Windows Insider Preview [10.0.22631.2050] |
+
+
+
+```Device
+./Device/Vendor/MSFT/CloudDesktop/EnableBootToCloudSharedPCMode
+```
+
+
+
+
+Setting this node to "true" configures boot to cloud for Shared PC mode. This mode enables users to seamlessly sign-in to a Cloud PC. For using this mode, users must install and configure a Cloud Provider application on their PC and must have a Cloud PC provisioned.
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `bool` |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value | false |
+
+
+
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| false (Default) | Not configured. |
+| true | Boot to cloud Shared PC mode enabled. |
+
+
+
+
+
+
+
+
+
+
+## EnableBootToCloudSharedPCMode technical reference
+
+EnableBootToCloudSharedPCMode setting is used to configure **Boot to Cloud** feature for shared user mode. When you enable this setting, multiple policies are applied to achieve the intended behavior.
+
+> [!NOTE]
+> It is recommended not to set any of the policies enforced by this setting to different values, as these policies help provide a smooth UX experience for the **Boot to Cloud** feature for shared user mode.
+
+## MDM Policies
+
+When enabling this mode, these MDM policies are applied for the Device scope (all users):
+
+| Setting | Value | Value Description |
+|----------------------------------------------------------------------------------------------------------------------------|---------|-------------------------------------------------------------|
+| [WindowsLogon/OverrideShellProgram](policy-csp-windowslogon.md#overrideshellprogram) | 1 | Apply Lightweight Shell |
+| [ADMX_CredentialProviders/DefaultCredentialProvider](policy-csp-admx-credentialproviders.md#defaultcredentialprovider) | Enabled | Configures default credential provider to password provider |
+| [ADMX_Logon/DisableExplorerRunLegacy_2](policy-csp-admx-logon.md#disableexplorerrunlegacy_2) | Enabled | Do not process the computer legacy run list |
+| [TextInput/EnableTouchKeyboardAutoInvokeInDesktopMode](policy-csp-textinput.md#enabletouchkeyboardautoinvokeindesktopmode) | 1 | When no keyboard is attached |
+
+## Group Policies
+
+When enabling this mode, these local group policies are configured for all users:
+
+| Policy setting | Status |
+|------------------------------------------------------------------------------------------------------------------------|---------------------------------------|
+| Security Settings/Local Policies/Security Options/User Account Control: Behavior of elevation prompt for standard user | Automatically deny elevation requests |
+| Security Settings/Local Policies/Security Options/Interactive logon: Don't display last signed-in | Enabled |
+| Control Panel/Personalization/Prevent enabling lock screen slide show | Enabled |
+| System/Logon/Block user from showing account details on sign-in | Enabled |
+| System/Logon/Enumerate local users on domain-joined computers | Disabled |
+| System/Logon/Hide entry points for Fast User Switching | Enabled |
+| System/Logon/Show first sign-in animation | Disabled |
+| System/Logon/Turn off app notifications on the lock screen | Enabled |
+| System/Logon/Turn off picture password sign-in | Enabled |
+| System/Logon/Turn on convenience PIN sign-in | Disabled |
+| Windows Components/App Package Deployment/Allow a Windows app to share application data between users | Enabled |
+| Windows Components/Biometrics/Allow the use of biometrics | Disabled |
+| Windows Components/Biometrics/Allow users to log on using biometrics | Disabled |
+| Windows Components/Biometrics/Allow domain users to log on using biometrics | Disabled |
+| Windows Components/File Explorer/Show lock in the user tile menu | Disabled |
+| Windows Components/File History/Turn off File History | Enabled |
+| Windows Components/OneDrive/Prevent the usage of OneDrive for file storage | Enabled |
+| Windows Components/Windows Hello for Business/Use biometrics | Disabled |
+| Windows Components/Windows Hello for Business/Use Windows Hello for Business | Disabled |
+| Windows Components/Windows Logon Options/Sign-in and lock last interactive user automatically after a restart | Disabled |
+| Windows Components/Microsoft Passport for Work | Disabled |
+| System/Ctrl+Alt+Del Options/Remove Task Manager | Enabled |
+| System/Ctrl+Alt+Del Options/Remove Change Password | Enabled |
+| Start Menu and Taskbar/Notifications/Turn off toast notifications | Enabled |
+| Start Menu and Taskbar/Notifications/Remove Notifications and Action Center | Enabled |
+| System/Logon/Do not process the legacy run list | Enabled |
+
+## Registry
+
+When enabling this mode, these registry changes made:
+
+| Registry setting | Status |
+|----------------------------------------------------------------------------------------------|--------|
+| Software\Policies\Microsoft\PassportForWork\Remote\Enabled (Phone sign-in/Use phone sign-in) | 0 |
+| Software\Policies\Microsoft\PassportForWork\Enabled (Use Microsoft Passport for Work) | 0 |
+
+
+
+
+## Related articles
+
+[Configuration service provider reference](configuration-service-provider-reference.md)
diff --git a/windows/client-management/mdm/clouddesktop-ddf-file.md b/windows/client-management/mdm/clouddesktop-ddf-file.md
new file mode 100644
index 0000000000..566e93bccc
--- /dev/null
+++ b/windows/client-management/mdm/clouddesktop-ddf-file.md
@@ -0,0 +1,95 @@
+---
+title: CloudDesktop DDF file
+description: View the XML file containing the device description framework (DDF) for the CloudDesktop configuration service provider.
+author: vinaypamnani-msft
+manager: aaroncz
+ms.author: vinpa
+ms.date: 07/21/2023
+ms.localizationpriority: medium
+ms.prod: windows-client
+ms.technology: itpro-manage
+ms.topic: reference
+---
+
+
+
+# CloudDesktop DDF file
+
+The following XML file contains the device description framework (DDF) for the CloudDesktop configuration service provider.
+
+```xml
+
+]>
+
+ 1.2
+
+
+
+ CloudDesktop
+ ./Device/Vendor/MSFT
+
+
+
+
+ The CloudDesktop configuration service provider is used to configure various Cloud PC related scenarios.
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 22631.2050
+ 1.0
+ 0x4;0x30;0x31;0x7E;0x87;0x88;0x88*;0xA1;0xA2;0xA4;0xA5;0xB4;0xBC;0xBD;0xBF;
+
+
+
+ EnableBootToCloudSharedPCMode
+
+
+
+
+
+
+
+ false
+ Setting this node to "true" configures boot to cloud for Shared PC mode. This mode enables users to seamlessly sign-in to a Cloud PC. For using this mode, users must install and configure a Cloud Provider application on their PC and must have a Cloud PC provisioned.
+
+
+
+
+
+
+
+
+
+ Enable boot to cloud shared PC mode
+
+
+
+
+
+ false
+ Not configured
+
+
+ true
+ Boot to cloud Shared PC mode enabled
+
+
+
+
+
+
+```
+
+## Related articles
+
+[CloudDesktop configuration service provider reference](clouddesktop-csp.md)
diff --git a/windows/client-management/mdm/policy-csp-cloudpc.md b/windows/client-management/mdm/policy-csp-cloudpc.md
deleted file mode 100644
index dd52780e9a..0000000000
--- a/windows/client-management/mdm/policy-csp-cloudpc.md
+++ /dev/null
@@ -1,80 +0,0 @@
----
-title: CloudPC Policy CSP
-description: Learn more about the CloudPC Area in Policy CSP
-author: vinaypamnani-msft
-manager: aaroncz
-ms.author: vinpa
-ms.date: 12/27/2022
-ms.localizationpriority: medium
-ms.prod: windows-client
-ms.technology: itpro-manage
-ms.topic: reference
----
-
-
-
-
-# Policy CSP - CloudPC
-
-
-
-
-
-
-## CloudPCConfiguration
-
-
-| Scope | Editions | Applicable OS |
-|:--|:--|:--|
-| :heavy_check_mark: Device
:x: User | :x: Home
:heavy_check_mark: Pro
:heavy_check_mark: Enterprise
:heavy_check_mark: Education
:heavy_check_mark: Windows SE | :heavy_check_mark: Windows Insider Preview |
-
-
-
-```Device
-./Device/Vendor/MSFT/Policy/Config/CloudPC/CloudPCConfiguration
-```
-
-
-
-
-This policy is used by IT admin to set the configuration mode of cloud PC.
-
-
-
-
-
-
-
-**Description framework properties**:
-
-| Property name | Property value |
-|:--|:--|
-| Format | int |
-| Access Type | Add, Delete, Get, Replace |
-| Default Value | 0 |
-
-
-
-**Allowed values**:
-
-| Value | Description |
-|:--|:--|
-| 0 (Default) | Fast Switching Configuration. |
-| 1 | Boot to cloud PC Configuration. |
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## Related articles
-
-[Policy configuration service provider](policy-configuration-service-provider.md)
diff --git a/windows/client-management/mdm/toc.yml b/windows/client-management/mdm/toc.yml
index 337d5633e1..a909cac63a 100644
--- a/windows/client-management/mdm/toc.yml
+++ b/windows/client-management/mdm/toc.yml
@@ -384,8 +384,6 @@ items:
href: policy-csp-cellular.md
- name: CloudDesktop
href: policy-csp-clouddesktop.md
- - name: CloudPC
- href: policy-csp-cloudpc.md
- name: Connectivity
href: policy-csp-connectivity.md
- name: ControlPolicyConflict
@@ -631,6 +629,11 @@ items:
items:
- name: ClientCertificateInstall DDF file
href: clientcertificateinstall-ddf-file.md
+ - name: CloudDesktop
+ href: clouddesktop-csp.md
+ items:
+ - name: CloudDesktop DDF file
+ href: clouddesktop-ddf-file.md
- name: CM_CellularEntries
href: cm-cellularentries-csp.md
- name: CMPolicy