Update Assigned Access XSD for Windows 11, version 22H2 and Windows 11, version 21H2 additions. Remove deprecated Shell Launcher configuration file. Update TOC.yml with new links.

2025-06-15 10:23:37 +00:00 · 2024-02-16 08:05:02 +01:00
parent 338987a825
commit 9f19734d06
6 changed files with 46 additions and 144 deletions
--- a/windows/configuration/kiosk/_kiosk-single-app.md
+++ b/windows/configuration/kiosk/_kiosk-single-app.md
--- a/windows/configuration/kiosk/_setup-digital-signage.md
+++ b/windows/configuration/kiosk/_setup-digital-signage.md
--- a/windows/configuration/kiosk/assigned-access-xsd.md
+++ b/windows/configuration/kiosk/assigned-access-xsd.md
@ -210,7 +210,7 @@ The following is the XSD for Assigned Access in Windows 11:
 </xs:schema>
 ```

-## Windows 11 additions
+## Windows 11, version 22H2 additions

 The following is the XSD for Assigned Access features added in Windows 11:

@ -230,7 +230,7 @@ The following is the XSD for Assigned Access features added in Windows 11:
 </xs:schema>
 ```

-## Windows 10, version 21H2 additions
+## Windows 11, version 21H2 additions

 The following is the XSD for Assigned Access features added in Windows 10, version 21H2:

--- a/windows/configuration/kiosk/create-shell-launcher-configuration.md
+++ b/windows/configuration/kiosk/create-shell-launcher-configuration.md
@ -1,135 +0,0 @@
---
-title: Create an Shell Launcher configuration file
-description: Learn how to create an XML file to configure a device with Shell Launcher.
-ms.date: 02/12/2024
-ms.topic: how-to
---
-
-# Create an Shell Launcher configuration file
-
-## Full XML example
-
-
-```xml
-<?xml version="1.0" encoding="utf-8"?>
-<ShellLauncherConfiguration
-xmlns="http://schemas.microsoft.com/ShellLauncher/2018/Configuration"
-xmlns:rs5="http://schemas.microsoft.com/ShellLauncher/2019/Configuration">
-    <Profiles>
-        <DefaultProfile>
-            <Shell Shell="%SystemRoot%\explorer.exe"/>
-        </DefaultProfile>
-        <Profile Id="{EDB3036B-780D-487D-A375-69369D8A8F78}">
-            <Shell Shell="%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe --kiosk https://maps.heathrow.com --edge-kiosk-type=fullscreen --kiosk-idle-timeout-minutes=2" rs5:AppType="Desktop" rs5:AllAppsFullScreen="true">
-                <ReturnCodeActions>
-                    <ReturnCodeAction ReturnCode="0" Action="RestartShell"/>
-                    <ReturnCodeAction ReturnCode="-1" Action="RestartDevice"/>
-                    <ReturnCodeAction ReturnCode="255" Action="ShutdownDevice"/>
-                </ReturnCodeActions>
-                <DefaultAction Action="RestartShell"/>
-            </Shell>
-        </Profile>
-    </Profiles>
-    <Configs>
-        <Config>
-            <AutoLogonAccount/>
-            <Profile Id="{EDB3036B-780D-487D-A375-69369D8A8F78}"/>
-        </Config>
-    </Configs>
-</ShellLauncherConfiguration>
-```
-
-:::row:::
-    :::column span="1":::
-    **Scenario**
-    :::column-end:::
-    :::column span="3":::
-    **Sample Xml**
-    :::column-end:::
-:::row-end:::
-:::row:::
-    :::column span="1":::
-    **Block everything**
-    :::column-end:::
-    :::column span="3":::
-    Either don't use the node or leave it empty
-
-    ```xml
-    <rs5:FileExplorerNamespaceRestrictions>
-    </rs5:FileExplorerNamespaceRestrictions>
-    ```
-    :::column-end:::
-:::row-end:::
-:::row:::
-    :::column span="1":::
-    **Only allow downloads**
-    :::column-end:::
-    :::column span="3":::
-    ```xml
-    <rs5:FileExplorerNamespaceRestrictions>
-        <rs5:AllowedNamespace Name="Downloads"/>
-    </rs5:FileExplorerNamespaceRestrictions>
-    ```
-    :::column-end:::
-:::row-end:::
-
-:::row:::
-    :::column span="1":::
-    **Only allow removable drives**
-    :::column-end:::
-    :::column span="3":::
-    ```xml
-    <rs5:FileExplorerNamespaceRestrictions>
-        <v3:AllowRemovableDrives />
-    </rs5:FileExplorerNamespaceRestrictions>
-    ```
-    :::column-end:::
-:::row-end:::
-
-:::row:::
-    :::column span="1":::
-    **Allow both Downloads, and removable drives**
-    :::column-end:::
-    :::column span="3":::
-    ```xml
-    <rs5:FileExplorerNamespaceRestrictions>
-        <rs5:AllowedNamespace Name="Downloads"/>
-        <v3:AllowRemovableDrives/>
-    </rs5:FileExplorerNamespaceRestrictions>
-    ```
-    :::column-end:::
-:::row-end:::
-
-:::row:::
-    :::column span="1":::
-    **No restrictions, all locations are allowed**
-    :::column-end:::
-    :::column span="3":::
-    ```xml
-    <rs5:FileExplorerNamespaceRestrictions>
-        <v3:NoRestriction />
-    </rs5:FileExplorerNamespaceRestrictions>
-    ```
-    :::column-end:::
-:::row-end:::
-
-<!--troubleshooting
-Event Viewer
-Run "eventvwr.msc"
-Navigate to "Applications and Services Logs"
-There are 2 areas of your interests:
-"Microsoft-Windows-AssignedAccess"
-"Microsoft-Windows-AssignedAccessBroker"
-Before any repro, it's recommended to enable "Operational" channel to get the most of logs.
-TraceLogging
-<TBD>
-
-Registry Key
-These locations contain the latest Assigned Access Configuration:
-
-HKLM\SOFTWARE\Microsoft\Windows\AssignedAccessConfiguration
-HKLM\SOFTWARE\Microsoft\Windows\AssignedAccessCsp
-These locations contain the latest "evaluated" configuration for each sign-in user:
-
-"HKCU\SOFTWARE\Microsoft\Windows\AssignedAccessConfiguration" (If it doesn't exist, it means no Assigned Access to be enforced for this user.)
-->
--- a/windows/configuration/kiosk/shell-launcher-examples.md
+++ b/windows/configuration/kiosk/shell-launcher-examples.md
@ -0,0 +1,39 @@
+---
+title: Create an Shell Launcher configuration file
+description: Learn how to create an XML file to configure a device with Shell Launcher.
+ms.date: 02/12/2024
+ms.topic: how-to
+---
+
+# Shell Launcher configuration XML examples
+
+This article provides practical examples of Shell Launcher XML configuration files.
+
+For more details, review the Shell Launcher XSD reference article.
+
+## Kiosk example
+
+[!INCLUDE [shell-launcher-quickstart-xml](includes/shell-launcher-quickstart-xml.md)]
+
+
+
+<!--troubleshooting
+Event Viewer
+Run "eventvwr.msc"
+Navigate to "Applications and Services Logs"
+There are 2 areas of your interests:
+"Microsoft-Windows-AssignedAccess"
+"Microsoft-Windows-AssignedAccessBroker"
+Before any repro, it's recommended to enable "Operational" channel to get the most of logs.
+TraceLogging
+<TBD>
+
+Registry Key
+These locations contain the latest Assigned Access Configuration:
+
+HKLM\SOFTWARE\Microsoft\Windows\AssignedAccessConfiguration
+HKLM\SOFTWARE\Microsoft\Windows\AssignedAccessCsp
+These locations contain the latest "evaluated" configuration for each sign-in user:
+
+"HKCU\SOFTWARE\Microsoft\Windows\AssignedAccessConfiguration" (If it doesn't exist, it means no Assigned Access to be enforced for this user.)
+-->
--- a/windows/configuration/kiosk/toc.yml
+++ b/windows/configuration/kiosk/toc.yml
@ -15,12 +15,6 @@ items:
      href: kiosk-prepare.md
    - name: Guidelines for choosing an app for assigned access
      href: guidelines-for-assigned-access-app.md
- name: Deployment guides
-  items:
-  - name: Configure digital signs
-    href: setup-digital-signage.md
-  - name: Configure a kiosk
-    href: kiosk-single-app.md
 - name: How-to guides
  items:
    - name: Create an Assigned Access configuration file
@ -54,4 +48,8 @@ items:
    - name: _lock-down-windows-10-to-specific-apps
      href: _lock-down-windows-10-to-specific-apps.md
    - name: _lock-down-windows-11-to-specific-apps
-      href: _lock-down-windows-11-to-specific-apps.md
+      href: _lock-down-windows-11-to-specific-apps.md
+    - name: _setup-digital-signage
+      href: _setup-digital-signage.md
+    - name: _kiosk-single-app
+      href: _kiosk-single-app.md