Merge pull request #335 from Microsoft/develop

Update code manifests

Drivers/WaveshareFilterKmdf/WaveshareFilterKmdf/README.md

@@ -2,6 +2,12 @@
 title: Waveshare KMDF Filter Driver
 ms.author: christopher.co
 description: Filter driver which enables the Waveshare touchscreen on IoT Core.
+topic: sample
+urlFragment: virtual-pwm
+languages:
+    - csharp
+products:
+    - windows
 ---
 
 # “Waveshare KMDF Filter Driver”

Samples/ShellLauncherV2/README.md

@@ -16,7 +16,8 @@ Shell Launcher V2 allows user to configure an UWP app (using AUMID) or Win32 app
 *	[Second UWP App](./ShellLauncherV2/AnotherUwpApp/README.md)
 *	[Win32 Primary App](./ShellLauncherV2/ShellLauncherV2DemoWin32/README.md)
 *	[Installer for Win32 Primary App](./ShellLauncherV2/ShellLauncherV2DemoWin32Installer/README.md)
-*	[Sample Shell Launcher Configuration files](./ShellLauncherV2/SampleConfigXmls/README.md)
+*	[Sample Shell Launcher Configuration files](./SampleConfigXmls/README.md)
+*   [Sample bridge WMI powershell scripts](./SampleBridgeWmiScripts/README.md)
 
 ## Additional resources
 * [ShellLauncher general info](https://docs.microsoft.com/en-us/windows-hardware/customize/enterprise/shell-launcher)

Samples/ShellLauncherV2/SampleBridgeWmiScripts/README.md

@@ -0,0 +1,38 @@
+--- 
+topic: sample
+urlFragment: SampleBridgeWmiScripts
+languages:
+-xml
+products:
+-windows
+description: sample powershell scripts to call bridge WMI Shell Launcher node
+---
+
+# Shell Launcher V2 Bridge WMI Sample scripts
+
+[ShellLauncherBridgeWmiHelpers.ps1](./ShellLauncherBridgeWmiHelpers.ps1) provides below functions
+1. Set-ShellLauncherBridgeWmi, it takes a parameter FilePath to a raw config xml (not the escaped one) and configure Shell Launcher through bridge WMI 
+2. Clear-ShellLauncherBridgeWmi, it clears shell launcher configuration using bridge WMI
+3. Get-ShellLauncherBridgeWmi, it prints out the current shell launcher config xml if configured
+
+To use the scripts,
+1. Save the scripts file to your PC
+2. Download SysInternals tools, run "psexec.exe -i -s powershell.exe" from elevated command prompt
+3. In the powershell launched by psexec.exe, first import the scripts, notice the . command when importing the ps1 file
+```
+PS C:\Users\test> . .\ShellLauncherBridgeWmiHelpers.ps1
+```
+4. After importing, run the command Set-ShellLauncherBridgeWMI with FilePath pointing to a shell launcher config xml
+```
+PS C:\Users\test> Set-ShellLauncherBridgeWmi -FilePath .\ShellLauncher.xml
+```
+5. To clean up ShellLauncher using bridge WMI, run the other command Clear-ShellLauncherBridgeWMI
+
+```
+PS C:\Users\test> Clear-ShellLauncherBridgeWmi
+```
+6. To print current config xml, run the other command Get-ShellLauncherBridgeWMI
+
+```
+PS C:\Users\test> Get-ShellLauncherBridgeWmi
+```

Samples/ShellLauncherV2/SampleBridgeWmiScripts/ShellLauncherBridgeWmiHelpers.ps1

@@ -0,0 +1,33 @@
+$NameSpace = "root\cimv2\mdm\dmmap"
+$Class = "MDM_AssignedAccess"
+
+function Get-AssignedAccessCspBridgeWmi
+{
+    return Get-CimInstance -Namespace $NameSpace -ClassName $Class
+}
+
+function Set-ShellLauncherBridgeWMI
+{
+    param([Parameter(Mandatory=$True)][String] $FilePath)
+
+    $Xml = Get-Content -Path $FilePath
+    $EscapedXml = [System.Security.SecurityElement]::Escape($Xml)
+    $AssignedAccessCsp = Get-AssignedAccessCspBridgeWmi
+    $AssignedAccessCsp.ShellLauncher = $EscapedXml
+    Set-CimInstance -CimInstance $AssignedAccessCsp
+
+    # get a new instance and print the value
+    (Get-AssignedAccessCspBridgeWmi).ShellLauncher
+}
+
+function Clear-ShellLauncherBridgeWMI
+{
+    $AssignedAccessCsp = Get-AssignedAccessCspBridgeWmi
+    $AssignedAccessCsp.ShellLauncher = $NULL
+    Set-CimInstance -CimInstance $AssignedAccessCsp
+}
+
+function Get-ShellLauncherBridgeWMI
+{
+    (Get-AssignedAccessCspBridgeWmi).ShellLauncher
+}

Samples/ShellLauncherV2/SampleConfigXmls/README.md

@@ -0,0 +1,51 @@
+--- 
+topic: sample
+urlFragment: SampleConfigXmls
+languages:
+-xml
+products:
+-windows
+description: sample shell launcher configuration xmls using Assigned Access CSP
+---
+
+# Shell Launcher V2 configuration xml samples
+
+See more information at [ShellLauncher node on Assigned Access CSP](https://docs.microsoft.com/en-us/windows/client-management/mdm/assignedaccess-csp)
+
+* [ShellLauncherAutoLogonUwp.xml](./ShellLauncherAutoLogonUwp.xml), this sample shows how to create an auto-logon account using Shell Launcher V2, and assign an UWP app for this account as shell
+* [ShellLauncherAzureADMultiUser.xml](./ShellLauncherAzureADMultiUser.xml), this sample shows how to configure multiple AzureAD accounts to different shell
+* [ShellLauncherDefaultOnlyUwp.xml](./ShellLauncherDefaultOnlyUwp.xml), this sample shows how to configure only one default profile for everyone, with empty Configs. Everyone would log into the same UWP Shell app
+* [ShellLauncherSid.xml](./ShellLauncherSid.xml), this sample shows how to configure a SID for Shell Launcher. The SID can be either user sid, or local group sid, or AD group sid
+* [ShellLauncherConfiguration_Demo.syncml](./ShellLauncherConfiguration_Demo.syncml), this sample shows what the SyncML file would look like, when using ShellLauncherV2 and Assigned Access CSP. This is the payload when MDM server sends the configuration to client.
+
+## Xml Namespace
+
+In order to invoke Shell Launcher V2, instead of legacy Shell Launcher (which uses eshell.exe), you must specify the v2 namespace http://schemas.microsoft.com/ShellLauncher/2019/Configuration in the xml. 
+
+* When you want to use an UWP app as shell, use the v2 attribute AppType (v2:AppType="UWP")
+* The V2 namespace also provides a new switch to force all windows full screen, V2:AllAppsFullScreen="true"
+
+For the complete XSD, please refer to the CSP link above
+
+## How to get group sid
+
+To get local group sid, replace Guests to the group you need
+```
+PS C:\Users\test> $group = Get-LocalGroup -Name Guests
+PS C:\Users\test> $group.SID
+
+BinaryLength AccountDomainSid Value
+------------ ---------------- -----
+          16                  S-1-5-32-546
+```
+
+To get AD group sid, replace MyADGroup to the group you need, take the Value part
+```
+PS C:\Users\test> $AdGroup = New-Object System.Security.Principal.NTAccount("MyADGroup")
+PS C:\Users\test> $AdGroupSid = $AdGroup.Translate([System.Security.Principal.SecurityIdentifier])
+PS C:\Users\test> $AdGroupSid
+
+BinaryLength AccountDomainSid                          Value
+------------ ----------------                          -----
+          28 S-1-5-21-2127521184-1604012920-1887927527 S-1-5-21-2127521184-1604012920-1887927527-32599559
+```

Samples/ShellLauncherV2/SampleConfigXmls/ShellLauncherSid.xml

@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="utf-8"?>
+<ShellLauncherConfiguration xmlns="http://schemas.microsoft.com/ShellLauncher/2018/Configuration"
+xmlns:v2="http://schemas.microsoft.com/ShellLauncher/2019/Configuration">
+    <Profiles>
+        <DefaultProfile>
+            <Shell Shell="%systemroot%\explorer.exe">
+                <DefaultAction Action="RestartShell"/>
+            </Shell>
+        </DefaultProfile>
+        <Profile Id="{814B6409-8C51-4EE2-95F8-DB39B70F5F68}">
+            <Shell Shell="C:\windows\system32\mspaint.exe" v2:AllAppsFullScreen="true">
+                <DefaultAction Action="RestartShell"/>
+            </Shell>
+        </Profile>
+    </Profiles>
+    <Configs>
+        <Config>
+            <!-- Sid can be user sid, local group sid, and AD group sid -->
+            <Account Sid="S-1-5-21-1280375592-1312616770-1055953906-1002"/>
+            <Profile Id="{814B6409-8C51-4EE2-95F8-DB39B70F5F68}"/>
+        </Config>
+    </Configs>
+</ShellLauncherConfiguration>