EnterpriseAssignedAccess configuration service provider
August 13, 2015
The EnterpriseAssignedAccess configuration service provider allows Information Technology (IT) administrators to configure settings, such as language and themes, lock down a device, and use Windows Embedded 8.1 Handheld features to configure custom layouts on a device. For example, the administrator can lock down a device so that only applications specified in an Allow list are available. Apps not on the Allow list remain installed on the device, but are hidden from view.
Important note |
---|
This CSP applies only to Windows Embedded 8.1 Handheld devices. |
The following image shows the EnterpriseAssignedAccess configuration service provider in tree format as used by both the Open Mobile Alliance (OMA) Device Management (DM) and OMA Client Provisioning.
The following list shows the characteristics and parameters.
.Vendor/MSFT/EnterpriseAssignedAccess/
The root node for the EnterpriseAssignedAccess configuration service provider. Supported operations: Add, Replace, and Get.AssignedAccess/
The parent node of assigned access XML.AssignedAccess/AssignedAccessXml
The XML code that controls the assigned access settings that will be applied to the device.Supported operations: Add, Replace, and Get.
The Apps and Settings sections of Prov.xml constitute an Allow list. Any app or setting that is not specified in AssignedAccessXML will not be available on the device to users. The following table describes the entries in Prov.xml.
Important note The formatting used in the examples in this table cannot be used in your actual provisioning file. The example is provided in this format for readability only. The provisioning file must use escaped characters for EnterpriseAssignedAcces, such as < instead of < because xml is embedded in xml. Do not replace the escaped characters in the provisioning file. See Create a Prov.xml for the correct formatting.
Entry
Description
ActionCenter
You can enable or disable the Action Center (formerly known as Notification Center) on the device. Set to true to enable the Action Center, or set to false to disable the Action Center.
Example:
<ActionCenter enabled="true"></ActionCenter>
StartScreenSize
Specify the size of the Start screen. Large sets the width to be big enough to hold six small tiles, or the equivalent. For example, six small tiles are about the same as one large tile and one medium tile. Small sets the width to 4, which is equivalent to the total width of four small tiles.
Example:
<StartScreenSize>Large</StartScreenSize>
Application
Provide the product ID for each app that will be available on the device.
To obtain the product ID for apps that you install from the Windows Phone Store, open a browser and navigate to the installation page for the app. In the URL, you will see the GUID for the app, as shown in the following illustration.
You can find the product ID for a locally developed app in the AppManifest.xml file of the app.
Include PinToStart to display an app on the Start screen. For apps pinned to the Start screen, identify a tile size (small, medium, or large), and a location. The size of a small tile is 1 column x 1 row, a medium tile is 2 x 2, and a large tile is 4 x 2.
For the tile location, the first value indicates the column and the second value indicates the row. A value of 0 indicates the first column, a value of 1 indicates the second column, and so on.
Include autoRun as an attribute to configure the application to run automatically.
Example:
<Application productId="{5B04B775-356B-4AA0-AAF8-6491FFEA5601}" autoRun="true"> <PinToStart> <Size>Large</Size> <Location> <LocationX>0</LocationX> <LocationY>2</LocationY> </Location> </PinToStart> </Application>
AppInstall
Provide the installation type ("SDCard" or "Network"), product ID, application file path, and license file path to install an application during the OOBE provisioning. Applications can be installed during OOBE from an SD card or from a shared network location.
Example:
<characteristic type="AppInstall"> <characteristic type="SDCard"> <parm name="ProductID" value="{912627c8-174c-4a49-ac53-a2b8e4a5be37}"/> <parm name="AppXPath" value="Appx\ReliabilityAppxV1.appx"/> <parm name="LicensePath" value="Appx\ReliabilityAppxV1_license.xml"/> </characteristic> <characteristic type="Network"> <parm name="ProductID" value="{912627c8-174c-4a49-ac53-a2b8e4a5be37}"/> <parm name="AppXPath" value="\\SharedFolder\ReliabilityAppxV1.appx"/> <parm name="LicensePath" value="\\SharedFolder\ReliabilityAppxV1_license.xml"/> </characteristic> </characteristic>
The following example shows how to use an XAP package:
<characteristic type="AppInstall"> <characteristic type="SDCard"> <parm name="ProductID" value="{F8240AA8-B1C7-4a9c-8914-79BA6A466475}"/> <parm name="XAPPath" value="MEGSLTestGame.xap"/> <parm name="LicensePath" value="MEGSLTestGame_License.xml"/> </characteristic> </characteristic>
Settings
Provide the setting name that will be available on the device.
Example:
<Settings> <System name="Microsoft.Themes" /> <Application name="Microsoft.Search" /> </Settings>
Important noteIf the Microsoft.DateTime setting is not locked down, users can change the time on the device. This can cause scheduled maintenance and communication with the MDM server to occur at the wrong time.Buttons
The following list identifies the hardware buttons on the device that you can lock down in ButtonLockdownList. When a user taps a button that is in the lockdown list, nothing will happen.
Start
NoteLock down of the Start button only prevents the press and hold event.Back
Search
Camera
Custom1
Custom2
Custom3
NoteCustom buttons are hardware buttons that can be added to devices by OEMs.
Example:
<Buttons> <ButtonLockdownList> <!-- Lockdown all buttons --> <Button name="Search"> </Button> <Button name="Camera"> </Button> <Button name="Custom1"> </Button> <Button name="Custom2"> </Button> <Button name="Custom3"> </Button> </ButtonLockdownList>
The Search and custom buttons can be remapped or configured to open a specific application. Button remapping takes effect for the device and applies to all users.
NoteThe lockdown settings for a button, per user role, will apply regardless of the button mapping.CautionButton remapping can enable a user to open an application that is not in the Allow list. Use button lock down to prevent application access for a user role.To remap a button in Prov.xml, you supply the button name, the button event (typically "press"), and the product ID for the application the button will open.
Example:
<ButtonRemapList> <Button name="Search"> <ButtonEvent name="Press"> <!-- Alarms --> <Application productId="{08179793-ED2E-45EA-BA12-BDE3EE9C3CE3}" parameters="" /> </ButtonEvent> </Button> </ButtonRemapList>
Disabling navigation buttons
To disable navigation buttons (such as Home or Back) in prov.xml, you supply the name (for example, Start) and button event (typically "press").
The following section contains a sample WEHLockdown.xml file that shows how to disable navigation buttons.
Example:
<?xml version="1.0" encoding="utf-8"?> <HandheldLockdown version="1.0" > <Default> <ActionCenter enabled="false" /> <Apps> <!-- Settings --> <Application productId="{5B04B775-356B-4AA0-AAF8-6491FFEA5601}"> <PinToStart> <Size>Large</Size> <Location> <LocationX>0</LocationX> <LocationY>0</LocationY> </Location> </PinToStart> </Application>
<!-- Phone Apps --> <Application productId="{5B04B775-356B-4AA0-AAF8-6491FFEA5611}"> <PinToStart> <Size>Small</Size> <Location> <LocationX>2</LocationX> <LocationY>2</LocationY> </Location> </PinToStart> </Application> </Apps> <Buttons> <ButtonLockdownList> <Button name="Start"> <ButtonEvent name="Press" /> </Button> <Button name="Back"> <ButtonEvent name="Press" /> <ButtonEvent name="PressAndHold" /> </Button> <Button name="Search"> <ButtonEvent name="All" /> </Button> <Button name="Camera"> <ButtonEvent name="Press" /> <ButtonEvent name="PressAndHold" /> </Button> <Button name="Custom1"> <ButtonEvent name="Press" /> <ButtonEvent name="PressAndHold" /> </Button> <Button name="Custom2"> <ButtonEvent name="Press" /> <ButtonEvent name="PressAndHold" /> </Button> <Button name="Custom3"> <ButtonEvent name="Press" /> <ButtonEvent name="PressAndHold" /> </Button> </ButtonLockdownList> <ButtonRemapList /> </Buttons> <MenuItems> <DisableMenuItems/> </MenuItems> <Settings> <System name="Microsoft.About" /> <System name="Microsoft.FlashAppSetting" /> <System name="Microsoft.CompanyAccount" /> <System name="Microsoft.WiFi" /> <Application name="Microsoft.Search" /> <Application name="Microsoft.IE" /> <Application name="Microsoft.Maps" /> <Application name="Microsoft.Messaging" /> <Application name="Microsoft.OfficeMobile" /> <Application name="Microsoft.Contacts" /> <Application name="Microsoft.Phone" /> </Settings> <Tiles> <EnableTileManipulation/> </Tiles> <StartScreenSize>Small</StartScreenSize> </Default>
</HandheldLockdown>
MenuItems
Use DisableMenuItems to prevent use of the context menu, which is displayed when a user presses and holds an application in the All Programs list. You can include this entry in the default profile and in any additional user role profiles that you create.
Example:
<MenuItems> <DisableMenuItems/> </MenuItems>
Important noteIf DisableMenuItems is not included in a profile, users of that profile can uninstall apps.Tiles
Turning-on tile manipulation
By default, under Assigned Access, tile manipulation is turned off (blocked) and only available if enabled in the user’s profile.
If tile manipulation is enabled in the user’s profile, they can pin/unpin, move, and resize tiles based on their preferences. When multiple people use one device and you want to enable tile manipulation for multiple users, you must enable it for each user in their user profile.
Important noteIf a device is turned off then back on, the tiles reset to their predefined layout. If a device has only one profile, the only way to reset the tiles is to turn off then turn on the device. If a device has multiple profiles, the device resets the tiles to the predefined layout based on the logged-in user’s profile.The following sample file contains code for enabling tile manipulation.
NoteTile manipulation is disabled when you don’t have a <Tiles> node in WEHLockdown.xml, or if you have a <Tiles> node but don’t have the <EnableTileManipulation/> node.Example:
<?xml version="1.0" encoding="utf-8"?> <HandheldLockdown version="1.0" > <Default> <ActionCenter enabled="false" /> <Apps> <!-- Settings --> <Application productId="{5B04B775-356B-4AA0-AAF8-6491FFEA5601}"> <PinToStart> <Size>Large</Size> <Location> <LocationX>0</LocationX> <LocationY>0</LocationY> </Location> </PinToStart> </Application>
<!-- Phone Apps --> <Application productId="{5B04B775-356B-4AA0-AAF8-6491FFEA5611}"> <PinToStart> <Size>Small</Size> <Location> <LocationX>2</LocationX> <LocationY>2</LocationY> </Location> </PinToStart> </Application> </Apps> <Buttons> <ButtonLockdownList> <Button name="Start"> <ButtonEvent name="Press" /> </Button> <Button name="Back"> <ButtonEvent name="Press" /> <ButtonEvent name="PressAndHold" /> </Button> <Button name="Search"> <ButtonEvent name="All" /> </Button> <Button name="Camera"> <ButtonEvent name="Press" /> <ButtonEvent name="PressAndHold" /> </Button> <Button name="Custom1"> <ButtonEvent name="Press" /> <ButtonEvent name="PressAndHold" /> </Button> <Button name="Custom2"> <ButtonEvent name="Press" /> <ButtonEvent name="PressAndHold" /> </Button> <Button name="Custom3"> <ButtonEvent name="Press" /> <ButtonEvent name="PressAndHold" /> </Button> </ButtonLockdownList> <ButtonRemapList /> </Buttons> <MenuItems> <DisableMenuItems/> </MenuItems> <Settings> <System name="Microsoft.About" /> <System name="Microsoft.FlashAppSetting" /> <System name="Microsoft.CompanyAccount" /> <System name="Microsoft.WiFi" /> <Application name="Microsoft.Search" /> <Application name="Microsoft.IE" /> <Application name="Microsoft.Maps" /> <Application name="Microsoft.Messaging" /> <Application name="Microsoft.OfficeMobile" /> <Application name="Microsoft.Contacts" /> <Application name="Microsoft.Phone" /> </Settings> <Tiles> <EnableTileManipulation/> </Tiles> <StartScreenSize>Small</StartScreenSize> </Default>
</HandheldLockdown>
CSP Runner
Allows CSPs to be executed on the device when there is no MDM provider. You can use this to implement role specific policies, such as changing the color scheme when an admin logs on the device, or to set configurations per role.
LockscreenWallpaper/
The parent node of the lock screen-related parameters that let adminstrators query and manage the lock screen image on devices. Supported operations: Add, Replace, and Get.LockscreenWallpaper/BGFileName
The file name of the lock screen. The image file for the lock screen can be in .jpg or .png format and must not exceed 2 MB. The file name can also be in the Universal Naming Convention (UNC) format, in which case the device downloads it from the shared network and then sets it as the lock screen wallpaper.Supported operations: Add, Replace, and Get.
Theme/
The parent node of theme-related parameters.Theme/ThemeBackground
Indicates whether the background color is light or dark. Set to 0 for light; set to 1 for dark.Theme/ThemeAccentColorID
The accent color to apply as the foreground color for tiles, controls, and other visual elements on the device. The following table shows the possible values.Value
Description
0
Lime
1
Green
2
Emerald
3
Teal (Viridian)
4
Cyan (Blue)
5
Cobalt
6
Indigo
7
Violet (Purple)
8
Pink
9
Magenta
10
Crimson
11
Red
12
Orange (Mango)
13
Amber
14
Yellow
15
Brown
16
Olive
17
Steel
18
Mauve
19
Sienna
101 through 104
Optional colors, as defined by the OEM
151
Custom accent color for Enterprise
For more information about accent colors, see Themes for Windows Phone.
Supported operations: Add, Replace, and Get.
Theme/ThemeAccentColorValue
A 6-character string for the accent color to apply to controls and other visual elements.To use a custom accent color for Enterprise, enter 151 for ThemeAccentColorID before ThemeAccentColorValue in Prov.xml. ThemeAccentColorValue configures the custom accent color using hex values for red, green, and blue, in RRGGBB format. For example, enter FF0000 for red.
PersistData
The parent node of whether to persist data that has been provisioned on the device.PersistData/PersistProvisionedData
Indicates whether to retain provisioned data when the user resets a device. Set to 0 if you do not want to persist provisioned data; set to 1 to persist it.
Note
PersistProvisionedData works with the RemoteWipe configuration service provider on Windows Phone OS. When executed, PersistProvisionedData backs up the persistent store folder so that the RemoteWipe configuration service provider can wipe the device. The information that was backed up is restored to the device when it resumes.
Clock/TimeZone/
An integer that specifies the time zone of the device. The following table shows the possible values.Value
Time zone
0
UTC-12 International Date Line West
100
UTC+13 Samoa
110
UTC-11 Coordinated Universal Time-11
200
UTC-10 Hawaii
300
UTC-09 Alaska
400
UTC-08 Pacific Time (US & Canada)
410
UTC-08 Baja California
500
UTC-07 Mountain Time (US & Canada)
510
UTC-07 Chihuahua, La Paz, Mazatlan
520
UTC-07 Arizona
600
UTC-06 Saskatchewan
610
UTC-06 Central America
620
UTC-06 Central Time (US & Canada)
630
UTC-06 Guadalajara, Mexico City, Monterrey
700
UTC-05 Eastern Time (US & Canada)
710
UTC-05 Bogota, Lima, Quito
720
UTC-05 Indiana (East)
800
UTC-04 Atlantic Time (Canada)
810
UTC-04 Cuiaba
820
UTC-04 Santiago
830
UTC-04 Georgetown, La Paz, Manaus, San Juan
840
UTC-04 Caracas
850
UTC-04 Asuncion
900
UTC-03:30 Newfoundland
910
UTC-03 Brasilia
920
UTC-03 Greenland
930
UTC-03 Montevideo
940
UTC-03 Cayenne, Fortaleza
950
UTC-03 Buenos Aires
960
UTC-03 Salvador
1000
UTC-02 Mid-Atlantic
1010
UTC-02 Coordinated Universal Time-02
1100
UTC-01 Azores
1110
UTC-01 Cape Verde Is.
1200
UTC Dublin, Edinburgh, Lisbon, London
1210
UTC Monrovia, Reykjavik
1220
UTC Casablanca
1230
UTC Coordinated Universal Time
1300
UTC+01 Belgrade, Bratislava, Budapest, Ljubljana, Prague
1310
UTC+01 Sarajevo, Skopje, Warsaw, Zagreb
1320
UTC+01 Brussels, Copenhagen, Madrid, Paris
1330
UTC+01 West Central Africa
1340
UTC+01 Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna
1350
UTC+01 Windhoek
1360
UTC+01 Tripoli
1400
UTC+02 E. Europe
1410
UTC+02 Cairo
1420
UTC+02 Helsinki, Kyiv, Riga, Sofia, Tallinn, Vilnius
1430
UTC+02 Athens, Bucharest
1440
UTC+02 Jerusalem
1450
UTC+02 Amman
1460
UTC+02 Beirut
1470
UTC+02 Harare, Pretoria
1480
UTC+02 Damascus
1490
UTC+02 Istanbul
1500
UTC+03 Kuwait, Riyadh
1510
UTC+03 Baghdad
1520
UTC+03 Nairobi
1530
UTC+03 Kaliningrad, Minsk
1540
UTC+04 Moscow, St. Petersburg, Volgograd
1550
UTC+03 Tehran
1600
UTC+04 Abu Dhabi, Muscat
1610
UTC+04 Baku
1620
UTC+04 Yerevan
1630
UTC+04 Kabul
1640
UTC+04 Tbilisi
1650
UTC+04 Port Louis
1700
UTC+06 Ekaterinburg
1710
UTC+05 Tashkent
1720
UTC+05 Chennai, Kolkata, Mumbai, New Delhi
1730
UTC+05 Sri Jayawardenepura
1740
UTC+05 Kathmandu
1750
UTC+05 Islamabad, Karachi
1800
UTC+06 Astana
1810
UTC+07 Novosibirsk
1820
UTC+06 Yangon (Rangoon)
1830
UTC+06 Dhaka
1900
UTC+08 Krasnoyarsk
1910
UTC+07 Bangkok, Hanoi, Jakarta
1900
UTC+08 Krasnoyarsk
2000
UTC+08 Beijing, Chongqing, Hong Kong, Urumqi
2010
UTC+09 Irkutsk
2020
UTC+08 Kuala Lumpur, Singapore
2030
UTC+08 Taipei
2040
UTC+08 Perth
2050
UTC+08 Ulaanbaatar
2100
UTC+09 Seoul
2110
UTC+09 Osaka, Sapporo, Tokyo
2120
UTC+10 Yakutsk
2130
UTC+09 Darwin
2140
UTC+09 Adelaide
2200
UTC+10 Canberra, Melbourne, Sydney
2210
UTC+10 Brisbane
2220
UTC+10 Hobart
2230
UTC+11 Vladivostok
2240
UTC+10 Guam, Port Moresby
2300
UTC+11 Solomon Is., New Caledonia
2310
UTC+12 Magadan
2400
UTC+12 Fiji
2410
UTC+12 Auckland, Wellington
2420
UTC+12 Petropavlovsk-Kamchatsky
2430
UTC+12 Coordinated Universal Time +12
2500
UTC+13 Nuku'alofa
Locale/Language/
The culture code that identifies the language to display on a device, and specifies the formatting of numbers, currencies, time, and dates. For language values, see Locale IDs Assigned by Microsoft.The language setting is configured in the Default User profile only.
OMA client provisioning examples
The XML examples in this section show how to perform various tasks by using OMA client provisioning.
Note
These examples are XML snippets and do not include all sections that are required for a complete Prov.xml file.
Assigned Access settings
The following example shows how to add a new policy.
<wap-provisioningdoc>
<characteristic type="EnterpriseAssignedAccess">
<characteristic type="AssignedAccess">
<parm name=" AssignedAccessXml" datatype="string"
value="<?xml version="1.0" encoding="utf-8"?><HandheldLockdown version="1.0"><Default><Apps><Application productId="{5B04B775-356B-4AA0-AAF8-6491FFEA5615}" pinToStart="1"/><Application productId="{5B04B775-356B-4AA0-AAF8-6491FFEA5612}" pinToStart="0"/></Apps><Settings><System name="Microsoft.Themes" /><System name="Microsoft.About" /></Settings><Buttons><ButtonLockdownList><Button name="Start"><ButtonEvent name="Press" /><ButtonEvent name="PressAndHold" /></Button><Button name="Camera"><ButtonEvent name="Press" /><ButtonEvent name="PressAndHold" /></Button><Button name="Search"><ButtonEvent name="Press" /><ButtonEvent name="PressAndHold" /></Button></ButtonLockdownList><ButtonRemapList/></Buttons><MenuItems><DisableMenuItems/></MenuItems></Default><RoleList><Role guid="{76C01983-A872-4C4E-B4C6-321EAC709CEA}" name="Associate"><Apps><Application productId="{5B04B775-356B-4AA0-AAF8-6491FFEA5615}" pinToStart="1"/></Apps><Settings><System name="Microsoft.Themes" /><System name="Microsoft.About" /></Settings><Buttons><ButtonLockdownList><Button name="Start"><ButtonEvent name="Press" /><ButtonEvent name="PressAndHold" /></Button><Button name="Camera"><ButtonEvent name="Press" /><ButtonEvent name="PressAndHold" /></Button></ButtonLockdownList><ButtonRemapList/></Buttons><MenuItems><DisableMenuItems/></MenuItems></Role><Role guid="{8ABB8A10-4418-4467-9E18-99D11FA54E30}" name="Manager"><Apps><Application productId="{5B04B775-356B-4AA0-AAF8-6491FFEA5612}" pinToStart="1"/></Apps><Settings><System name="Microsoft.Themes" /></Settings><Buttons><ButtonLockdownList><Button name="Start"><ButtonEvent name="Press" /><ButtonEvent name="PressAndHold" /></Button></ButtonLockdownList><ButtonRemapList/></Buttons><MenuItems><DisableMenuItems/></MenuItems></Role></RoleList></HandheldLockdown>"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>
Language
The following example shows how to specify the language to display on the device.
<wap-provisioningdoc>
<characteristic type="EnterpriseAssignedAccess">
<characteristic type="Language">
<parm name="Language" datatype="string"
<parm name="Language" value="1033" />
</characteristic>
</wap-provisioningdoc>
OMA DM examples
These XML examples show how to perform various tasks using OMA DM.
Assigned access settings
The following example shows how to lock down a device.
<SyncML xmlns="SYNCML:SYNCML1.2">
<SyncBody>
<Add>
<CmdID>2</CmdID>
<Item>
<Target>
<LocURI>./Vendor/MSFT/EnterpriseAssignedAccess/AssignedAccess/AssignedAccessXml</LocURI>
</Target>
<Data><?xml version="1.0" encoding="utf-8"?><HandheldLockdown version="1.0"><Default><Apps><Application productId="{5B04B775-356B-4AA0-AAF8-6491FFEA5615}" pinToStart="1"/><Application productId="{5B04B775-356B-4AA0-AAF8-6491FFEA5612}" pinToStart="2"/></Apps><Settings><System name="Microsoft.Themes" /><System name="Microsoft.About" /></Settings><Buttons><Button name="Start" disableEvents="PressAndHold" /><Button name="Camera" disableEvents="All" /><Button name="Search" disableEvents="All" /></Buttons><MenuItems><DisableMenuItems/></MenuItems></Default><RoleList><Role guid="{76C01983-A872-4C4E-B4C6-321EAC709CEA}" name="Associate"><Apps><Application productId="{5B04B775-356B-4AA0-AAF8-6491FFEA5615}" pinToStart="1"/></Apps><Settings><System name="Microsoft.Themes" /><System name="Microsoft.About" /></Settings><Buttons><Button name="Start" disableEvents="PressAndHold" /><Button name="Camera" disableEvents="All" /></Buttons><MenuItems><DisableMenuItems/></MenuItems></Role><Role guid="{8ABB8A10-4418-4467-9E18-99D11FA54E30}" name="Manager"><Apps><Application productId="{5B04B775-356B-4AA0-AAF8-6491FFEA5612}" pinToStart="1"/></Apps><Settings><System name="Microsoft.Themes" /></Settings><Buttons><Button name="Start" disableEvents="PressAndHold" /></Buttons><MenuItems><DisableMenuItems/></MenuItems></Role></RoleList></HandheldLockdown></Data>
</Item>
</Add>
<Final/>
</SyncBody>
</SyncML>
Theme
The following example shows how to change the accent color to one of the standard colors.
<SyncML xmlns="SYNCML:SYNCML1.2">
<SyncBody>
<Replace>
<CmdID>1</CmdID>
<Item>
<Target>
<LocURI>./Vendor/MSFT/EnterpriseAssignedAccess/Theme/ThemeAccentColorID</LocURI>
</Target>
<Meta>
<Format xmlns="syncml:metinf">int</Format>
</Meta>
<!-- zero based index of available theme colors -->
<Data>7</Data>
</Item>
</Replace>
<Final/>
</SyncBody>
</SyncML>
The following example shows how to change the theme.
<SyncML xmlns="SYNCML:SYNCML1.2">
<SyncBody>
<Replace>
<CmdID>1</CmdID>
<Item>
<Target>
<LocURI>./Vendor/MSFT/EnterpriseAssignedAccess/Theme/ThemeBackground</LocURI>
</Target>
<Meta>
<Format xmlns="syncml:metinf">int</Format>
</Meta>
<!-- 0 for "light", 1 for "dark" -->
<Data>1</Data>
</Item>
</Replace>
<Final/>
</SyncBody>
</SyncML>
The following example shows how to set a custom theme accent color for the enterprise environment.
<SyncBody>
<Replace>
<CmdID>1</CmdID>
<Item>
<Target>
<LocURI>./Vendor/MSFT/EnterpriseAssignedAccess/Theme/ThemeAccentColorID</LocURI>
</Target>
<Meta>
<Format xmlns="syncml:metinf">int</Format>
</Meta>
<!—set to Enterprise custom -->
<Data>151</Data>
</Item>
</Replace>
<Replace>
<CmdID>2</CmdID>
<Item>
<Target>
<LocURI>./Vendor/MSFT/EnterpriseAssignedAccess/Theme/ThemeAccentColorValue</LocURI>
</Target>
<Meta>
<Format xmlns="syncml:metinf">chr</Format>
</Meta>
<!—sets custom accent color of red -->
<Data>FF0000</Data>
</Item>
</Replace>
<Final/>
</SyncBody>
Lock screen
Use the examples in this section to set a new lock screen and manage the lock screen features. If using a UNC path, format the LocURI as \\host\share\image.jpg.
<Add>
<CmdID>2</CmdID>
<Item>
<Target>
<LocURI>./Vendor/MSFT/EnterpriseAssignedAccess/LockScreenWallpaper/BGFileName</LocURI>
<Meta>
<Format xmlns="syncml:metinf">chr</Format>
<Type xmlns="syncml:metinf">text/plain</Type>
</Meta>
<Data>c:\windows\system32\lockscreen\480x800\Wallpaper_015.jpg </Data>
</Target>
</Item>
</Add>
The following example shows how to query the device for the file being used as the lock screen.
<Get>
<CmdID>2</CmdID>
<Item>
<Target>
<LocURI>./Vendor/MSFT/EnterpriseAssignedAccess/LockScreenWallpaper/BGFileName</LocURI>
</Target>
</Item>
</Get>
The following example shows how to change the existing lock screen image to one of your choosing.
<SyncML xmlns="SYNCML:SYNCML1.2">
<SyncBody>
<Replace>
<CmdID>2</CmdID>
<Item>
<Target>
<LocURI>./Vendor/MSFT/EnterpriseAssignedAccess/LockScreenWallpaper/BGFileName</LocURI>
</Target>
<Meta>
<Format xmlns="syncml:metinf">chr</Format>
<Type xmlns="syncml:metinf">text/plain</Type>
</Meta>
<Data>c:\windows\system32\lockscreen\480x800\Wallpaper_015.jpg</Data>
</Item>
</Replace>
<Final/>
</SyncBody>
</SyncML>
Persist provisioned data
<SyncML xmlns="SYNCML:SYNCML1.2">
<SyncBody>
<Replace>
<CmdID>2</CmdID>
<Item>
<Target>
<LocURI>./Vendor/MSFT/EnterpriseAssignedAccess/PersistData/PersistProvisionedData </LocURI>
</Target>
<Meta>
<Format xmlns="syncml:metinf">int</Format>
</Meta>
<Data>1</Data>
</Item>
</Replace>
<Final/>
</SyncBody>
</SyncML>
Time zone
The following example shows how to set the time zone to UTC-07 Mountain Time (US & Canada).
<SyncML xmlns="SYNCML:SYNCML1.2">
<SyncBody>
<Replace>
<CmdID>2</CmdID>
<Item>
<Target>
<LocURI>./Vendor/MSFT/EnterpriseAssignedAccess/Clock/TimeZone</LocURI>
</Target>
<Meta>
<Format xmlns="syncml:metinf">int</Format>
</Meta>
<Data>500</Data>
</Item>
</Replace>
<Final/>
</SyncBody>
</SyncML>
The following example shows how to set the time zone to Pacific Standard Time (UTC-08:00) without observing daylight savings time (UTC+01:00).
<SyncML xmlns="SYNCML:SYNCML1.2">
<SyncBody>
<Replace>
<CmdID>2</CmdID>
<Item>
<Target>
<LocURI>./Vendor/MSFT/EnterpriseAssignedAccess/Clock/TimeZone</LocURI>
</Target>
<Meta>
<Format xmlns="syncml:metinf">int</Format>
</Meta>
<Data>400 </Data>
</Item>
</Replace>
<Final/>
</SyncBody>
</SyncML>
Language
The following example shows how to set the language.
<SyncML xmlns="SYNCML:SYNCML1.2">
<SyncBody>
<Replace>
<CmdID>1</CmdID>
<Item>
<Target>
<LocURI>./Vendor/MSFT/EnterpriseAssignedAccess/Locale/Language</LocURI>
</Target>
<Meta>
<Format xmlns="syncml:metinf">int</Format>
</Meta>
<Data>1033</Data>
</Item>
</Replace>
<Final/>
</SyncBody>
</SyncML>
Schema for the AssignedAccessXML
This XSD can be used to validate that the XML in the <Data> block constitutes valid XML that can be provisioned successfully onto the device.
Role Lists
Button management for: Custom1, Custom2, Custom3
<xs:schema
xmlns:xs="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified">
<!-- COMPLEX TYPE: ROLE LIST TYPE -->
<xs:complexType name="role_list_t">
<xs:sequence minOccurs="1" maxOccurs="1">
<xs:element name="Role" type="role_t" minOccurs="1" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<!-- COMPLEX TYPE: START SCREEN SIZE TYPE -->
<xs:simpleType name="startscreen_size_t">
<xs:restriction base="xs:string">
<!-- Small: 4 columns-->
<xs:enumeration value="Small"/>
<!-- Large: 6 columns-->
<xs:enumeration value="Large"/>
</xs:restriction>
</xs:simpleType>
<!-- COMPLEX TYPE: APPLICATION LIST TYPE -->
<xs:complexType name="application_list_t">
<xs:sequence minOccurs="0" maxOccurs="1">
<xs:element name="Application" type="application_t" minOccurs="0" maxOccurs="unbounded" />
</xs:sequence>
</xs:complexType>
<!-- COMPLEX TYPE: BUTTON LIST TYPE -->
<xs:complexType name="button_list_t">
<xs:sequence minOccurs="0" maxOccurs="1">
<xs:element name="Button" minOccurs="0" maxOccurs="6" type="button_t"/>
</xs:sequence>
</xs:complexType>
<!-- COMPLEX TYPE: MENU ITEM LIST TYPE -->
<xs:complexType name="menu_item_list_t">
<xs:sequence minOccurs="0" maxOccurs="1">
<xs:element name="DisableMenuItems" minOccurs="0" maxOccurs="1"/>
</xs:sequence>
</xs:complexType>
<!-- COMPLEX TYPE: DEFAULT TYPE -->
<xs:complexType name="default_basic_t">
<xs:sequence minOccurs="1">
<xs:element name="ActionCenter" type="actioncenter_t" minOccurs="1"/>
<xs:element name="Apps" type="application_list_t" minOccurs="1">
<xs:unique name="duplicateAppsForbidden">
<xs:selector xpath="Application"/>
<xs:field xpath="@productId"/>
</xs:unique>
</xs:element>
<xs:element name="Buttons" minOccurs="1">
<xs:complexType>
<xs:all>
<xs:element name="ButtonLockdownList" type="button_list_t" minOccurs="0"/>
<xs:element name="ButtonRemapList" type="button_list_t" minOccurs="0"/>
</xs:all>
</xs:complexType>
</xs:element>
<xs:element name="CSPRunner" minOccurs="0"/>
<xs:element name="MenuItems" type="menu_item_list_t" minOccurs="1"/>
<xs:element name="Settings" minOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element name="System" type="setting_t" minOccurs="0" maxOccurs="unbounded" />
<xs:element name="Application" type="setting_t" minOccurs="0" maxOccurs="unbounded" />
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
<!-- COMPLEX TYPE: ROLE TYPE -->
<xs:complexType name="role_t">
<xs:complexContent>
<xs:extension base="default_basic_t">
<xs:attribute name="guid" type="guid_t" use="required"/>
<xs:attribute name="name" type="xs:string" use="required"/>
</xs:extension>
</xs:complexContent>
</xs:complexType>
<!-- COMPLEX TYPE: DEFAULT ROLE TYPE -->
<xs:complexType name="default_role_t">
<xs:complexContent>
<xs:extension base="default_basic_t">
<xs:sequence minOccurs="1">
<xs:element name="StartScreenSize" type="startscreen_size_t" minOccurs="1"/>
</xs:sequence>
</xs:extension>
</xs:complexContent>
</xs:complexType>
<!-- COMPLEX TYPE: Action Center -->
<xs:complexType name="actioncenter_t">
<xs:attribute type="xs:boolean" name="enabled" use="required"/>
</xs:complexType>
<!-- COMPLEX TYPE: APPLICATION TYPE -->
<xs:complexType name="application_t">
<xs:all minOccurs="0">
<xs:element name="PinToStart" type="start_tile_t" />
</xs:all>
<xs:attribute name="productId" type="guid_t" use="required"/>
<xs:attribute name="parameters" type="xs:string" use="optional"/>
<xs:attribute name="autoRun" type="xs:boolean" use="optional"/>
</xs:complexType>
<!-- COMPLEX TYPE: START SCREEN TILE CONFIGURATION TYPE-->
<xs:complexType name="start_tile_t">
<xs:all minOccurs="1" maxOccurs="1">
<xs:element name="Size" type="tile_size_t" minOccurs="1" />
<xs:element name="Location" type="tile_location_t" minOccurs="1" />
</xs:all>
</xs:complexType>
<!-- COMPLEX TYPE: SETTING TYPE -->
<xs:complexType name="setting_t">
<xs:attribute name="name" type="xs:string" use="required"/>
</xs:complexType>
<!-- COMPLEX TYPE: BUTTON TYPE -->
<xs:complexType name="button_t">
<xs:sequence minOccurs="0" maxOccurs="1">
<xs:element name="ButtonEvent" type="button_event_t" minOccurs="0" maxOccurs="2"/>
</xs:sequence>
<xs:attribute name="name" type="supported_button_t" use="required"/>
</xs:complexType>
<!-- COMPLEX TYPE: BUTTON EVENT TYPE -->
<xs:complexType name="button_event_t">
<xs:all minOccurs="0" maxOccurs="1">
<xs:element name="Application" type="application_t" minOccurs="0" maxOccurs="1" />
</xs:all>
<xs:attribute name="name" type="supported_button_event_t" use="required"/>
</xs:complexType>
<!--COMPLEX TYPE: START TILE TYPE-->
<xs:complexType name="tile_location_t">
<xs:sequence minOccurs="0" maxOccurs="1">
<xs:element name="LocationX" type="xs:unsignedLong"/>
<xs:element name="LocationY" type="xs:unsignedLong"/>
</xs:sequence>
</xs:complexType>
<!-- SIMPLE TYPE: SUPPORTED BUTTON TYPE -->
<xs:simpleType name="supported_button_t">
<xs:restriction base="xs:string">
<xs:enumeration value="Start"/>
<xs:enumeration value="Search"/>
<xs:enumeration value="Camera"/>
<xs:enumeration value="Custom1"/>
<xs:enumeration value="Custom2"/>
<xs:enumeration value="Custom3"/>
</xs:restriction>
</xs:simpleType>
<!-- SIMPLE TYPE: SUPPORTED BUTTON EVENT TYPE -->
<xs:simpleType name="supported_button_event_t">
<xs:restriction base="xs:string">
<xs:enumeration value="All"/>
<xs:enumeration value="Press"/>
<xs:enumeration value="PressAndHold"/>
</xs:restriction>
</xs:simpleType>
<!-- SIMPLE TYPE: GUID -->
<xs:simpleType name="guid_t">
<xs:restriction base="xs:string">
<xs:pattern value="\{[0-9a-fA-F]{8}\-([0-9a-fA-F]{4}\-){3}[0-9a-fA-F]{12}\}"/>
</xs:restriction>
</xs:simpleType>
<!--SIMPLE TYPE: TILE SIZE-->
<xs:simpleType name="tile_size_t">
<xs:restriction base="xs:string">
<xs:enumeration value="Small"/>
<xs:enumeration value="Medium"/>
<xs:enumeration value="Large"/>
</xs:restriction>
</xs:simpleType>
<!-- SCHEMA -->
<xs:element name="HandheldLockdown">
<xs:complexType>
<xs:all minOccurs="1">
<xs:element name="Default" type="default_role_t"/>
<xs:element name="RoleList" type="role_list_t" minOccurs="0">
<xs:unique name="duplicateRolesForbidden">
<xs:selector xpath="Role"/>
<xs:field xpath="@guid"/>
</xs:unique>
</xs:element>
</xs:all>
<xs:attribute name="version" use="required" type="xs:decimal"/>
</xs:complexType>
</xs:element>
</xs:schema>