- updated headers on hybrid deployments

windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md

@@ -17,6 +17,7 @@ ms.date: 08/19/2018
 - Windows 10
 - Azure Active Directory joined
 - Hybrid Deployment
+- Certificate trust
 
 If you plan to use certificates for on-premises single-sign on, then follow these **addtional** steps to configure the environment to enroll a Windows Hello for Business certificates for Azure AD joined devices.
 

windows/security/identity-protection/hello-for-business/hello-hybrid-cert-new-install.md

@@ -14,9 +14,10 @@ ms.date: 08/19/2018
 # Windows Hello for Business Certificate Trust New Installation
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1703 or later
+-   Hybrid deployment
+-   Certificate trust
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
 
 Windows Hello for Business involves configuring distributed technologies that may or may not exist in your current infrastructure.  Hybrid certificate trust deployments of Windows Hello for Business rely on these technologies
 

windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md

@@ -14,9 +14,10 @@ ms.date: 08/18/2018
 # Configure Device Registration for Hybrid Windows Hello for Business
 
 **Applies to**
--  Windows 10
+-  Windows 10, version 1703 or later
+-  Hybrid deployment
+-  Certificate trust
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
  
 You're environment is federated and you are ready to configure device registration for your hybrid environment. Hybrid Windows Hello for Business deployment needs device registration and device write-back to enable proper device authentication.  
   

windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md

@@ -14,11 +14,11 @@ ms.date: 08/19/2018
 # Hybrid Windows Hello for Business Prerequisites
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1703 or later
+-   Hybrid deployment
+-   Certificate trust
 
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
-
 Hybrid environments are distributed systems that enable organizations to use on-premises and Azure-based identities and resources. Windows Hello for Business uses the existing distributed system as a foundation on which organizations can provide two-factor authentication that provides a single sign-in like experience to modern resources.
 
 The distributed systems on which these technologies were built involved several pieces of on-premises and cloud infrastructure.  High-level pieces of the infrastructure include:

windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust.md

@@ -14,9 +14,9 @@ ms.date: 09/08/2017
 # Hybrid Azure AD joined Certificate Trust Deployment
 
 **Applies to**
--   Windows 10
-
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
+-   Windows 10, version 1703 or later
+-   Hybrid deployment
+-   Certificate trust
 
  
 Windows Hello for Business replaces username and password sign-in to Windows with strong user authentication based on asymmetric key pair. The following deployment guide provides the information needed to successfully deploy Windows Hello for Business in a hybrid certificate trust scenario.

windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md

@@ -14,11 +14,11 @@ ms.date: 08/19/2018
 # Hybrid Windows Hello for Business Provisioning
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1703 or later
+-   Hybrid deployment
+-   Certificate trust
 
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
-
 ## Provisioning
 The Windows Hello for Business provisioning begins immediately after the user has signed in, after the user profile is loaded, but before the user receives their desktop.  Windows only launches the provisioning experience if all the prerequisite checks pass. You can determine the status of the prerequisite checks by viewing the **User Device Registration** in the **Event Viewer** under **Applications and Services Logs\Microsoft\Windows**.
 

windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-ad.md

@@ -14,9 +14,10 @@ ms.date: 08/19/2018
 # Configuring Windows Hello for Business: Active Directory
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1703 or later
+-   Hybrid deployment
+-   Certificate trust
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
 
 The key synchronization process for the hybrid deployment of Windows Hello for Business needs the Windows Server 2016 Active Directory schema. 
 

windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-adfs.md

@@ -9,17 +9,16 @@ ms.pagetype: security, mobile
 ms.localizationpriority: medium
 author: mikestephens-MS
 ms.author: mstephen
-ms.date: 08/06/2018
+ms.date: 08/20/2018
 ---
 # Configure Windows Hello for Business: Active Directory Federation Services
 
 **Applies to**
--   Windows10
+-   Windows10, version 1703 or later
+-   Hybrid deployment
+-   Certificate trust
 
 ## Federation Services
-
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
-
 The Windows Server 2016 Active Directory Federation Server Certificate Registration Authority (AD FS RA) enrolls for an enrollment agent certificate. Once the registration authority verifies the certificate request, it signs the certificate request using its enrollment agent certificate and sends it to the certificate authority. 
 
 The Windows Hello for Business Authentication certificate template is configured to only issue certificates to certificate requests that have been signed with an enrollment agent certificate.

windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md

@@ -14,9 +14,10 @@ ms.date: 10/23/2017
 # Configure Hybrid Windows Hello for Business: Directory Synchronization
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1703 or later
+-   Hybrid deployment
+-   Certificate trust
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
 
 ## Directory Synchronization
 

windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md

@@ -15,11 +15,10 @@ ms.date: 08/19/2018
 # Configure Hybrid Windows Hello for Business: Public Key Infrastructure
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1703 or later
 -   Hybrid Deployment
 -   Certificate Trust
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
 
 Windows Hello for Business deployments rely on certificates.  Hybrid deployments uses publicly issued server authentication certificates to validate the name of the server to which they are connecting and to encrypt the data that flows them and the client computer.
 

windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-policy.md

@@ -14,9 +14,10 @@ ms.date: 08/19/2018
 # Configure Hybrid Windows Hello for Business: Group Policy
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1703 or later
+-   Hybrid deployment
+-   Certificate trust
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
 
 ## Policy Configuration
 

windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings.md

@@ -14,9 +14,10 @@ ms.date: 08/19/2018
 # Configure Windows Hello for Business
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1703 or later
+-   Hybrid deployment
+-   Certificate trust
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
  
 You're environment is federated and you are ready to configure your hybrid environment for Windows Hello for business using the certificate trust model.  
 > [!IMPORTANT]

windows/security/identity-protection/hello-for-business/hello-hybrid-key-new-install.md

@@ -14,11 +14,10 @@ ms.date: 08/19/2018
 # Windows Hello for Business Key Trust New Installation
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1703 or later
 -   Hybrid deployment
 -   Key trust
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
 
 Windows Hello for Business involves configuring distributed technologies that may or may not exist in your current infrastructure.  Hybrid key trust deployments of Windows Hello for Business rely on these technologies
 

windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-devreg.md

@@ -14,10 +14,10 @@ ms.date: 08/19/2018
 # Configure Device Registration for Hybrid key trust Windows Hello for Business
 
 **Applies to**
--  Windows 10
+-  Windows 10, version 1703 or later
+-  Hybrid deployment
+-  Key trust
 
-
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
  
 You are ready to configure device registration for your hybrid environment. Hybrid Windows Hello for Business deployment needs device registration to enable proper device authentication.   
 

windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-dirsync.md

@@ -14,11 +14,10 @@ ms.date: 08/19/2018
 # Configure Directory Synchronization for Hybrid key trust Windows Hello for Business
 
 **Applies to**
--  Windows 10
+-  Windows 10, version 1703 or later
 -  Hybrid deployment
 -  Key trust
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
  
 You are ready to configure directory synchronization for your hybrid environment. Hybrid Windows Hello for Business deployment needs both a cloud and an on-premises identity to authenticate and access resources in the cloud or on-premises.    
 

windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md

@@ -9,16 +9,16 @@ ms.pagetype: security, mobile
 author: mikestephens-MS
 ms.author: mstephen
 localizationpriority: high
-ms.date: 05/05/2018
+ms.date: 08/20/2018
 ---
 # Hybrid Key trust Windows Hello for Business Prerequisites
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1703 or later
+-   Hybrid deployment
+-   Key trust
 
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
-
 Hybrid environments are distributed systems that enable organizations to use on-premises and Azure-based identities and resources. Windows Hello for Business uses the existing distributed system as a foundation on which organizations can provide two-factor authentication that provides a single sign-in like experience to modern resources.
 
 The distributed systems on which these technologies were built involved several pieces of on-premises and cloud infrastructure.  High-level pieces of the infrastructure include:

windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust.md

@@ -9,14 +9,14 @@ ms.pagetype: security, mobile
 author: mikestephens-MS
 ms.author: mstephen
 ms.localizationpriority: medium
-ms.date: 10/20/2017
+ms.date: 08/20/2018
 ---
 # Hybrid Azure AD joined Key Trust Deployment
 
 **Applies to**
--   Windows 10
-
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
+-   Windows 10, version 1703 or later
+-   Hybrid deployment
+-   Key trust
 
  
 Windows Hello for Business replaces username and password sign-in to Windows with strong user authentication based on asymmetric key pair. The following deployment guide provides the information needed to successfully deploy Windows Hello for Business in a hybrid key trust scenario.

windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-provision.md

@@ -9,16 +9,16 @@ ms.pagetype: security, mobile
 author: mikestephens-MS
 ms.author: mstephen
 ms.localizationpriority: medium
-ms.date: 10/20/2017
+ms.date: 08/20/2018
 ---
 # Hybrid Windows Hello for Business Provisioning
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1703 or later
+-   Hybrid deployment
+-   Key trust
 
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
-
 ## Provisioning
 The Windows Hello for Business provisioning begins immediately after the user has signed in, after the user profile is loaded, but before the user receives their desktop.  Windows only launches the provisioning experience if all the prerequisite checks pass. You can determine the status of the prerequisite checks by viewing the **User Device Registration** in the **Event Viewer** under **Applications and Services Logs\Microsoft\Windows**.
 

windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-ad.md

@@ -9,14 +9,15 @@ ms.pagetype: security, mobile
 ms.localizationpriority: medium
 author: mikestephens-MS
 ms.author: mstephen
-ms.date: 05/05/2018
+ms.date: 08/20/2018
 ---
 # Configuring Hybrid key trust Windows Hello for Business: Active Directory
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1703 or later
+-   Hybrid deployment
+-   Key trust
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
 
 Configure the appropriate security groups to efficiently deploy Windows Hello for Business to users. 
 

windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md

@@ -14,9 +14,10 @@ ms.date: 08/19/2018
 # Configure Hybrid Windows Hello for Business: Directory Synchronization
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1703 or later
+-   Hybrid deployment
+-   Key trust
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
 
 ## Directory Syncrhonization
 

windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md

@@ -15,11 +15,10 @@ ms.date: 08/19/2018
 # Configure Hybrid Windows Hello for Business: Public Key Infrastructure
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1703 or later
 -   Hybrid Deployment
 -   Key trust
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
 
 Windows Hello for Business deployments rely on certificates.  Hybrid deployments uses publicly issued server authentication certificates to validate the name of the server to which they are connecting and to encrypt the data that flows them and the client computer.
 

windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md

@@ -9,14 +9,15 @@ ms.pagetype: security, mobile
 localizationpriority: high
 author: mikestephens-MS
 ms.author: mstephen
-ms.date: 05/05/2018
+ms.date: 08/20/2018
 ---
 # Configure Hybrid Windows Hello for Business: Group Policy
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1703 or later
+-   Hybrid deployment
+-   Key trust
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
 
 ## Policy Configuration
 

windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings.md

@@ -14,9 +14,10 @@ ms.date: 08/19/2018
 # Configure Hybrid Windows Hello for Business key trust settings
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1703 or later
+-   Hybrid deployment
+-   Key trust
 
->This guide only applies to Hybrid deployments for Windows 10, version 1703 or higher.
  
 You are ready to configure your hybrid key trust environment for Windows Hello for Business.