From 1191156825662d39158f2f8869c738fbf7bb4e86 Mon Sep 17 00:00:00 2001 From: Justin Hall Date: Fri, 25 Jan 2019 14:30:13 -0800 Subject: [PATCH] edits --- .../security/identity-protection/vpn/vpn-conditional-access.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/vpn/vpn-conditional-access.md b/windows/security/identity-protection/vpn/vpn-conditional-access.md index c2f3fb197a..7a6fc2c11e 100644 --- a/windows/security/identity-protection/vpn/vpn-conditional-access.md +++ b/windows/security/identity-protection/vpn/vpn-conditional-access.md @@ -52,7 +52,7 @@ The following client-side components are also required: - Trusted Platform Module (TPM) ## VPN device compliance -At this time, the Azure AD certificates issued to users do not contain a CRL Distribution Point (CDP) and are not suitable for Key Distribution Centers (KDCs) to issue Kerberos tokens. For users to gain access to on-premises resources such as files on a network share, client authentication certificates must be deployed to the users Windows profile, and their VPNv2 profiles must contain the section. +At this time, the Azure AD certificates issued to users do not contain a CRL Distribution Point (CDP) and are not suitable for Key Distribution Centers (KDCs) to issue Kerberos tokens. For users to gain access to on-premises resources such as files on a network share, client authentication certificates must be deployed to the Windows profiles of the users, and their VPNv2 profiles must contain the section. Server-side infrastructure requirements to support VPN device compliance include: