From 15e5f42549fff7b0aef3d142fea95d6b7961ecd3 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 15 Nov 2022 17:41:44 -0500 Subject: [PATCH] updates --- .../hello-for-business/hello-deployment-rdp-certs.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index 89d1beeda3..bc9258e92e 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -36,7 +36,8 @@ Windows Hello for Business supports using a certificate as the supplied credenti ## Deploy certificates via Active Directory Certificate Services (AD CS) -This scenario is applicable to hybrid Azure AD joined devices only. +> [!NOTE] +> This process is applicable to hybrid Azure AD joined devices only. To deploy certificates using an on-premises Active Directory Certificate Services enrollment policy, you must first create a *certificate template* and then deploy certificates based on that template. @@ -129,7 +130,10 @@ Follow these steps to create a certificate template: -## Deploying a certificate to Hybrid or Azure AD Joined Devices using Simple Certificate Enrollment Protocol (SCEP) via Intune +## Deploy certificates via Microsoft Intune + +> [!NOTE] +> This process is applicable to both *Azure AD joined* and *hybrid Azure AD joined* devices that are managed via Intune. Deploying a certificate to Azure AD joined or hybrid Azure AD joined devices may be achieved using the Simple Certificate Enrollment Protocol (SCEP) or PFX via Intune. For guidance deploying the required infrastructure, refer to [Configure infrastructure to support SCEP certificate profiles with Microsoft Intune](/mem/intune/protect/certificates-scep-configure).