deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 21:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #8422 from paolomatarazzo/pm-20230620-whfb-rdpcert

Browse Source 
[WHFB] update to certificate note
This commit is contained in:
Stephanie Savell 2023-06-20 16:37:43 -05:00 committed by GitHub
commit 1b9e2d9cc3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md
View File

@ -5,7 +5,7 @@ ms.collection:
- ContentEngagementFY23 - ContentEngagementFY23
- tier1 - tier1
ms.topic: article ms.topic: article
ms.date: 03/15/2023 ms.date: 06/20/2023
--- ---
# Deploy certificates for remote desktop (RDP) sign-in # Deploy certificates for remote desktop (RDP) sign-in
@ -88,8 +88,11 @@ Follow these steps to create a certificate template:
## Deploy certificates via Intune ## Deploy certificates via Intune
> [!NOTE] > [!CAUTION]
> This process is applicable to both *Azure AD joined* and *hybrid Azure AD joined* devices that are managed via Intune. > This process is applicable to both *Azure AD joined* and *hybrid Azure AD joined* devices that are managed via Intune.
>
> If you deploy certificates via Intune and configure Windows Hello for Business via group policy, the devices will fail to obtain a certificate, logging the error code `0x82ab0011` in the `DeviceManagement-Enterprise-Diagnostic-Provider` log.\
> To avoid the error, configure Windows Hello for Business via Intune instead of group policy.
Deploying a certificate to Azure AD joined or hybrid Azure AD joined devices may be achieved using the Simple Certificate Enrollment Protocol (SCEP) or PKCS (PFX) via Intune. For guidance deploying the required infrastructure, refer to: Deploying a certificate to Azure AD joined or hybrid Azure AD joined devices may be achieved using the Simple Certificate Enrollment Protocol (SCEP) or PKCS (PFX) via Intune. For guidance deploying the required infrastructure, refer to: