From 28ae62ccd6e65ab34ded23138f3fc90d2a94bbbc Mon Sep 17 00:00:00 2001
From: Angela Fleischmann <v-angelaf@microsoft.com>
Date: Fri, 28 Apr 2023 15:02:22 -0600
Subject: [PATCH] Apply suggestions from code review

Bolding the options
---
 ...roller-ldap-server-channel-binding-token-requirements.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-channel-binding-token-requirements.md b/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-channel-binding-token-requirements.md
index 8328477019..f17b958e97 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-channel-binding-token-requirements.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-channel-binding-token-requirements.md
@@ -33,9 +33,9 @@ CBT or EPA is used with TLS sessions when a SASL authentication method is used t
 
 ### Possible values
 
-- Never: No channel binding validation is performed. This is the behavior of all servers that haven't been updated.
-- When Supported: Clients that advertise support for Channel Binding Tokens must provide the correct token when authenticating over TLS/SSL connections; clients that don't advertise such support and/or don't use TLS/SSL connections aren't impacted. This is an intermediate option that allows for application compatibility.
-- Always: All clients must provide channel binding information over LDAPS. The server rejects LDAPS authentication requests from clients that don't do so.
+- **Never**: No channel binding validation is performed. This is the behavior of all servers that haven't been updated.
+- **When Supported**: Clients that advertise support for Channel Binding Tokens must provide the correct token when authenticating over TLS/SSL connections; clients that don't advertise such support and/or don't use TLS/SSL connections aren't impacted. This is an intermediate option that allows for application compatibility.
+- **Always**: All clients must provide channel binding information over LDAPS. The server rejects LDAPS authentication requests from clients that don't do so.
 
 ### Best practices