From 3087e46f8bf903fd11b3f6677ad3bb1ead3beb3e Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Tue, 29 Oct 2019 11:16:03 +0500
Subject: [PATCH] Added a note

I have added a note regarding the SCP script which is not needed to be executed.

Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/4776
---
 .../hello-for-business/hello-cert-trust-adfs.md                | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md
index 4563787217..16e5b256e2 100644
--- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md
+++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md
@@ -363,6 +363,9 @@ Active Directory Federation Server used for Windows Hello for Business certifica
 Approximately 60 days prior to enrollment agent certificate’s expiration, the AD FS service attempts to renew the certificate until it is successful.  If the certificate fails to renew, and the certificate expires, the AD FS server will request a new enrollment agent certificate.  You can view the AD FS event logs to determine the status of the enrollment agent certificate.
 
 ### Service Connection Point (SCP) in Active Directory for ADFS Device Registration Service
+>[!NOTE]
+> Normally this script is not needed as enabling Device Registration via the ADFS Management console already creates the objects. You can validate the SCP using the below script.
+
 Now you will add the Service connection Point to ADFS device registration Service for your Active directory by running the following script:
 
 >[!TIP]