From 48ebceb97a627962cbdc5cc3c2137f7c42a26818 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Mon, 21 Nov 2022 12:39:40 -0500
Subject: [PATCH] updates

---
 .../hello-for-business/hello-aad-join-cloud-only-deploy.md | 2 ++
 .../hello-hybrid-cloud-kerberos-trust.md                   | 4 ----
 .../identity-protection/hello-for-business/toc.yml         | 4 ++--
 windows/security/includes/hello-cloud.md                   | 7 +++++++
 4 files changed, 11 insertions(+), 6 deletions(-)
 create mode 100644 windows/security/includes/hello-cloud.md

diff --git a/windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md b/windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md
index c2cc43c54d..6912ee4dba 100644
--- a/windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md
+++ b/windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md
@@ -8,6 +8,8 @@ ms.topic: article
 ---
 # Azure Active Directory join cloud only deployment
 
+[!INCLUDE [hello-hybrid-key-trust](../../includes/hello-cloud.md)]
+
 ## Introduction
 
 When you Azure Active Directory (Azure AD) join a Windows device, the system prompts you to enroll in Windows Hello for Business by default. If you want to use Windows Hello for Business in your cloud-only environment, then there's no additional configuration needed.
diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md
index 4b65d68e29..d8063e6127 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md
@@ -10,10 +10,6 @@ ms.topic: article
 
 [!INCLUDE [hello-hybrid-key-trust](../../includes/hello-hybrid-cloudkerb-trust.md)]
 
-<br>
-
----
-
 Windows Hello for Business replaces password sign-in with strong authentication, using an asymmetric key pair. This deployment guide provides the information to successfully deploy Windows Hello for Business in a hybrid cloud Kerberos trust scenario.
 
 ## Introduction to cloud Kerberos trust
diff --git a/windows/security/identity-protection/hello-for-business/toc.yml b/windows/security/identity-protection/hello-for-business/toc.yml
index f24629b2cc..17c221406d 100644
--- a/windows/security/identity-protection/hello-for-business/toc.yml
+++ b/windows/security/identity-protection/hello-for-business/toc.yml
@@ -121,12 +121,12 @@
         href: hello-cert-trust-policy-settings.md
     - name: Planning for Domain Controller load
       href: hello-adequate-domain-controllers.md
+  - name: Deploy certificates for remote desktop (RDP) sign-in
+    href: hello-deployment-rdp-certs.md
 - name: How-to Guides
   items:
   - name: Prepare people to use Windows Hello
     href: hello-prepare-people-to-use.md
-  - name: Deploy certificates for RDP sign-in
-    href: hello-deployment-rdp-certs.md
   - name: Manage Windows Hello for Business in your organization
     href: hello-manage-in-organization.md
 - name: Windows Hello for Business features
diff --git a/windows/security/includes/hello-cloud.md b/windows/security/includes/hello-cloud.md
new file mode 100644
index 0000000000..c40ed1027c
--- /dev/null
+++ b/windows/security/includes/hello-cloud.md
@@ -0,0 +1,7 @@
+This document describes Windows Hello for Business functionalities or scenarios that apply to:\
+✅ **Deployment type:** [cloud](../identity-protection/hello-for-business/hello-how-it-works-technology.md#cloud-deployment)\
+✅ **Device registration type:** [Azure AD join](../identity-protection/hello-for-business/hello-how-it-works-technology.md#azure-active-directory-join)
+
+<br>
+
+---