From 733442454d9feabe1b715a9a4f6eb7da758572b0 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Fri, 18 Aug 2023 12:00:50 -0400
Subject: [PATCH] updates

---
 .../remote-credential-guard.md                | 23 +------------------
 1 file changed, 1 insertion(+), 22 deletions(-)

diff --git a/windows/security/identity-protection/remote-credential-guard.md b/windows/security/identity-protection/remote-credential-guard.md
index 14ef4d1d90..54130ac087 100644
--- a/windows/security/identity-protection/remote-credential-guard.md
+++ b/windows/security/identity-protection/remote-credential-guard.md
@@ -153,7 +153,6 @@ To configure your clients, you can use:
 
 - Microsoft Intune/MDM
 - Group policy
-- Registry
 
 [!INCLUDE [tab-intro](../../../includes/configure/tab-intro.md)]
 
@@ -190,27 +189,6 @@ Possible values for `RestrictedRemoteAdministrationDrop` are:
 
 [!INCLUDE [gpo-settings-2](../../../includes/configure/gpo-settings-2.md)]
 
-#### [:::image type="icon" source="../images/icons/windows-os.svg" border="false"::: **Registry**](#tab/reg)
-
-To configure devices using the registry, use the following settings:
-
-| Setting |
-|--|
-|- Key path: `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation` <br>- Key name: `AllowProtectedCreds`<br>- Type: `REG_DWORD`<br>- Value: `1`|
-
-You can use the following command from an elevated command prompt:
-
-```cmd
-reg.exe add HKLM\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation /v AllowProtectedCreds /d 1 /t REG_DWORD
-```
-
-Possible values for `AllowProtectedCreds` are:
-
-- `0`: Disabled
-- `1`: Require Restricted Admin
-- `2`: Require Remote Credential Guard
-- `3`: Restrict credential delegation
-
 ---
 
 ## Use Remote Credential Guard
@@ -241,6 +219,7 @@ Here are some additional considerations for Remote Credential Guard:
 - Remote Credential Guard only works with the RDP protocol
 - No credentials are sent to the target device, but the target device still acquires Kerberos Service Tickets on its own
 - The server and client must authenticate using Kerberos
+- Remote Credential Guard is only supported for direct connections to the target machines and not for the ones via Remote Desktop Connection Broker and Remote Desktop Gateway
 
 <!--links-->