Update file paths in Git diff

windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-validate-pki.md

@@ -18,11 +18,11 @@ Windows Hello for Business must have a Public Key Infrastructure (PKI) when usin
 
 Hybrid certificate trust deployments issue users a sign-in certificate, enabling them to authenticate to Active Directory using Windows Hello for Business credentials. Additionally, hybrid certificate trust deployments issue certificates to registration authorities to provide defense-in-depth security when issuing user authentication certificates.
 
-[!INCLUDE [lab-based-pki-deploy](includes/lab-based-pki-deploy.md)]
+[!INCLUDE [lab-based-pki-deploy](../includes/lab-based-pki-deploy.md)]
 
 ## Configure the enterprise PKI
 
-[!INCLUDE [dc-certificate-template](includes/dc-certificate-template.md)]
+[!INCLUDE [dc-certificate-template](../includes/dc-certificate-template.md)]
 
 > [!NOTE]
 > Inclusion of the *KDC Authentication* OID in domain controller certificate is not required for Microsoft Entra hybrid joined devices. The OID is required for enabling authentication with Windows Hello for Business to on-premises resources by Microsoft Entra joined devices.
@@ -32,13 +32,13 @@ Hybrid certificate trust deployments issue users a sign-in certificate, enabling
 > - Install the root CA certificate in the device's trusted root certificate store. See [how to deploy a trusted certificate profile](/mem/intune/protect/certificates-trusted-root#to-create-a-trusted-certificate-profile) via Intune
 > - Publish your certificate revocation list to a location that is available to Microsoft Entra joined devices, such as a web-based URL
 
-[!INCLUDE [dc-certificate-template-supersede](includes/dc-certificate-supersede.md)]
+[!INCLUDE [dc-certificate-template-supersede](../includes/dc-certificate-supersede.md)]
 
-[!INCLUDE [enrollment-agent-certificate-template](includes/enrollment-agent-certificate-template.md)]
+[!INCLUDE [enrollment-agent-certificate-template](../includes/enrollment-agent-certificate-template.md)]
 
-[!INCLUDE [auth-certificate-template](includes/auth-certificate-template.md)]
+[!INCLUDE [auth-certificate-template](../includes/auth-certificate-template.md)]
 
-[!INCLUDE [unpublish-superseded-templates](includes/unpublish-superseded-templates.md)]
+[!INCLUDE [unpublish-superseded-templates](../includes/unpublish-superseded-templates.md)]
 
 ### Publish the certificate templates to the CA
 
@@ -58,11 +58,11 @@ Sign in to the CA or management workstations with **Enterprise Admin** equivalen
 
 ## Configure and deploy certificates to domain controllers
 
-[!INCLUDE [dc-certificate-deployment](includes/dc-certificate-deployment.md)]
+[!INCLUDE [dc-certificate-deployment](../includes/dc-certificate-deployment.md)]
 
 ## Validate the configuration
 
-[!INCLUDE [dc-certificate-validate](includes/dc-certificate-validate.md)]
+[!INCLUDE [dc-certificate-validate](../includes/dc-certificate-validate.md)]
 
 ## Section review and next steps
 

windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-validate-pki.md

@@ -17,21 +17,21 @@ ms.topic: tutorial
 
 Windows Hello for Business must have a Public Key Infrastructure (PKI) when using the *key trust* or *certificate trust* models. The domain controllers must have a certificate, which serves as a root of trust for clients. The certificate ensures that clients don't communicate with rogue domain controllers. The certificate trust model extends certificate issuance to client computers. During Windows Hello for Business provisioning, the user receives a sign-in certificate.
 
-[!INCLUDE [lab-based-pki-deploy](includes/lab-based-pki-deploy.md)]
+[!INCLUDE [lab-based-pki-deploy](../includes/lab-based-pki-deploy.md)]
 
 ## Configure the enterprise PKI
 
-[!INCLUDE [dc-certificate-template](includes/dc-certificate-template.md)]
+[!INCLUDE [dc-certificate-template](../includes/dc-certificate-template.md)]
 
-[!INCLUDE [dc-certificate-template-supersede](includes/dc-certificate-supersede.md)]
+[!INCLUDE [dc-certificate-template-supersede](../includes/dc-certificate-supersede.md)]
 
-[!INCLUDE [web-server-certificate-template](includes/web-server-certificate-template.md)]
+[!INCLUDE [web-server-certificate-template](../includes/web-server-certificate-template.md)]
 
-[!INCLUDE [enrollment-agent-certificate-template](includes/enrollment-agent-certificate-template.md)]
+[!INCLUDE [enrollment-agent-certificate-template](../includes/enrollment-agent-certificate-template.md)]
 
-[!INCLUDE [auth-certificate-template](includes/auth-certificate-template.md)]
+[!INCLUDE [auth-certificate-template](../includes/auth-certificate-template.md)]
 
-[!INCLUDE [unpublish-superseded-templates](includes/unpublish-superseded-templates.md)]
+[!INCLUDE [unpublish-superseded-templates](../includes/unpublish-superseded-templates.md)]
 
 ### Publish certificate templates to the CA
 
@@ -50,11 +50,11 @@ Sign in to the CA or management workstations with **Enterprise Admin** equivalen
 
 ## Configure and deploy certificates to domain controllers
 
-[!INCLUDE [dc-certificate-deployment](includes/dc-certificate-deployment.md)]
+[!INCLUDE [dc-certificate-deployment](../includes/dc-certificate-deployment.md)]
 
 ## Validate the configuration
 
-[!INCLUDE [dc-certificate-validate](includes/dc-certificate-validate.md)]
+[!INCLUDE [dc-certificate-validate](../includes/dc-certificate-validate.md)]
 
 > [!div class="nextstepaction"]
 > [Next: prepare and deploy AD FS >](hello-cert-trust-adfs.md)