moved deployment guidesto subfolder

windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-validate-pki.md

@@ -12,7 +12,7 @@ ms.topic: tutorial
 ---
 # Configure and validate the Public Key Infrastructure - hybrid certificate trust
 
-[!INCLUDE [hello-hybrid-cert-trust](./includes/hello-hybrid-cert-trust.md)]
+[!INCLUDE [hello-hybrid-cert-trust](../includes/hello-hybrid-cert-trust.md)]
 
 Windows Hello for Business must have a Public Key Infrastructure (PKI) when using the *key trust* or *certificate trust* models. The domain controllers must have a certificate, which serves as a *root of trust* for clients. The certificate ensures that clients don't communicate with rogue domain controllers.
 

windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust.md

@@ -13,7 +13,7 @@ ms.topic: how-to
 
 # Hybrid certificate trust deployment
 
-[!INCLUDE [hello-hybrid-cert-trust](./includes/hello-hybrid-cert-trust.md)]
+[!INCLUDE [hello-hybrid-cert-trust](../includes/hello-hybrid-cert-trust.md)]
 
 Hybrid environments are distributed systems that enable organizations to use on-premises and Microsoft Entra protected resources. Windows Hello for Business uses the existing distributed system as a foundation on which organizations can provide two-factor authentication and single sign-on to modern resources.
 

windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-whfb-provision.md

@@ -7,7 +7,7 @@ ms.topic: tutorial
 
 # Configure and provision Windows Hello for Business - hybrid certificate trust
 
-[!INCLUDE [hello-hybrid-certificate-trust](./includes/hello-hybrid-cert-trust.md)]
+[!INCLUDE [hello-hybrid-certificate-trust](../includes/hello-hybrid-cert-trust.md)]
 
 ## Policy Configuration
 

windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-whfb-settings-adfs.md

@@ -13,7 +13,7 @@ ms.topic: tutorial
 
 # Configure Active Directory Federation Services - hybrid certificate trust
 
-[!INCLUDE [hello-hybrid-key-trust](./includes/hello-hybrid-cert-trust.md)]
+[!INCLUDE [hello-hybrid-key-trust](../includes/hello-hybrid-cert-trust.md)]
 
 The Windows Hello for Business certificate-based deployments use AD FS as the certificate registration authority (CRA).
 The CRA is responsible for issuing and revoking certificates to users. Once the registration authority verifies the certificate request, it signs the certificate request using its enrollment agent certificate and sends it to the certificate authority.\

windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md

@@ -12,7 +12,7 @@ ms.topic: tutorial
 ---
 # Prepare and deploy Active Directory Federation Services - on-premises certificate trust
 
-[!INCLUDE [hello-on-premises-cert-trust](./includes/hello-on-premises-cert-trust.md)]
+[!INCLUDE [hello-on-premises-cert-trust](../includes/hello-on-premises-cert-trust.md)]
 
 Windows Hello for Business works exclusively with the Active Directory Federation Service (AD FS) role included with Windows Server. The on-premises certificate trust deployment model uses AD FS for *certificate enrollment* and *device registration*.
 

windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-policy-settings.md

@@ -6,7 +6,7 @@ ms.topic: tutorial
 ---
 # Configure Windows Hello for Business group policy settings - on-premises certificate Trust
 
-[!INCLUDE [hello-on-premises-cert-trust](./includes/hello-on-premises-cert-trust.md)]
+[!INCLUDE [hello-on-premises-cert-trust](../includes/hello-on-premises-cert-trust.md)]
 
 On-premises certificate-based deployments of Windows Hello for Business need three Group Policy settings:
 

windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-validate-deploy-mfa.md

@@ -13,7 +13,7 @@ ms.topic: tutorial
 
 # Validate and deploy multifactor authentication - on-premises certificate trust
 
-[!INCLUDE [hello-on-premises-cert-trust](./includes/hello-on-premises-cert-trust.md)]
+[!INCLUDE [hello-on-premises-cert-trust](../includes/hello-on-premises-cert-trust.md)]
 
 Windows Hello for Business requires users perform multifactor authentication (MFA) prior to enroll in the service. On-premises deployments can use, as MFA option:
 

windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-validate-pki.md

@@ -13,7 +13,7 @@ ms.topic: tutorial
 
 # Configure and validate the Public Key Infrastructure - on-premises certificate trust
 
-[!INCLUDE [hello-on-premises-cert-trust](./includes/hello-on-premises-cert-trust.md)]
+[!INCLUDE [hello-on-premises-cert-trust](../includes/hello-on-premises-cert-trust.md)]
 
 Windows Hello for Business must have a Public Key Infrastructure (PKI) when using the *key trust* or *certificate trust* models. The domain controllers must have a certificate, which serves as a root of trust for clients. The certificate ensures that clients don't communicate with rogue domain controllers. The certificate trust model extends certificate issuance to client computers. During Windows Hello for Business provisioning, the user receives a sign-in certificate.
 

windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md

@@ -12,7 +12,7 @@ ms.topic: tutorial
 ---
 # Deployment guide overview - on-premises certificate trust
 
-[!INCLUDE [hello-on-premises-cert-trust](./includes/hello-on-premises-cert-trust.md)]
+[!INCLUDE [hello-on-premises-cert-trust](../includes/hello-on-premises-cert-trust.md)]
 
 Windows Hello for Business replaces username and password authentication to Windows with an asymmetric key pair. This deployment guide provides the information to deploy Windows Hello for Business in an on-premises environment.
 

windows/security/identity-protection/hello-for-business/deploy/toc.yml

@@ -0,0 +1,81 @@
+items:
+- name: Deployment guides
+  items:
+  - name: Windows Hello for Business deployment overview
+    href: ../hello-deployment-guide.md
+  - name: Planning a Windows Hello for Business deployment
+    href: ../hello-planning-guide.md
+  - name: Deployment prerequisite overview
+    href: ../hello-identity-verification.md
+  - name: Cloud-only deployment
+    href: ../hello-aad-join-cloud-only-deploy.md
+  - name: Hybrid deployments
+    items:
+    - name: Cloud Kerberos trust deployment
+      items:
+        - name: Overview
+          href: ../hello-hybrid-cloud-kerberos-trust.md
+          displayName: cloud Kerberos trust
+        - name: Configure and provision Windows Hello for Business
+          href: ../hello-hybrid-cloud-kerberos-trust-provision.md
+          displayName: cloud Kerberos trust
+    - name: Key trust deployment
+      items: 
+      - name: Overview
+        href: ../hello-hybrid-key-trust.md
+        displayName: key trust
+      - name: Configure and validate the PKI
+        href: ../hello-hybrid-key-trust-validate-pki.md
+        displayName: key trust
+      - name: Configure and provision Windows Hello for Business
+        href: ../hello-hybrid-key-trust-provision.md
+        displayName: key trust
+      - name: Configure SSO for Microsoft Entra joined devices
+        href: ../hello-hybrid-aadj-sso.md
+        displayName: key trust
+    - name: Certificate trust deployment
+      items: 
+      - name: Overview
+        href: hybrid-cert-trust.md
+        displayName: certificate trust
+      - name: Configure and validate the PKI
+        href: hybrid-cert-trust-validate-pki.md
+        displayName: certificate trust
+      - name: Configure AD FS
+        href: hybrid-cert-whfb-settings-adfs.md
+        displayName: certificate trust
+      - name: Configure and provision Windows Hello for Business
+        href: hybrid-cert-whfb-provision.md
+        displayName: certificate trust
+      - name: Configure SSO for Microsoft Entra joined devices
+        href: ../hello-hybrid-aadj-sso.md
+        displayName: certificate trust
+      - name: Deploy certificates to Microsoft Entra joined devices
+        href: hello-hybrid-aadj-sso-cert.md
+        displayName: certificate trust
+  - name: On-premises deployments
+    items:
+    - name: Key trust deployment
+      items: 
+      - name: Overview
+        href: ../hello-deployment-key-trust.md
+      - name: Configure and validate the PKI
+        href: ../hello-key-trust-validate-pki.md
+      - name: Prepare and deploy Active Directory Federation Services (AD FS)
+        href: ../hello-key-trust-adfs.md
+      - name: Validate and deploy multi-factor authentication (MFA) services
+        href: ../hello-key-trust-validate-deploy-mfa.md
+      - name: Configure Windows Hello for Business policy settings
+        href: ../hello-key-trust-policy-settings.md
+    - name: Certificate trust deployment
+      items: 
+      - name: Overview
+        href: on-premises-cert-trust.md
+      - name: Configure and validate Public Key Infrastructure (PKI)
+        href: on-premises-cert-trust-validate-pki.md
+      - name: Prepare and Deploy Active Directory Federation Services (AD FS)
+        href: on-premises-cert-trust-adfs.md
+      - name: Validate and deploy multi-factor authentication (MFA) services
+        href: on-premises-cert-trust-validate-deploy-mfa.md
+      - name: Configure Windows Hello for Business policy settings
+        href: on-premises-cert-trust-policy-settings.md

windows/security/identity-protection/hello-for-business/toc.yml

@@ -11,87 +11,7 @@ items:
   - name: How Windows Hello for Business works
     href: hello-how-it-works.md
 - name: Deployment guides
-  items:
+  href: deploy/toc.yml
-  - name: Windows Hello for Business deployment overview
-    href: hello-deployment-guide.md
-  - name: Planning a Windows Hello for Business deployment
-    href: hello-planning-guide.md
-  - name: Deployment prerequisite overview
-    href: hello-identity-verification.md
-  - name: Cloud-only deployment
-    href: hello-aad-join-cloud-only-deploy.md
-  - name: Hybrid deployments
-    items:
-    - name: Cloud Kerberos trust deployment
-      items:
-        - name: Overview
-          href: hello-hybrid-cloud-kerberos-trust.md
-          displayName: cloud Kerberos trust
-        - name: Configure and provision Windows Hello for Business
-          href: hello-hybrid-cloud-kerberos-trust-provision.md
-          displayName: cloud Kerberos trust
-    - name: Key trust deployment
-      items: 
-      - name: Overview
-        href: hello-hybrid-key-trust.md
-        displayName: key trust
-      - name: Configure and validate the PKI
-        href: hello-hybrid-key-trust-validate-pki.md
-        displayName: key trust
-      - name: Configure and provision Windows Hello for Business
-        href: hello-hybrid-key-trust-provision.md
-        displayName: key trust
-      - name: Configure SSO for Microsoft Entra joined devices
-        href: hello-hybrid-aadj-sso.md
-        displayName: key trust
-    - name: Certificate trust deployment
-      items: 
-      - name: Overview
-        href: hello-hybrid-cert-trust.md
-        displayName: certificate trust
-      - name: Configure and validate the PKI
-        href: hello-hybrid-cert-trust-validate-pki.md
-        displayName: certificate trust
-      - name: Configure AD FS
-        href: hello-hybrid-cert-whfb-settings-adfs.md
-        displayName: certificate trust
-      - name: Configure and provision Windows Hello for Business
-        href: hello-hybrid-cert-whfb-provision.md
-        displayName: certificate trust
-      - name: Configure SSO for Microsoft Entra joined devices
-        href: hello-hybrid-aadj-sso.md
-        displayName: certificate trust
-      - name: Deploy certificates to Microsoft Entra joined devices
-        href: hello-hybrid-aadj-sso-cert.md
-        displayName: certificate trust
-  - name: On-premises deployments
-    items:
-    - name: Key trust deployment
-      items: 
-      - name: Overview
-        href: hello-deployment-key-trust.md
-      - name: Configure and validate the PKI
-        href: hello-key-trust-validate-pki.md
-      - name: Prepare and deploy Active Directory Federation Services (AD FS)
-        href: hello-key-trust-adfs.md
-      - name: Validate and deploy multi-factor authentication (MFA) services
-        href: hello-key-trust-validate-deploy-mfa.md
-      - name: Configure Windows Hello for Business policy settings
-        href: hello-key-trust-policy-settings.md
-    - name: Certificate trust deployment
-      items: 
-      - name: Overview
-        href: hello-deployment-cert-trust.md
-      - name: Validate Active Directory prerequisites
-        href: hello-cert-trust-validate-ad-prereq.md
-      - name: Configure and validate Public Key Infrastructure (PKI)
-        href: hello-cert-trust-validate-pki.md
-      - name: Prepare and Deploy Active Directory Federation Services (AD FS)
-        href: hello-cert-trust-adfs.md
-      - name: Validate and deploy multi-factor authentication (MFA) services
-        href: hello-cert-trust-validate-deploy-mfa.md
-      - name: Configure Windows Hello for Business policy settings
-        href: hello-cert-trust-policy-settings.md
 - name: How-to Guides
   items:
   - name: Prepare people to use Windows Hello