From fe0b1343e3c29d31b131c78396dd6c9584f67566 Mon Sep 17 00:00:00 2001 From: Michael Nady Date: Wed, 8 Jun 2022 10:11:58 +0200 Subject: [PATCH 1/3] #10356 #10356 I followed the discussion on the original post and I implemented these changes accordingly --- .../hello-for-business/hello-cert-trust-policy-settings.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md index 18e5489911..dc18e09acc 100644 --- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md +++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md @@ -60,7 +60,7 @@ The Group Policy object contains the policy settings needed to trigger Windows H 3. Right-click **Group Policy object** and select **New**. 4. Type *Enable Windows Hello for Business* in the name box and click **OK**. 5. In the content pane, right-click the **Enable Windows Hello for Business** Group Policy object and click **Edit**. -6. In the navigation pane, expand **Policies** under **User Configuration**. +6. In the navigation pane, expand **Policies** under **User Configuration** (this the only option for for Windows Server 2016, but for Windows Server 2019 and later this step can also be done in **Computer Configuration**). 7. Expand **Administrative Templates > Windows Component**, and select **Windows Hello for Business**. 8. In the content pane, double-click **Use Windows Hello for Business**. Click **Enable** and click **OK**. 9. Double-click **Use certificate for on-premises authentication**. Click **Enable** and click **OK**. Close the **Group Policy Management Editor**. @@ -70,7 +70,7 @@ The Group Policy object contains the policy settings needed to trigger Windows H 1. Start the **Group Policy Management Console** (gpmc.msc). 2. Expand the domain and select the **Group Policy Object** node in the navigation pane. 3. Right-click the **Enable Windows Hello for Business** Group Policy object and click **Edit**. -4. In the navigation pane, expand **Policies** under **User Configuration**. +4. In the navigation pane, expand **Policies** under **User Configuration** (this the only option for for Windows Server 2016, but for Windows Server 2019 and later this step can also be done in **Computer Configuration**). 5. Expand **Windows Settings > Security Settings**, and click **Public Key Policies**. 6. In the details pane, right-click **Certificate Services Client – Auto-Enrollment** and select **Properties**. 7. Select **Enabled** from the **Configuration Model** list. From 18551c254f1571b2333af303c2a5d86ea8712114 Mon Sep 17 00:00:00 2001 From: Michael Nady Date: Sun, 12 Jun 2022 15:25:10 +0200 Subject: [PATCH 2/3] Update windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../hello-for-business/hello-cert-trust-policy-settings.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md index dc18e09acc..8c6cd85e3c 100644 --- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md +++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md @@ -60,7 +60,7 @@ The Group Policy object contains the policy settings needed to trigger Windows H 3. Right-click **Group Policy object** and select **New**. 4. Type *Enable Windows Hello for Business* in the name box and click **OK**. 5. In the content pane, right-click the **Enable Windows Hello for Business** Group Policy object and click **Edit**. -6. In the navigation pane, expand **Policies** under **User Configuration** (this the only option for for Windows Server 2016, but for Windows Server 2019 and later this step can also be done in **Computer Configuration**). +6. In the navigation pane, expand **Policies** under **User Configuration** (this is the only option for Windows Server 2016, but for Windows Server 2019 and later this step can also be done in **Computer Configuration**). 7. Expand **Administrative Templates > Windows Component**, and select **Windows Hello for Business**. 8. In the content pane, double-click **Use Windows Hello for Business**. Click **Enable** and click **OK**. 9. Double-click **Use certificate for on-premises authentication**. Click **Enable** and click **OK**. Close the **Group Policy Management Editor**. From 66e81da09ddfc8d17f485cdaf3672a1a4afedae7 Mon Sep 17 00:00:00 2001 From: Michael Nady Date: Sun, 12 Jun 2022 15:25:18 +0200 Subject: [PATCH 3/3] Update windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../hello-for-business/hello-cert-trust-policy-settings.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md index 8c6cd85e3c..8e344e9b31 100644 --- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md +++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md @@ -70,7 +70,7 @@ The Group Policy object contains the policy settings needed to trigger Windows H 1. Start the **Group Policy Management Console** (gpmc.msc). 2. Expand the domain and select the **Group Policy Object** node in the navigation pane. 3. Right-click the **Enable Windows Hello for Business** Group Policy object and click **Edit**. -4. In the navigation pane, expand **Policies** under **User Configuration** (this the only option for for Windows Server 2016, but for Windows Server 2019 and later this step can also be done in **Computer Configuration**). +4. In the navigation pane, expand **Policies** under **User Configuration** (this is the only option for Windows Server 2016, but for Windows Server 2019 and later this step can also be done in **Computer Configuration**). 5. Expand **Windows Settings > Security Settings**, and click **Public Key Policies**. 6. In the details pane, right-click **Certificate Services Client – Auto-Enrollment** and select **Properties**. 7. Select **Enabled** from the **Configuration Model** list.