From 8fc1889f0eae47ac301480b1f709e71c56fb4156 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Fri, 15 Dec 2023 13:11:46 -0500 Subject: [PATCH] Update certificate trust type --- .../apply-to-hybrid-cert-trust-entra.md | 2 +- .../includes/apply-to-hybrid-cert-trust.md | 2 +- .../apply-to-on-premises-cert-trust-entra.md | 2 +- .../deploy/on-premises-cert-trust.md | 6 +++--- .../hello-for-business/deploy/toc.yml | 20 +++++++++---------- .../hello-deployment-guide.md | 2 +- .../hello-hybrid-aadj-sso-cert.md | 2 +- .../hello-hybrid-keycert-trust-aad.md | 2 +- 8 files changed, 19 insertions(+), 19 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/deploy/includes/apply-to-hybrid-cert-trust-entra.md b/windows/security/identity-protection/hello-for-business/deploy/includes/apply-to-hybrid-cert-trust-entra.md index bbfb40269d..97bfdbe297 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/includes/apply-to-hybrid-cert-trust-entra.md +++ b/windows/security/identity-protection/hello-for-business/deploy/includes/apply-to-hybrid-cert-trust-entra.md @@ -5,6 +5,6 @@ ms.topic: include [!INCLUDE [hello-intro](../../includes/hello-intro.md)] - **Deployment type:** [!INCLUDE [hello-deployment-hybrid](../../includes/hello-deployment-hybrid.md)] -- **Trust type:** [!INCLUDE [hello-trust-certificate](tooltip-cert-trust.md)] +- **Trust type:** [!INCLUDE [tooltip-cert-trust](tooltip-cert-trust.md)] - **Join type:** [!INCLUDE [hello-join-aadj](../../includes/hello-join-aad.md)] --- \ No newline at end of file diff --git a/windows/security/identity-protection/hello-for-business/deploy/includes/apply-to-hybrid-cert-trust.md b/windows/security/identity-protection/hello-for-business/deploy/includes/apply-to-hybrid-cert-trust.md index 4950b31156..0b5a246fbe 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/includes/apply-to-hybrid-cert-trust.md +++ b/windows/security/identity-protection/hello-for-business/deploy/includes/apply-to-hybrid-cert-trust.md @@ -5,6 +5,6 @@ ms.topic: include [!INCLUDE [hello-intro](../../includes/hello-intro.md)] - **Deployment type:** [!INCLUDE [hello-deployment-hybrid](../../includes/hello-deployment-hybrid.md)] -- **Trust type:** [!INCLUDE [hello-trust-certificate](tooltip-cert-trust.md)] +- **Trust type:** [!INCLUDE [tooltip-cert-trust](tooltip-cert-trust.md)] - **Join type:** [!INCLUDE [hello-join-aadj](../../includes/hello-join-aad.md)], [!INCLUDE [hello-join-hybrid](../../includes/hello-join-hybrid.md)] --- \ No newline at end of file diff --git a/windows/security/identity-protection/hello-for-business/deploy/includes/apply-to-on-premises-cert-trust-entra.md b/windows/security/identity-protection/hello-for-business/deploy/includes/apply-to-on-premises-cert-trust-entra.md index 902e4e5459..5f64fba40f 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/includes/apply-to-on-premises-cert-trust-entra.md +++ b/windows/security/identity-protection/hello-for-business/deploy/includes/apply-to-on-premises-cert-trust-entra.md @@ -5,6 +5,6 @@ ms.topic: include [!INCLUDE [hello-intro](../../includes/hello-intro.md)] - **Deployment type:** [!INCLUDE [hello-deployment-onpremises](../../includes/hello-deployment-onpremises.md)] -- **Trust type:** [!INCLUDE [hello-trust-certificate](tooltip-cert-trust.md)] +- **Trust type:** [!INCLUDE [tooltip-cert-trust](tooltip-cert-trust.md)] - **Join type:** [!INCLUDE [hello-join-domain](../../includes/hello-join-domain.md)] --- \ No newline at end of file diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md index 392bdfcf57..4c3f3c04e8 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md @@ -19,10 +19,10 @@ Windows Hello for Business replaces username and password authentication to Wind There are four steps to deploying Windows Hello for Business in an on-premises certificate trust model: -1. [Validate and configure a PKI](on-premises-cert-trust-validate-pki.md) +1. [Validate and configure a PKI](on-premises-cert-trust-pki.md) 1. [Prepare and deploy AD FS](on-premises-cert-trust-adfs.md) -1. [Validate and deploy multi-factor authentication (MFA)](on-premises-cert-trust-validate-deploy-mfa.md) -1. [Configure Windows Hello for Business Policy settings](on-premises-cert-trust-policy-settings.md) +1. [Validate and deploy multi-factor authentication (MFA)](on-premises-cert-trust-mfa.md) +1. [Configure Windows Hello for Business Policy settings](on-premises-cert-trust-enroll.md) ## Create the Windows Hello for Business Users security group diff --git a/windows/security/identity-protection/hello-for-business/deploy/toc.yml b/windows/security/identity-protection/hello-for-business/deploy/toc.yml index 526bb4be5e..9c556b0e5c 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/toc.yml +++ b/windows/security/identity-protection/hello-for-business/deploy/toc.yml @@ -36,14 +36,14 @@ items: - name: Overview href: hybrid-cert-trust.md displayName: certificate trust - - name: Configure and validate the PKI - href: hybrid-cert-trust-validate-pki.md + - name: Configure and validate Public Key Infrastructure (PKI) + href: hybrid-cert-trust-pki.md displayName: certificate trust - name: Configure AD FS - href: hybrid-cert-whfb-settings-adfs.md + href: hybrid-cert-trust-adfs.md displayName: certificate trust - - name: Configure and provision Windows Hello for Business - href: hybrid-cert-whfb-provision.md + - name: Configure and enroll in Windows Hello for Business + href: hybrid-cert-trust-enroll.md displayName: certificate trust - name: Configure SSO for Microsoft Entra joined devices href: ../hello-hybrid-aadj-sso.md @@ -70,10 +70,10 @@ items: - name: Overview href: on-premises-cert-trust.md - name: Configure and validate Public Key Infrastructure (PKI) - href: on-premises-cert-trust-validate-pki.md + href: on-premises-cert-trust-pki.md - name: Prepare and Deploy Active Directory Federation Services (AD FS) href: on-premises-cert-trust-adfs.md - - name: Validate and deploy multi-factor authentication (MFA) services - href: on-premises-cert-trust-validate-deploy-mfa.md - - name: Configure Windows Hello for Business policy settings - href: on-premises-cert-trust-policy-settings.md + - name: Validate and deploy multi-factor authentication (MFA) + href: on-premises-cert-trust-mfa.md + - name: Configure and enroll in Windows Hello for Business + href: on-premises-cert-trust-enroll.md diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-guide.md b/windows/security/identity-protection/hello-for-business/hello-deployment-guide.md index 4b4bf64276..97658da366 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-guide.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-guide.md @@ -55,7 +55,7 @@ Following are the various deployment guides and models included in this topic: - [On Premises Key Trust Deployment](hello-deployment-key-trust.md) - [On Premises Certificate Trust Deployment](deploy/on-premises-cert-trust.md) -For Windows Hello for Business hybrid [certificate trust prerequisites](/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust#directory-synchronization) and [key trust prerequisites](/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust#directory-synchronization) deployments, you'll need Microsoft Entra Connect to synchronize user accounts in the on-premises Active Directory with Microsoft Entra ID. For on-premises deployments, both key and certificate trust, use the Azure MFA server where the credentials aren't synchronized to Microsoft Entra ID. Learn how to [deploy Multifactor Authentication Services (MFA) for key trust](hello-key-trust-validate-deploy-mfa.md) and [for certificate trust](deploy/on-premises-cert-trust-validate-deploy-mfa.md) deployments. +For Windows Hello for Business hybrid [certificate trust prerequisites](/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust#directory-synchronization) and [key trust prerequisites](/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust#directory-synchronization) deployments, you'll need Microsoft Entra Connect to synchronize user accounts in the on-premises Active Directory with Microsoft Entra ID. For on-premises deployments, both key and certificate trust, use the Azure MFA server where the credentials aren't synchronized to Microsoft Entra ID. Learn how to [deploy Multifactor Authentication Services (MFA) for key trust](hello-key-trust-validate-deploy-mfa.md) and [for certificate trust](deploy/on-premises-cert-trust-mfa.md) deployments. ## Provisioning diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md index ab2112ed21..ba06402421 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md @@ -7,7 +7,7 @@ ms.topic: how-to # Using Certificates for AADJ On-premises Single-sign On -[!INCLUDE [hello-hybrid-key-trust](deploy/includes/hello-hybrid-cert-trust-aad.md)] +[!INCLUDE [apply-to-hybrid-cert-trust-entra](deploy/includes/apply-to-hybrid-cert-trust-entra.md)] If you plan to use certificates for on-premises single-sign on, then follow these **additional** steps to configure the environment to enroll Windows Hello for Business certificates for Microsoft Entra joined devices. diff --git a/windows/security/identity-protection/hello-for-business/includes/hello-hybrid-keycert-trust-aad.md b/windows/security/identity-protection/hello-for-business/includes/hello-hybrid-keycert-trust-aad.md index 3d08adb19b..1ffe6b9343 100644 --- a/windows/security/identity-protection/hello-for-business/includes/hello-hybrid-keycert-trust-aad.md +++ b/windows/security/identity-protection/hello-for-business/includes/hello-hybrid-keycert-trust-aad.md @@ -5,6 +5,6 @@ ms.topic: include [!INCLUDE [hello-intro](hello-intro.md)] - **Deployment type:** [!INCLUDE [hello-deployment-hybrid](hello-deployment-hybrid.md)] -- **Trust type:** [!INCLUDE [hello-trust-key](hello-trust-key.md)], [!INCLUDE [hello-trust-certificate](../deploy/includes/hello-trust-certificate.md)] +- **Trust type:** [!INCLUDE [hello-trust-key](hello-trust-key.md)],[!INCLUDE [tooltip-cert-trust](../deploy/includes/tooltip-cert-trust.md)] - **Join type:** [!INCLUDE [hello-join-aadj](hello-join-aad.md)] --- \ No newline at end of file