From a56a01081edadb8c985ff4ace6b18fa723c3ccb8 Mon Sep 17 00:00:00 2001 From: Justin Hall Date: Fri, 25 Jan 2019 15:46:27 -0800 Subject: [PATCH] added brackets --- .../security/identity-protection/vpn/vpn-conditional-access.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/vpn/vpn-conditional-access.md b/windows/security/identity-protection/vpn/vpn-conditional-access.md index 41ce96daea..e69b8ed62c 100644 --- a/windows/security/identity-protection/vpn/vpn-conditional-access.md +++ b/windows/security/identity-protection/vpn/vpn-conditional-access.md @@ -52,7 +52,7 @@ The following client-side components are also required: - Trusted Platform Module (TPM) ## VPN device compliance -At this time, the Azure AD certificates issued to users do not contain a CRL Distribution Point (CDP) and are not suitable for Key Distribution Centers (KDCs) to issue Kerberos tokens. For users to gain access to on-premises resources such as files on a network share, client authentication certificates must be deployed to the Windows profiles of the users, and their VPNv2 profiles must contain the section. +At this time, the Azure AD certificates issued to users do not contain a CRL Distribution Point (CDP) and are not suitable for Key Distribution Centers (KDCs) to issue Kerberos tokens. For users to gain access to on-premises resources such as files on a network share, client authentication certificates must be deployed to the Windows profiles of the users, and their VPNv2 profiles must contain the <SSO> section. Server-side infrastructure requirements to support VPN device compliance include: