Update windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
2025-05-14 06:17:22 +00:00 · 2019-07-16 18:06:43 +02:00 · 2019-07-16 18:06:43 +02:00 · c299f4cc7c
commit c299f4cc7c
parent f8cdfac40c
1 changed files with 1 additions and 1 deletions
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md
@ -113,7 +113,7 @@ Organizations wanting to deploy hybrid certificate trust need their domain joine
 Hybrid certificate trust deployments need the device write back feature.  Authentication to the Windows Server 2016 Active Directory Federation Services needs both the user and the computer to authenticate. Typically the users are synchronized, but not devices.  This prevents AD FS from authenticating the computer and results in Windows Hello for Business certificate enrollment failures.  For this reason, Windows Hello for Business deployments need device writeback, which is an Azure Active Directory premium feature.

 > [!NOTE]
-> Windows Hello for Business is tied between a user and a device. Both the user and device need to be synchronized between Azure Active Directory and Active Directory, and therefore the device write back is used to update the msDS-KeyCredentialLink on the computer object.
+> Windows Hello for Business is tied between a user and a device. Both the user and device need to be synchronized between Azure Active Directory and Active Directory, and therefore the device writeback is used to update the msDS-KeyCredentialLink on the computer object.

 ### Section Checklist ###
 > [!div class="checklist"]