From 4722f7345538d02695932fc8487c04bf6abbf75c Mon Sep 17 00:00:00 2001
From: Nicole Turner <39884432+nenonix@users.noreply.github.com>
Date: Mon, 1 Apr 2019 21:27:51 +0200
Subject: [PATCH 1/3] Update hello-cert-trust-policy-settings.md

lines 38-42 edited for clarity and brevity - closes https://github.com/MicrosoftDocs/windows-itpro-docs/issues/2064
---
 .../hello-for-business/hello-cert-trust-policy-settings.md    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
index 1528aad8e3..1b65e636ae 100644
--- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
+++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
@@ -35,9 +35,9 @@ On-premises certificate-based deployments of Windows Hello for Business needs th
 
 ## Enable Windows Hello for Business Group Policy
 
-The Enable Windows Hello for Business Group Policy setting is the configuration needed for Windows to determine if a user should be attempt to enroll for Windows Hello for Business.  A user will only attempt enrollment if this policy setting is configured to enabled.  
+The Group Policy setting gives specified users the option of auto-enrollment in Windows Hello for Business. To configure user or computer-targeted Group Policy settings, the Windows Hello for Business Group Policy must be enabled. 
 
-You can configure the Enable Windows Hello for Business Group Policy setting for computer or users. Deploying this policy setting to computers results in ALL users that sign-in that computer to attempt a Windows Hello for Business enrollment. Deploying this policy setting to a user results in only that user attempting a Windows Hello for Business enrollment.  Additionally, you can deploy the policy setting to a group of users so only those users attempt a Windows Hello for Business enrollment. If both user and computer policy settings are deployed, the user policy setting has precedence.
+Deploying the Group Policy settimg to a computer allows ALL signed-in users to start the Windows Hello for Business enrollment process. Deployment to a user, or a group of users, allows only those users to proceed with the enrollment process. If both user and computer policy settings are deployed, the user policy setting takes precedence.
 
 ## Use certificate for on-premises authentication
 

From 36c19af9f157e7f844f85779590daebecf02d1b1 Mon Sep 17 00:00:00 2001
From: Nicole Turner <39884432+nenonix@users.noreply.github.com>
Date: Thu, 4 Apr 2019 13:36:03 +0200
Subject: [PATCH 2/3] Update hello-cert-trust-policy-settings.md

Changes made as directed (added that the Group Policy must be enabled first, as that was the original thrust of this section).
---
 .../hello-for-business/hello-cert-trust-policy-settings.md    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
index 1b65e636ae..49e7d658b3 100644
--- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
+++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
@@ -35,9 +35,9 @@ On-premises certificate-based deployments of Windows Hello for Business needs th
 
 ## Enable Windows Hello for Business Group Policy
 
-The Group Policy setting gives specified users the option of auto-enrollment in Windows Hello for Business. To configure user or computer-targeted Group Policy settings, the Windows Hello for Business Group Policy must be enabled. 
+The Group Policy setting determines whether users are allowed, and prompted, to enroll for Windows Hello for Business. You must first enable the Windows Hello for Business Group Policy, then you can configure it for computers or users.
 
-Deploying the Group Policy settimg to a computer allows ALL signed-in users to start the Windows Hello for Business enrollment process. Deployment to a user, or a group of users, allows only those users to proceed with the enrollment process. If both user and computer policy settings are deployed, the user policy setting takes precedence.
+If you configure the Group Policy for computers, all users that sign-in to those computers will be allowed and prompted to enroll for Windows Hello for Business. If you configure the Group Policy for users, only those users will be allowed and prompted to enroll for Windows Hello for Business.
 
 ## Use certificate for on-premises authentication
 

From efd0509c6f874b2e33e625bdf728981f61115e99 Mon Sep 17 00:00:00 2001
From: Nicole Turner <39884432+nenonix@users.noreply.github.com>
Date: Fri, 5 Apr 2019 15:09:43 +0200
Subject: [PATCH 3/3] Update hello-cert-trust-policy-settings.md

further changes as requested
---
 .../hello-for-business/hello-cert-trust-policy-settings.md      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
index 49e7d658b3..aade96adc6 100644
--- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
+++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
@@ -35,7 +35,7 @@ On-premises certificate-based deployments of Windows Hello for Business needs th
 
 ## Enable Windows Hello for Business Group Policy
 
-The Group Policy setting determines whether users are allowed, and prompted, to enroll for Windows Hello for Business. You must first enable the Windows Hello for Business Group Policy, then you can configure it for computers or users.
+The Group Policy setting determines whether users are allowed, and prompted, to enroll for Windows Hello for Business. It can be configured for computers or users.
 
 If you configure the Group Policy for computers, all users that sign-in to those computers will be allowed and prompted to enroll for Windows Hello for Business. If you configure the Group Policy for users, only those users will be allowed and prompted to enroll for Windows Hello for Business.