Remove deprecated certificate trust files

windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs.md

@@ -13,7 +13,7 @@ ms.topic: tutorial
 
 # Configure Active Directory Federation Services - hybrid certificate trust
 
-[!INCLUDE [hello-hybrid-key-trust](includes/hello-hybrid-cert-trust.md)]
+[!INCLUDE [apply-to-hybrid-cert-trust](includes/apply-to-hybrid-cert-trust.md)]
 
 The Windows Hello for Business certificate-based deployments use AD FS as the certificate registration authority (CRA).
 The CRA is responsible for issuing and revoking certificates to users. Once the registration authority verifies the certificate request, it signs the certificate request using its enrollment agent certificate and sends it to the certificate authority.\
@@ -81,4 +81,4 @@ Before moving to the next section, ensure the following steps are complete:
 > - Update group memberships for the AD FS service account
 
 > [!div class="nextstepaction"]
-> [Next: configure policy settings >](hybrid-cert-whfb-provision.md)
+> [Next: configure policy settings >](hybrid-cert-trust-enroll.md)

windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll.md

@@ -2,12 +2,18 @@
 title: Configure and provision Windows Hello for Business in a hybrid certificate trust model
 description: Learn how to configure devices and enroll them in Windows Hello for Business in a hybrid certificate trust scenario.
 ms.date: 12/15/2023
+appliesto: 
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/windows-server-release-info target=_blank>Windows Server 2022</a>
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/windows-server-release-info target=_blank>Windows Server 2019</a>
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/windows-server-release-info target=_blank>Windows Server 2016</a>
 ms.topic: tutorial
 ---
 
 # Configure and provision Windows Hello for Business - hybrid certificate trust
 
-[!INCLUDE [hello-hybrid-certificate-trust](includes/hello-hybrid-cert-trust.md)]
+[!INCLUDE [apply-to-hybrid-cert-trust](includes/apply-to-hybrid-cert-trust.md)]
 
 ## Policy Configuration
 

windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md

@@ -12,7 +12,7 @@ ms.topic: tutorial
 ---
 # Configure and validate the PKI in an hybrid certificate trust model
 
-[!INCLUDE [hello-hybrid-cert-trust](includes/hello-hybrid-cert-trust.md)]
+[!INCLUDE [apply-to-hybrid-cert-trust](includes/apply-to-hybrid-cert-trust.md)]
 
 Windows Hello for Business must have a Public Key Infrastructure (PKI) when using the *key trust* or *certificate trust* models. The domain controllers must have a certificate, which serves as a *root of trust* for clients. The certificate ensures that clients don't communicate with rogue domain controllers.
 
@@ -80,6 +80,6 @@ Sign in to the CA or management workstations with **Enterprise Admin** equivalen
 > - Validate the domain controllers configuration
 
 > [!div class="nextstepaction"]
-> [Next: configure AD FS >](hybrid-cert-whfb-settings-adfs.md)
+> [Next: configure AD FS >](hybrid-cert-trust-adfs.md)
 
 <!--links-->

windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust.md

@@ -8,12 +8,12 @@ appliesto:
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/windows-server-release-info target=_blank>Windows Server 2022</a>
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/windows-server-release-info target=_blank>Windows Server 2019</a>
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/windows-server-release-info target=_blank>Windows Server 2016</a>
-ms.topic: how-to
+ms.topic: tutorial
 ---
 
 # Hybrid certificate trust deployment
 
-[!INCLUDE [hello-hybrid-cert-trust](includes/hello-hybrid-cert-trust.md)]
+[!INCLUDE [apply-to-hybrid-cert-trust](includes/apply-to-hybrid-cert-trust.md)]
 
 Hybrid environments are distributed systems that enable organizations to use on-premises and Microsoft Entra protected resources. Windows Hello for Business uses the existing distributed system as a foundation on which organizations can provide two-factor authentication and single sign-on to modern resources.
 
@@ -117,7 +117,7 @@ To configure Windows Hello for Business, devices can be configured through a mob
 > - Configure single sign-on (SSO) for Microsoft Entra joined devices
 
 > [!div class="nextstepaction"]
-> [Next: configure and validate the Public Key Infrastructure >](hybrid-cert-trust-validate-pki.md)
+> [Next: configure and validate the Public Key Infrastructure >](hybrid-cert-trust-pki.md)
 
 <!--links-->
 [AZ-1]: /azure/active-directory/hybrid/how-to-connect-sync-whatis

windows/security/identity-protection/hello-for-business/deploy/includes/_apply-to-on-premises-cert-trust-entra.md

@@ -5,6 +5,6 @@ ms.topic: include
 
 [!INCLUDE [hello-intro](../../includes/hello-intro.md)]
 - **Deployment type:** [!INCLUDE [hello-deployment-onpremises](../../includes/hello-deployment-onpremises.md)]
-- **Trust type:** [!INCLUDE [hello-trust-certificate](hello-trust-certificate.md)]
+- **Trust type:** [!INCLUDE [hello-trust-certificate](tooltip-cert-trust.md)]
 - **Join type:** [!INCLUDE [hello-join-domain](../../includes/hello-join-domain.md)]
 ---

windows/security/identity-protection/hello-for-business/deploy/includes/apply-to-hybrid-cert-trust-entra.md

@@ -5,6 +5,6 @@ ms.topic: include
 
 [!INCLUDE [hello-intro](../../includes/hello-intro.md)]
 - **Deployment type:** [!INCLUDE [hello-deployment-hybrid](../../includes/hello-deployment-hybrid.md)]
-- **Trust type:** [!INCLUDE [hello-trust-certificate](hello-trust-certificate.md)]
+- **Trust type:** [!INCLUDE [hello-trust-certificate](tooltip-cert-trust.md)]
 - **Join type:** [!INCLUDE [hello-join-aadj](../../includes/hello-join-aad.md)]
 ---

windows/security/identity-protection/hello-for-business/deploy/includes/apply-to-hybrid-cert-trust.md

@@ -5,6 +5,6 @@ ms.topic: include
 
 [!INCLUDE [hello-intro](../../includes/hello-intro.md)]
 - **Deployment type:** [!INCLUDE [hello-deployment-hybrid](../../includes/hello-deployment-hybrid.md)]
-- **Trust type:** [!INCLUDE [hello-trust-certificate](hello-trust-certificate.md)]
+- **Trust type:** [!INCLUDE [hello-trust-certificate](tooltip-cert-trust.md)]
 - **Join type:** [!INCLUDE [hello-join-aadj](../../includes/hello-join-aad.md)], [!INCLUDE [hello-join-hybrid](../../includes/hello-join-hybrid.md)]
 ---

windows/security/identity-protection/hello-for-business/deploy/includes/tooltip-cert-trust.md

@@ -1,5 +1,5 @@
 ---
-ms.date: 12/08/2022
+ms.date: 12/15/2023
 ms.topic: include
 ---
 

windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md

@@ -10,9 +10,10 @@ appliesto:
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/windows-server-release-info target=_blank>Windows Server 2016</a>
 ms.topic: tutorial
 ---
+
 # Prepare and deploy Active Directory Federation Services - on-premises certificate trust
 
-[!INCLUDE [hello-on-premises-cert-trust](includes/hello-on-premises-cert-trust.md)]
+[!INCLUDE [apply-to-on-premises-cert-trust-entra](includes/apply-to-on-premises-cert-trust-entra.md)]
 
 Windows Hello for Business works exclusively with the Active Directory Federation Service (AD FS) role included with Windows Server. The on-premises certificate trust deployment model uses AD FS for *certificate enrollment* and *device registration*.
 
@@ -319,4 +320,4 @@ Each file in this folder represents a certificate in the service account's Perso
 For detailed information about the certificate, use `Certutil -q -v <certificateThumbprintFileName>`.
 
 > [!div class="nextstepaction"]
-> [Next: validate and deploy multi-factor authentication (MFA) >](on-premises-cert-trust-validate-deploy-mfa.md)
+> [Next: validate and deploy multi-factor authentication (MFA) >](on-premises-cert-trust-mfa.md)

windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md

@@ -2,11 +2,18 @@
 title: Configure Windows Hello for Business Policy settings in an on-premises certificate trust
 description: Configure Windows Hello for Business Policy settings for Windows Hello for Business in an on-premises certificate trust scenario
 ms.date: 12/15/2023
+appliesto: 
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/windows-server-release-info target=_blank>Windows Server 2022</a>
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/windows-server-release-info target=_blank>Windows Server 2019</a>
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/windows-server-release-info target=_blank>Windows Server 2016</a>
 ms.topic: tutorial
 ---
+
 # Configure Windows Hello for Business group policy settings - on-premises certificate Trust
 
-[!INCLUDE [hello-on-premises-cert-trust](includes/hello-on-premises-cert-trust.md)]
+[!INCLUDE [apply-to-on-premises-cert-trust-entra](includes/apply-to-on-premises-cert-trust-entra.md)]
 
 On-premises certificate-based deployments of Windows Hello for Business need three Group Policy settings:
 

windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-mfa.md

@@ -13,7 +13,7 @@ ms.topic: tutorial
 
 # Validate and deploy multifactor authentication - on-premises certificate trust
 
-[!INCLUDE [hello-on-premises-cert-trust](includes/hello-on-premises-cert-trust.md)]
+[!INCLUDE [apply-to-on-premises-cert-trust-entra](includes/apply-to-on-premises-cert-trust-entra.md)]
 
 Windows Hello for Business requires users perform multifactor authentication (MFA) prior to enroll in the service. On-premises deployments can use, as MFA option:
 
@@ -28,4 +28,4 @@ For information about third-party authentication methods, see [Configure Additio
 Follow the integration and deployment guide for the authentication provider you plan to integrate to AD FS. Make sure that the authentication provider is selected as a multifactor authentication option in the AD FS authentication policy. For information on configuring AD FS authentication policies, see [Configure Authentication Policies](/windows-server/identity/ad-fs/operations/configure-authentication-policies).
 
 > [!div class="nextstepaction"]
-> [Next: configure Windows Hello for Business Policy settings >](on-premises-cert-trust-policy-settings.md)
+> [Next: configure Windows Hello for Business Policy settings >](on-premises-cert-trust-enroll.md)

windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-pki.md

@@ -1,7 +1,7 @@
 ---
 title: Configure and validate the Public Key Infrastructure in an on-premises certificate trust model
 description: Configure and validate the Public Key Infrastructure the Public Key Infrastructure when deploying Windows Hello for Business in a certificate trust model.
-ms.date: 09/07/2023
+ms.date: 12/15/2023
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
@@ -13,7 +13,7 @@ ms.topic: tutorial
 
 # Configure and validate the Public Key Infrastructure - on-premises certificate trust
 
-[!INCLUDE [hello-on-premises-cert-trust](includes/hello-on-premises-cert-trust.md)]
+[!INCLUDE [apply-to-on-premises-cert-trust-entra](includes/apply-to-on-premises-cert-trust-entra.md)]
 
 Windows Hello for Business must have a Public Key Infrastructure (PKI) when using the *key trust* or *certificate trust* models. The domain controllers must have a certificate, which serves as a root of trust for clients. The certificate ensures that clients don't communicate with rogue domain controllers. The certificate trust model extends certificate issuance to client computers. During Windows Hello for Business provisioning, the user receives a sign-in certificate.
 

windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md

@@ -13,7 +13,7 @@ ms.topic: tutorial
 
 # Deployment guide for the on-premises certificate trust model
 
-[!INCLUDE [hello-on-premises-cert-trust](includes/hello-on-premises-cert-trust.md)]
+[!INCLUDE [apply-to-on-premises-cert-trust-entra](includes/apply-to-on-premises-cert-trust-entra.md)]
 
 Windows Hello for Business replaces username and password authentication to Windows with an asymmetric key pair. This deployment guide provides the information to deploy Windows Hello for Business in an on-premises environment.
 
@@ -40,4 +40,4 @@ Sign-in to a domain controller or to a management workstation with a *Domain Adm
 1. Select **OK**
 
 > [!div class="nextstepaction"]
-> [Next: validate and configure a PKI >](on-premises-cert-trust-validate-pki.md)
+> [Next: validate and configure a PKI >](on-premises-cert-trust-pki.md)