diff --git a/windows/access-protection/hello-for-business/hello-deployment-guide.md b/windows/access-protection/hello-for-business/hello-deployment-guide.md index e58f3a1e6f..390e38b4d6 100644 --- a/windows/access-protection/hello-for-business/hello-deployment-guide.md +++ b/windows/access-protection/hello-for-business/hello-deployment-guide.md @@ -47,8 +47,10 @@ Hybrid deployments are for enterprises that use Azure Active Directory. On-prem The trust model determines how you want users to authentication to the on-premises Active Directory. Remember hybrid environments use Azure Active Directory and on-premises Active Directory. The key-trust model is for enterprises who do not want to issue end-entity certificates to their users and they have an adequate number of 2016 domain controllers in each site to support the authentication. The certificate-trust model is for enterprise that do want to issue end-entity certificates to their users and have the benefits of certificate expiration and renewal, similar to how smart cards work today. The certificate trust model is also enterprise who are not ready to deploy Windows Server 2016 domain controllers. Following are the various deployment guides included in this topic: +* [Hybrid Certificate Trust Deployment](hello-hybrid-cert-trust.md) * [On Premises Certificate Trust Deployment](hello-deployment-cert-trust.md) + ## Provisioning The Windows Hello for Business provisioning begins immediately after the user has signed in, after the user profile is loaded, but before the user receives their desktop. Windows only launches the provisioning experience if all the prerequisite checks pass. You can determine the status of the prerequisite checks by viewing the **User Device Registration** in the **Event Viewer** under **Applications and Services Logs\Microsoft\Windows**. diff --git a/windows/access-protection/hello-for-business/hello-deployment-hybrid-cert-trust.md b/windows/access-protection/hello-for-business/hello-deployment-hybrid-cert-trust.md deleted file mode 100644 index 3c35dfff7f..0000000000 --- a/windows/access-protection/hello-for-business/hello-deployment-hybrid-cert-trust.md +++ /dev/null @@ -1,40 +0,0 @@ ---- -title: Windows Hello for Business Deployment Guide - On Premises Certificate Trust Deployment -description: A guide to an On Premises, Certificate trust Windows Hello for Business deployment -keywords: identity, PIN, biometric, Hello, passport -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -ms.pagetype: security, mobile -author: DaniHalfin -localizationpriority: high -ms.author: daniha -ms.date: 07/07/2017 ---- -# On Premises Certificate Trust Deployment - -**Applies to** -- Windows 10 - -> This guide only applies to Windows 10, version 1703 or higher. - -Windows Hello for Business replaces username and password sign-in to Windows with strong user authentication based on asymmetric key pair. The following deployment guide provides the information needed to successfully deploy Windows Hello for Business in an existing environment. - -Below, you can find all the infromation you will need to deploy Windows Hello for Business in a Certificate Trust Model in your on-premises environment: -1. [Validate Active Directory prerequisites](hello-cert-trust-validate-ad-prereq.md) -2. [Validate and Configure Public Key Infrastructure](hello-cert-trust-validate-pki.md) -3. [Prepare and Deploy Windows Server 2016 Active Directory Federation Services](hello-cert-trust-adfs.md) -4. [Validate and Deploy Multifactor Authentication Services (MFA)](hello-cert-trust-validate-deploy-mfa.md) -5. [Configure Windows Hello for Business Policy settings](hello-cert-trust-policy-settings.md) - - - - - - - - - - - -