updates

2025-06-18 11:53:37 +00:00 · 2022-11-10 15:38:47 -05:00
parent ad3dd22648
commit f4948d3be7
10 changed files with 96 additions and 9 deletions
--- a/education/windows/federated-sign-in.md
+++ b/education/windows/federated-sign-in.md
@ -57,7 +57,7 @@ To configure federated sign-in using Microsoft Intune, [create a custom profile]
 To sign-in with a SAML 2.0 identity provider, your devices must be configured with different policies, which can be configured using Microsoft Intune.
-To configure federated sign-in using Microsoft Intune, [create a custom profile][MEM-1] with the following settings:
+[!INCLUDE [intune-custom-settings-1](includes/intune-custom-settings-1.md)]
 | Setting |
 |--------|
@ -68,7 +68,8 @@ To configure federated sign-in using Microsoft Intune, [create a custom profile]
 :::image type="content" source="images/federated-sign-in-settings-intune.png" alt-text="Custom policy showing the settings to be configured to enable federated sign-in" lightbox="images/federated-sign-in-settings-intune.png" border="true":::
-Assign the policy to a security group that contains as members the devices that require federated sign-in.
+[!INCLUDE [intune-custom-settings-2](includes/intune-custom-settings-2.md)]
 [!INCLUDE [intune-custom-settings-info](includes/intune-custom-settings-info.md)]
 <!--
 #### [:::image type="icon" source="images/icons/provisioning-package.svg"::: **PPKG**](#tab/ppkg)
--- a/education/windows/includes/intune-custom-settings-1.md
+++ b/education/windows/includes/intune-custom-settings-1.md
@ -0,0 +1,18 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
 ms.date: 11/08/2022
 ms.topic: include
 ---
 To configure devices with Microsoft Intune, use a custom policy:
  > [!TIP]
  > If you're browsing with an account that can create Intune policies, you can skip to step 5 by using this direct link to <a href="https://go.microsoft.com/fwlink/?linkid=2109431#view/Microsoft_Intune_DeviceSettings/CreatePolicyFullScreenBlade/policyId/00000000-0000-0000-0000-000000000000/policyType/Windows10Custom/policyJourneyState~/0" target="_blank"><b>create a custom policy</b></a> (opens in a new tab).
 1. Go to the <a href="https://go.microsoft.com/fwlink/?linkid=2109431" target="_blank"><b>Microsoft Endpoint Manager admin center</b></a>
 2. Select **Devices > Configuration profiles > Create profile**
 3. Select **Platform > Windows 10 and later** and **Profile type > Templates > Custom**
 4. Select **Create**
 5. Specify a **Name** and, optionally, a **Description > Next**
 6. Add the following settings:
--- a/education/windows/includes/intune-custom-settings-2.md
+++ b/education/windows/includes/intune-custom-settings-2.md
@ -0,0 +1,11 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
 ms.date: 11/08/2022
 ms.topic: include
 ---
 7. Select **Next**
 8. Assign the policy to a security group that contains as members the devices or users that you want to configure > **Next**
 9. Under **Applicability Rules**, select **Next**
 10. Review the policy configuration and select **Create**
--- a/education/windows/includes/intune-custom-settings-alternative.md
+++ b/education/windows/includes/intune-custom-settings-alternative.md
@ -0,0 +1,8 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
 ms.date: 11/08/2022
 ms.topic: include
 ---
 Alternatively, <a href="https://go.microsoft.com/fwlink/?linkid=2109431#view/Microsoft_Intune_DeviceSettings/CreatePolicyFullScreenBlade/policyId/00000000-0000-0000-0000-000000000000/policyType/Windows10Custom/policyJourneyState~/0" target="_blank"><b>create a custom policy</b></a> with the following settings:
--- a/education/windows/includes/intune-custom-settings-info.md
+++ b/education/windows/includes/intune-custom-settings-info.md
@ -0,0 +1,8 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
 ms.date: 11/08/2022
 ms.topic: include
 ---
 For more information about how to create custom settings using Intune, see [Use custom settings for Windows devices in Intune](/mem/intune/configuration/custom-settings-windows-10).
--- a/education/windows/includes/intune-settings-catalog-1.md
+++ b/education/windows/includes/intune-settings-catalog-1.md
@ -0,0 +1,18 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
 ms.date: 11/08/2022
 ms.topic: include
 ---
 To configure devices with Microsoft Intune, use the settings catalog:
  > [!TIP]
  > If you're browsing with an account that can create Intune policies, you can skip to step 5 by using this direct link to <a href="https://go.microsoft.com/fwlink/?linkid=2109431#view/Microsoft_Intune_Workflows/SettingsCatalogWizardBlade/mode/create/platform/Windows%2010%20and%20later/policyType/SettingsCatalogWindows10" target="_blank"><b>create a Settings catalog policy</b></a> (opens in a new tab).
 1. Go to the <a href="https://go.microsoft.com/fwlink/?linkid=2109431" target="_blank"><b>Microsoft Endpoint Manager admin center</b></a>
 2. Select **Devices > Configuration profiles > Create profile**
 3. Select **Platform > Windows 10 and later** and **Profile type > Settings catalog**
 4. Select **Create**
 5. Specify a **Name** and, optionally, a **Description** > **Next**
 6. In the settings picker, add the following settings:
--- a/education/windows/includes/intune-settings-catalog-2.md
+++ b/education/windows/includes/intune-settings-catalog-2.md
@ -0,0 +1,11 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
 ms.date: 11/08/2022
 ms.topic: include
 ---
 7. Select **Next**
 8. Optionally, add *scope tags* > **Next**
 9. Assign the policy to a security group that contains as members the devices or users that you want to configure > **Next**
 10. Review the policy configuration and select **Create**
--- a/education/windows/includes/intune-settings-catalog-info.md
+++ b/education/windows/includes/intune-settings-catalog-info.md
@ -0,0 +1,8 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
 ms.date: 11/08/2022
 ms.topic: include
 ---
 For more information about how to create policies with the Intune settings catalog, see [Use the settings catalog to configure settings](/mem/intune/configuration/settings-catalog).
--- a/windows/security/identity-protection/hello-for-business/hello-how-it-works.md
+++ b/windows/security/identity-protection/hello-for-business/hello-how-it-works.md
@ -10,14 +10,13 @@ ms.collection: M365-identity-device-management
 ms.topic: article
 localizationpriority: medium
 ms.date: 05/05/2018
-appliesto: 
+appliesto:
-  - ✅ <b>Windows 10</b>
+  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
  - ✅ <b>Windows 11</b>
 ms.technology: itpro-security
 ---
 # How Windows Hello for Business works in Windows Devices
-Windows Hello for Business is a modern, two-factor credential that is the more secure alternative to passwords. Whether you are cloud or on-premises, Windows Hello for Business has a deployment option for you. For cloud deployments, you can use Windows Hello for Business with Azure Active Directory-joined, Hybrid Azure Active Directory-joined, or Azure AD registered devices. Windows Hello for Business also works for domain joined devices.
+Windows Hello for Business is a two-factor credential that is a more secure alternative to passwords. Whether you are cloud or on-premises, Windows Hello for Business has a deployment option for you. For cloud deployments, you can use Windows Hello for Business with Azure Active Directory-joined, Hybrid Azure Active Directory-joined, or Azure AD registered devices. Windows Hello for Business also works for domain joined devices.
 Watch this quick video where Pieter Wigleven gives a simple explanation of how Windows Hello for Business works and some of its supporting features.
 > [!VIDEO https://www.youtube.com/embed/G-GJuDWbBE8]
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md
@ -10,15 +10,20 @@ ms.collection: M365-identity-device-management
 ms.topic: article
 localizationpriority: medium
 ms.date: 11/1/2022
-appliesto: 
+appliesto:
-  - ✅ <b>Windows 10, version 21H2 and later</b>
+  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10, version 21H2 and later</a>
  - ✅ <b>Windows 11</b>
  - ✅ <b>Hybrid deployment</b>
  - ✅ <b>Hybrid cloud Kerberos trust</b>
 ms.technology: itpro-security
 ---
 # Hybrid cloud Kerberos trust deployment
 ✅ **Deployment type:** [hybrid](hello-how-it-works-technology#hybrid-deployment)\
 ✅ **Trust type:** [key trust](hello-hybrid-key-trust)\
 ✅ **Trust type:** [cloud Kerberos trust](hello-hybrid-cloud-kerberos-trust)\
 ✅ **Trust type:** [certificate trust](hello-hybrid-cert-trust)\
 ✅ **Device registration type:** [Azure AD join](hello-how-it-works-technology#azure-active-directory-join), [Hybrid Azure AD join](hello-how-it-works-technology#hybrid-azure-ad-join)
 Windows Hello for Business replaces password sign-in with strong authentication, using an asymmetric key pair. This deployment guide provides the information to successfully deploy Windows Hello for Business in a hybrid cloud Kerberos trust scenario.
 ## Introduction to cloud Kerberos trust