deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-18 03:43:39 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
Paolo Matarazzo
2022-12-29 17:20:39 -05:00
parent 063a89e81c
commit fd5aa735d5
1 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso.md
View File

@ -267,17 +267,17 @@ Expand each step to learn more:
<details> <details>
<summary><b>Deploy the certificate via Intune</b></summary> <summary><b>Deploy the certificate via Intune</b></summary>
1. Sign-in to the [Microsoft Azure portal](https://portal.azure.com) and select **Microsoft Intune**. To configure devices with Microsoft Intune, use a custom policy:
2. Select **Device configuration**. In the **Device Configuration** blade, select **Create profile**.
![Intune Create Profile.](images/aadj/intune-create-device-config-profile.png) 1. Go to the <a href="https://go.microsoft.com/fwlink/?linkid=2109431" target="_blank"><b>Microsoft Endpoint Manager admin center</b></a>
3. In the **Create profile** blade, type **Enterprise Root Certificate** in **Name**. Provide a description. Select **Windows 10 and later** from the **Platform** list. Select **Trusted certificate** from the **Profile type** list. Select **Configure**. 1. Select **Devices > Configuration profiles > Create profile**
4. In the **Trusted Certificate** blade, use the folder icon to browse for the location of the enterprise root certificate file you created in step 8 of [Export Enterprise Root certificate](#export-enterprise-root-certificate). Select **OK**. Select **Create**. 1. Select **Platform > Windows 8.1 and later** and **Profile type > Trusted certificate**
![Intune Trusted Certificate Profile.](images/aadj/intune-create-trusted-certificate-profile.png) 1. Select **Create**
5. In the **Enterprise Root Certificate** blade, select **Assignments**. In the **Include** tab, select **All Devices** from the **Assign to** list. Select **Save**. 1. In **Configuration settings**, select the folder icon and browse for the enterprise root certificate file. Once the file is selected, select **Open** to upload it to Intune
![Intune Profile assignment.](images/aadj/intune-device-config-enterprise-root-assignment.png) 1. Under **Destination store** dropdown, select **Computer certificate store - Root**
6. Sign out of the Microsoft Azure portal. 1. Select **Next**
> [!NOTE] 1. Under **Assignment**, select a security group that contains as members the devices or users that you want to configure > **Next**
> After the creation, the **supported platform** parameter of the profile will contain the value "Windows 8.1 and later", as the certificate configuration for Windows 8.1 and Windows 10 is the same. 1. Review the policy configuration and select **Create**
</details> </details>