Deployment guide overview - on-premises key trust

• Applies to:

  ✅ Windows 11, ✅ Windows 10

This document describes Windows Hello for Business functionalities or scenarios that apply to:

• Deployment type: on-premises
• Trust type: key trust
• Join type: domain join

---

Windows Hello for Business replaces username and password authentication to Windows with an asymmetric key pair. This deployment guide provides the information to deploy Windows Hello for Business in an on-premises environment::

1. Validate Active Directory prerequisites
2. Validate and configure a PKI
3. Prepare and deploy AD FS
4. Validate and deploy multi-factor authentication (MFA)
5. Configure Windows Hello for Business Policy settings