updating

billmath · billmath · commit 7259b7dc0c8e · 2023-01-26T18:04:43.000-05:00
diff --git a/articles/active-directory/hybrid/how-to-connect-sso-faq.yml b/articles/active-directory/hybrid/how-to-connect-sso-faq.yml
@@ -26,7 +26,7 @@ sections:
       - question: |
           What sign-in methods do Seamless SSO work with
         answer: |
-          Seamless SSO can be combined with either the [Password Hash Synchronization](how-to-connect-password-hash-synchronization.md) or [Pass-through Authentication](how-to-connect-pta.md) sign-in methods. However this feature cannot be used with Active Directory Federation Services (ADFS).
+          Seamless SSO can be combined with either the [Password Hash Synchronization](how-to-connect-password-hash-synchronization.md) or [Pass-through Authentication](how-to-connect-pta.md) sign-in methods. However this feature can't be used with Active Directory Federation Services (ADFS).
           
       - question: |
           Is Seamless SSO a free feature?
@@ -80,16 +80,16 @@ sections:
       - question: |
           How can I roll-over the Kerberos decryption key of the `AZUREADSSO` computer account?
         answer: |
-          It is important to frequently roll-over the Kerberos decryption key of the `AZUREADSSO` computer account (which represents Azure AD) created in your on-premises AD forest.
+          It's important to frequently roll-over the Kerberos decryption key of the `AZUREADSSO` computer account (which represents Azure AD) created in your on-premises AD forest.
           
           >[!IMPORTANT]
           >We highly recommend that you roll-over the Kerberos decryption key at least every 30 days.
           
-          Follow these steps on the on-premises server where you are running Azure AD Connect:
+          Follow these steps on the on-premises server where you're running Azure AD Connect:
           
              > [!NOTE]
-             >You will need domain administrator and global administrator/hybrid identity administrator credentials for the steps.
-             >If you are not a domain admin and you were assigned permissions by the domain admin, you should call `Update-AzureADSSOForest -OnPremCredentials $creds -PreserveCustomPermissionsOnDesktopSsoAccount`
+             >You'll need domain administrator and global administrator/hybrid identity administrator credentials for the steps.
+             >If you're not a domain admin and you were assigned permissions by the domain admin, you should call `Update-AzureADSSOForest -OnPremCredentials $creds -PreserveCustomPermissionsOnDesktopSsoAccount`
           
              **Step 1. Get list of AD forests where Seamless SSO has been enabled**
           
@@ -114,10 +114,10 @@ sections:
              3. Repeat the preceding steps for each AD forest that you’ve set up the feature on.
              
             >[!NOTE]
-             >If you are updating a forest, other than the Azure AD Connect one, make sure connectivity to the global catalog server (TCP 3268 and TCP 3269) is available.
+             >If you're updating a forest, other than the Azure AD Connect one, make sure connectivity to the global catalog server (TCP 3268 and TCP 3269) is available.
           
              >[!IMPORTANT]
-             >This does not need to be done on servers running Azure AD Connect in staging mode.
+             >This doesn't need to be done on servers running Azure AD Connect in staging mode.
              >Ensure that you _don't_ run the `Update-AzureADSSOForest` command more than once per forest. Otherwise, the feature stops working until the time your users' Kerberos tickets expire and are reissued by your on-premises Active Directory.
           
       - question: |
@@ -134,11 +134,11 @@ sections:
           
              "Single sign-on is now disabled, but there are other manual steps to perform in order to complete clean-up. [Learn more](tshoot-connect-sso.md#step-3-disable-seamless-sso-for-each-active-directory-forest-where-youve-set-up-the-feature)"
           
-             To complete the clean-up process, follow steps 2 and 3 on the on-premises server where you are running Azure AD Connect.
+             To complete the clean-up process, follow steps 2 and 3 on the on-premises server where you're running Azure AD Connect.
           
              **Option B: Disable using PowerShell**
           
-             Run the following steps on the on-premises server where you are running Azure AD Connect:
+             Run the following steps on the on-premises server where you're running Azure AD Connect:
           
              1. First, download, and install [Azure AD PowerShell](/powershell/azure/active-directory/overview).
              2. Navigate to the `$env:ProgramFiles"\Microsoft Azure Active Directory Connect"` folder.
@@ -149,7 +149,7 @@ sections:
              At this point Seamless SSO is disabled but the domains will remain configured in case you would like to enable Seamless SSO back. If you would like to remove the domains from Seamless SSO configuration completely, call the following cmdlet after you completed step 5 above: `Disable-AzureADSSOForest -DomainFqdn <fqdn>`.
           
              >[!IMPORTANT]
-             >Disabling Seamless SSO using PowerShell will not change the state in Azure AD Connect. Seamless SSO will show as enabled in the **Change user sign-in** page.
+             >Disabling Seamless SSO using PowerShell won't change the state in Azure AD Connect. Seamless SSO will show as enabled in the **Change user sign-in** page.
           
              **Step 2. Get list of AD forests where Seamless SSO has been enabled**
           
