MicrosoftDocs
diff --git a/‎articles/active-directory/authentication/howto-registration-mfa-sspr-combined.md
Lines changed: 17 additions & 17 deletions b/‎articles/active-directory/authentication/howto-registration-mfa-sspr-combined.md
Lines changed: 17 additions & 17 deletions
diff --git a/‎articles/active-directory/authentication/media/howto-registration-mfa-sspr-combined/require-registration-from-trusted-location.png
10.5 KB b/‎articles/active-directory/authentication/media/howto-registration-mfa-sspr-combined/require-registration-from-trusted-location.png
10.5 KB
@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 04/15/2020
+ms.date: 04/17/2020
 
 ms.author: iainfou
 author: iainfoulds
@@ -44,34 +44,34 @@ If you have configured the Site to Zone Assignment List in Internet Explorer, th
 
 ## Conditional Access policies for combined registration
 
-Securing when and how users register for Azure Multi-Factor Authentication and self-service password reset is now possible with user actions in Conditional Access policy. This feature is available to organizations who have enabled the [combined registration feature](../authentication/concept-registration-mfa-sspr-combined.md). This functionality may be enabled in organizations where they want users to register for Azure Multi-Factor Authentication and SSPR from a central location such as a trusted network location during HR onboarding. For more information about creating trusted locations in Conditional Access, see the article [What is the location condition in Azure Active Directory Conditional Access?](../conditional-access/location-condition.md#named-locations)
+Securing when and how users register for Azure Multi-Factor Authentication and self-service password reset is now possible with user actions in Conditional Access policy. This feature is available to organizations who have enabled the [combined registration feature](../authentication/concept-registration-mfa-sspr-combined.md). This functionality may be enabled in organizations where they want users to register for Azure Multi-Factor Authentication and SSPR from a central location such as a trusted network location during HR onboarding.
 
-### Create a policy to require registration from a trusted location
+For more information about creating trusted locations in Conditional Access, see the article [What is the location condition in Azure Active Directory Conditional Access?](../conditional-access/location-condition.md#named-locations)
 
-The following policy applies to all selected users, who attempt to register using the combined registration experience, and blocks access unless they are connecting from a location marked as trusted network.
+### Create a policy to require registration from a trusted location
 
-![Create a CA policy to control security info registration](media/howto-registration-mfa-sspr-combined/require-registration-from-trusted-location.png)
+The following policy applies to all selected users that attempt to register using the combined registration experience, and blocks access unless they are connecting from a location marked as trusted network.
 
 1. In the **Azure portal**, browse to **Azure Active Directory** > **Security** > **Conditional Access**
-1. Select **New policy**
-1. In Name, Enter a Name for this policy. For example, **Combined Security Info Registration on Trusted Networks**
-1. Under **Assignments**, click **Users and groups**, and select the users and groups you want this policy to apply to
+1. Select **+ New policy**
+1. Enter a name for this policy, such as *Combined Security Info Registration on Trusted Networks*.
+1. Under **Assignments**, select **Users and groups**. Choose the users and groups you want this policy to apply to, then select **Done**.
 
    > [!WARNING]
-   > Users must be enabled for [combined registration](../authentication/howto-registration-mfa-sspr-combined.md).
+   > Users must be enabled for combined registration.
+
+1. Under **Cloud apps or actions**, select **User actions**. Check **Register security information**, then select **Done**.
+
+    ![Create a conditional access policy to control security info registration](media/howto-registration-mfa-sspr-combined/require-registration-from-trusted-location.png)
 
-1. Under **Cloud apps or actions**, select **User actions**, check **Register security information (preview)**
-1. Under **Conditions** > **Locations**
+1. Under **Conditions** > **Locations**, configure the following options:
    1. Configure **Yes**
    1. Include **Any location**
    1. Exclude **All trusted locations**
-   1. Click **Done** on the Locations blade
-   1. Click **Done** on the Conditions blade
-1. Under **Access controls** > **Grant**
-   1. Click **Block access**
-   1. Then click **Select**
+1. Select **Done** on the *Locations* window, then select **Done** on the *Conditions* window.
+1. Under **Access controls** > **Grant**, choose **Block access**, then **Select**
 1. Set **Enable policy** to **On**
-1. Then click **Create**
+1. To finalize the policy, select **Create**
 
 ## Next steps