Merge pull request #16908 from MicrosoftDocs/main

Publish main to live, 12/11, 11:00 AM IST
MicrosoftDocs · Dec 11, 2024 · bc8ea12 · bc8ea12
2 parents d003dc9 + 3f15a15
commit bc8ea12
Show file tree

Hide file tree

Showing 2 changed files with 48 additions and 78 deletions.
diff --git a/memdocs/intune/user-help/enroll-android-device-disa-purebred.md b/memdocs/intune/user-help/enroll-android-device-disa-purebred.md
@@ -34,14 +34,14 @@ ms.collection:
 
 Enroll your device with the Microsoft Intune app to gain secure, mobile access to your work email, files, and apps. After your device is enrolled, it becomes *managed*, which means your organization can assign policies and apps to the device through a mobile device management (MDM) provider, such as Microsoft Intune.  
 
-During enrollment, you'll also install a derived credential on your device. Your organization might require you to use the derived credential as an authentication method when accessing resources, or for signing and encrypting emails.
+During enrollment, you also install a derived credential on your device. Your organization might require you to use the derived credential as an authentication method when accessing resources, or for signing and encrypting emails.
 
 You likely need to set up a derived credential if you use a smart card to:
 
 * Sign in to school or work apps, Wi-Fi, and virtual private networks (VPN)
 * Sign and encrypt school or work emails using S/MIME certificates
 
-In this article, you will:
+In this article, you learn how to:  
 
 * Enroll a mobile Android device with the Intune app
 * Set up your smart card by installing a derived credential from your organization's derived credential provider, [DISA Purebred](https://public.cyber.mil/pki-pke/purebred/)
@@ -67,156 +67,131 @@ To complete enrollment, you must have:
 * The Microsoft Intune app installed on your device
 * The Purebred app installed on your device (App should automatically install shortly after device setup. If it doesn't, contact your IT support person.)
 
-You'll also need to contact a Purebred agent or representative during setup.
+You must also contact a Purebred agent or representative during setup. 
 
 ## Enroll device  
 
 1. Turn on your new or factory-reset device.  
-2. On the **Welcome** screen, select your language. If you've been instructed to enroll with a QR code or NFC, follow the step below that matches the method.  
+2. On the **Welcome** screen, select your language. If you were instructed to enroll with a QR code or NFC, complete the step that matches the method:    
      * NFC: Tap your NFC-supported device against a programmer device to connect to your organization's network. Follow the onscreen prompts. When you reach the screen for Chrome's Terms of Service, continue to step 5.  
 
      * QR code: Complete the steps in [QR code enrollment](#qr-code-enrollment).  
 
-     If you've been instructed to use another method, continue to step 3.    
+     If you were instructed to use another method, continue to step 3.    
 
 3. Connect to Wi-Fi and tap **NEXT**. Follow the step that matches your enrollment method. 
 
     * Token: When you get to the Google sign-in screen, complete the steps in [Token enrollment](#token-enrollment).  
-    * Google Zero Touch: After you connect to Wi-Fi, your device will be recognized by your organization. Continue to step 4 and follow the onscreen prompts until setup is complete.    
-
-       ![Example image of Google terms screen that you see if you're using Google Zero Touch, highlighting Accept & Continue button.](./media/enroll-android-device-disa-purebred/google-zero-touch-intune-app-01.png)   
+    * Google Zero Touch: After you connect to Wi-Fi, your organization can recognize your device. Continue to step 4 and follow the onscreen prompts until setup is complete.    
 
 4. Review Google's terms. Then tap **ACCEPT & CONTINUE**.  
 
-      ![Example image of Google terms screen, highlighting Accept & Continue button.](./media/enroll-android-device-disa-purebred/fully-managed-intune-app-04.png)   
-
-5. Review Chrome's Terms of Service. Then tap **ACCEPT & CONTINUE**.  
-
-   ![Example image of Chrome Terms of Service screen, highlighting Accept & Continue button.](./media/enroll-android-device-disa-purebred/fully-managed-intune-app-06.png)   
+5. Review Chrome's Terms of Service. Then tap **ACCEPT & CONTINUE**.   
 
 6. On the sign-in screen, tap **Sign-in options** and then **Sign in from another device**. 
 
 7. Write down the onscreen code.  
 
-8. Switch to your smart card-enabled device and go to the web address that's shown on your screen. 
+8. Switch to your smart card-enabled device and go to the web address that appears on your screen. 
 
-9. Enter the code you previously wrote down.
-
-   > [!div class="mx-imgBorder"]
-   > ![Screenshot of the Company Portal website "Enter code" prompt.](./media/enroll-android-device-disa-purebred/enter-code-intercede.png)
+9. Enter the code you previously wrote down.  
 
 10. Insert your smart card to sign in. 
 
 11. On the sign-in screen, select your work or school account. Then switch back to your mobile device. 
 
 12. Depending on your organization's requirements, you might be prompted to update settings, such as screen lock or encryption. If you see these prompts, tap **SET** and follow the onscreen instructions.  
 
-       ![Example image of Set up your work phone screen, highlighting Set button.](./media/enroll-android-device-disa-purebred/fully-managed-intune-app-10.png)   
-
 13. To install work apps on your device, tap **INSTALL**. After installation is complete, tap **NEXT**.  
-
-       ![Example image of Set up your work phone screen, highlighting Install button.](./media/enroll-android-device-disa-purebred/fully-managed-intune-app-11.png)   
-
 14. Tap **START** to open the Microsoft Intune app. 
 
-    ![Example image of Set up your work phone screen, highlighting Start button.](./media/enroll-android-device-disa-purebred/fully-managed-intune-app-17.png)   
-
 15. Return to the Intune app on your mobile device and follow the onscreen instructions until enrollment is done. 
 
-    ![Example image of Set up access, register your device screen, highlighting Done button.](./media/enroll-android-device-disa-purebred/fully-managed-intune-app-19.png)   
-
 16. Continue to the [set up your smart card](enroll-android-device-disa-purebred.md#set-up-smart-card) section in this article to finish setting up your device.  
 
 ### QR code enrollment  
-In this section, you'll scan your company-provided QR code.  When you're done, we'll redirect you back to the device enrollment steps.     
+In this section, you scan your company-provided QR code. When you're done, we'll redirect you back to the device enrollment steps.     
 
 1. On the **Welcome** screen, tap the screen five times to start QR code setup.  
-
-   ![Example image of device setup Welcome screen, highlighting instructions to tap screen.](./media/enroll-android-device-disa-purebred/qr-code-intune-app-01.png)  
-
 2. Follow any onscreen instructions to connect to Wi-Fi.  
-3. If your device doesn't have a QR code scanner, the setup screens will show the progress as a scanner is installed. Wait for installation to complete.  
-4. When prompted, scan the enrollment profile QR code that your organization gave you.  
-5. Return to [Enroll device](#enroll-device), step 4 to continue setup.  
+3. If your device doesn't have a QR code scanner, the setup screens show the installation progress as a scanner installs. Wait for installation to complete.  
+4. Scan the enrollment profile QR code that your organization gave you.  
+5. Return to [Enroll device](#enroll-device) > step 4 to continue setup.  
 
 ### Token enrollment  
-In this section, you'll enter your company-provided token. When you're done, we'll redirect you back to the device enrollment steps.  
-
-1. On the Google sign-in screen, in the **Email or phone** box, type **afw#setup**. Tap **Next**. 
+In this section, you enter your company-provided token. When you're done, we'll redirect you back to the device enrollment steps.  
 
-   ![Example image of Google sign-in screen, showing that "afw#setup" is typed into field.](./media/enroll-android-device-disa-purebred/token-intune-app-01.png)   
+1. On the Google sign-in screen, in the **Email or phone** box, type **afw#setup**. Tap **Next**.  
 
-2. Choose **Install** for the **Android Device Policy** app. Continue through the installation. Depending on your device, you might need to review and accept additional terms.    
+2. Choose **Install** for the **Android Device Policy** app. Continue through the installation. Depending on your device, you might need to review and accept other terms.    
 
 3. On the **Enroll this device** screen, select **Next**.  
 
 4. Select **Enter code**.  
 
-5. On the **Scan or enter code** screen, type in the code that your organization gave you.  Then click **Next**.  
-
-   ![Example image of Scan or enter code screen, highlighting Next button.](./media/enroll-android-device-disa-purebred/token-intune-app-04.png)  
+5. On the **Scan or enter code** screen, type in the code that your organization gave you. Then click **Next**.  
 
-6. Return to [Enroll device](#enroll-device), step 4 to continue setup.
+6. Return to [Enroll device](#enroll-device) > step 4 to continue setup.
 
 
 ## Set up smart card  
 
 > [!NOTE]
-> The Purebred app is required to complete these steps and will automatically install on your device after enrollment. If you still don't have the app after waiting a short while, contact your IT support person.  
+> The Purebred app is required to complete these steps and automatically installs on your device after enrollment. If you still don't have the app after waiting a short while, contact your IT support person.  
 
-1. After enrollment is complete, the Intune app will notify you to set up your smart card. Tap the notification. If you don't get a notification, check your email.
+1. After enrollment is complete, the Intune app prompts you to set up your smart card via a notification. Tap the notification. If you don't get a notification, check your email.  
 
    > [!div class="mx-imgBorder"]
    > ![Screenshot of the Intune app push notification on device home screen.](./media/enroll-android-device-disa-purebred/action-required-in-app-android.png)
 
 2. On the **Set up smart card** screen:
 
-   1. Tap the link to your organization's setup instructions and review them. If your organization doesn't provide additional instructions, you'll be sent to this article.
+   1. Tap the link to your organization's setup instructions and review them. If your organization doesn't provide other instructions, you're sent to this article.
 
    2. Tap **BEGIN**.   
 
    > [!div class="mx-imgBorder"]
    > ![Screenshot of the Intune app, Set up smart card screen.](./media/enroll-android-device-disa-purebred/smart-card-open-disa-purebred-android.png)
 
-3. On the **Get certificates** screen, tap **LAUNCH PUREBRED** to open the Purebred app. (The app should have been installed automatically on your device. If you don't have it, contact your support person.)  
+3. On the **Get certificates** screen, tap **LAUNCH PUREBRED** to open the Purebred app. (The app should be on your device already, because it installs automatically. If you don't have it, contact your support person.)  
 
    > [!div class="mx-imgBorder"]
    > ![Screenshot of the Intune app prompt to open DISA Purebred app.](./media/enroll-android-device-disa-purebred/open-app-prompt-disa-purbred-android.png)  
 
-4. The Purebred app might need additional permissions from you in order to run properly. Tap **Allow** or **Allow all the time** when prompted. For more information about why these permissions are required, speak with your support person or Purebred agent.  
+4. The Purebred app might need other permissions from you in order to run properly. Tap **Allow** or **Allow all the time** when prompted. For more information about why these permissions are required, speak with your support person or Purebred agent.  
 
 5. Once you're in the Purebred app, work with your organization's Purebred agent to download and install the certificates you need to access work or school resources.
 
     > [!IMPORTANT]
     > During this process, tap **OK** or **Install** when prompted. Don't change the names of any certificate authorities (CAs) or certificates that you're prompted to install.    
 
-6. After installation is complete, you'll receive a notification that your certificates are ready. Tap the notification to return to the Intune app.
+6. After installation is complete, you receive a notification that your certificates are ready. Tap the notification to return to the Intune app.
 
     > [!div class="mx-imgBorder"]
-    > ![Screenshot of the "Allow access to certificates" screen](./media/enroll-android-device-disa-purebred/certificates-ready-prompt-disa-purbred-android.png)
+    > ![Screenshot of the Allow access to certificates screen](./media/enroll-android-device-disa-purebred/certificates-ready-prompt-disa-purbred-android.png)
 
-7. From the **Allow access to certificates** screen, you'll give the Intune app permission to access the derived credential you got from DISA Purebred. This step ensures that your organization can verify your identity whenever you access protected work or school resources.  
+7. From the **Allow access to certificates** screen, give the Intune app permission to access the derived credential you got from DISA Purebred. This step ensures that your organization can verify your identity whenever you access protected work or school resources.  
 
     1. Tap **NEXT**.
 
        > [!div class="mx-imgBorder"]
-       > ![Screenshot of the "Certificates are ready" prompt](./media/enroll-android-device-disa-purebred/certificates-access-disa-purbred-android.png)
+       > ![Screenshot of the Certificates are ready prompt](./media/enroll-android-device-disa-purebred/certificates-access-disa-purbred-android.png)
 
     2. When you're prompted to **Choose certificate**, don't change the selection. The correct certificate is already selected, so just tap **Select** or **OK**.  
 
        > [!div class="mx-imgBorder"]
-       > ![Screenshot of the "Choose certificate" prompt](./media/enroll-android-device-disa-purebred/choose-certificates-prompt-disa-purbred-android.png)
+       > ![Screenshot of the Choose certificate prompt](./media/enroll-android-device-disa-purebred/choose-certificates-prompt-disa-purbred-android.png)
 
     3. Your derived credential is made up of multiple certificates, so you might see the **Choose certificate** prompt multiple times. Repeat the previous step until no more prompts appear.  
 
-8. Once all of the certificates are processed, wait for the Intune app to finish setting up your device. You'll know setup is complete when you see the **You're all set!** screen.  
+8. Once all of the certificates are processed, wait for the Intune app to finish setting up your device. You know setup is complete when you see the **You're all set!** screen.  
 
     > [!div class="mx-imgBorder"]
-    > ![Screenshot of the "You're all set" screen](./media/enroll-android-device-disa-purebred/all-set-android.png)
+    > ![Screenshot of the You're all set screen](./media/enroll-android-device-disa-purebred/all-set-android.png)
 
 ## Next steps
 
-After enrollment is complete, you'll have access to work resources, such as email, Wi-Fi, and any apps that your organization makes available. For more information about how to get, search for, install, and uninstall apps in the Intune app see:
+After enrollment is complete, you have access to work resources, such as email, Wi-Fi, and any apps that your organization makes available. For more information about how to get, search for, install, and uninstall apps in the Intune app see:
 
 * [Use managed apps on your device](use-managed-apps-on-your-device-android.md)  
 * [Manage apps from the Company Portal website](manage-apps-cpweb.md)