add notes.

Author: Deland-Han

support/windows-server/active-directory/troubleshoot-ad-fs-sso-issue.md

@@ -114,11 +114,14 @@ If the application is Microsoft Online Services, what you experience may be cont
 
    ```powershell
    Connect-MgGraph -scopes Domain.ReadWrite.All, Directory.ReadWrite.All
-   $tdo= Get-MgDomainFederationConfiguration -DomainID <domain_id>
-   Update-MgDomainFederationConfiguration -DomainId <domain_id> -InternalDomainFederationId $tdo.Id -PromptLoginBehavior <translateToFreshPasswordAuthentication|nativeSupport|disabled>
+   $tdo= Get-MgDomainFederationConfiguration -DomainID <domain_to_manage>
+   Update-MgDomainFederationConfiguration -DomainId <domain_to_manage> -InternalDomainFederationId $tdo.Id -PromptLoginBehavior <translateToFreshPasswordAuthentication|nativeSupport|disabled>
    Disconnect-MgGraph
    ```
 
+   > [!NOTE]
+   > \<domain_to_manage> is a placeholder for your domain's name. For example, contoso.com.
+
    The values for the PromptLoginBehavior parameter are:
 
    1. **translateToFreshPasswordAuth**: Microsoft Entra ID sends wauth and wfresh to AD FS instead of prompt=login. This leads to an authentication request to use forms-based authentication.
@@ -214,9 +217,12 @@ If the application that you want to access is Microsoft Online Services for Offi
 
    ```powershell
    Connect-MgGraph -scopes Domain.ReadWrite.All, Directory.ReadWrite.All
-   Get-MgDomainFederationConfiguration -DomainId <domain_id> | FL *
+   Get-MgDomainFederationConfiguration -DomainId <domain_to_manage> | FL *
    ```
 
+   > [!NOTE]
+   > \<domain_to_manage> is a placeholder for your domain's name. For example, contoso.com.
+
 2. If the SupportsMFA setting is FALSE, set it to TRUE by running the following command:  
 
    ```powershell