MC512168 – Date changes for new certificate-based authentication requirements on domain controllers (archived)

Admin impact, Stay Informed, Windows

check before: 2023-02-20

Product:

Office 365 general

Platform:

World tenant

Status:

Change type:

Admin impact

Links:

Details:

Date changes for new certificate-based authentication requirements on domain controllers

New security requirements are coming to Windows Servers. These changes increase certificate mapping security requirements to address vulnerabilities discussed in CVE-2022-26923 and others. Servers that run Active Directory Certificate Services, as well as Windows domain controllers that service certificate-based authentication, will need to meet new certificate mapping requirements in order for authentication operations to succeed. Administrators should be aware of two key dates in 2023:

April 11, 2023: Updates released after this date will remove the ability to allow domain controllers to continue relying on weak certificate mapping, known as Disabled mode.
November 14, 2023: Updates released after this date will mandate that the new certificate security requirements are met, known as Full Enforcement mode.

Beginning with updates released May 10, 2022 and later, warning messages are logged for authentication scenarios that will fail once the new security requirements are in place. This can help administrators identify compatibility issues ahead of the November 14, 2023 date. To help protect your environment, update all servers with the May 10, 2022 or later security release, and enable Full Enforcement mode on all domain controllers if no audit error logs are created on domain controllers.

For more information, see KB5014754 - Certificate-based authentication changes on Windows domain controllers.

When will this happen:
Starting April 11, 2023, Disabled mode will be removed. Starting November 14, 2023, domain controllers must use Full Enforcement mode. Please note, this was changed from a previously announced date in May.

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:

Created:
2023-02-07

updated:
2023-02-07

the free basic plan is required to see all details. Sign up here

A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.

Get a Plan

Last updated 3 months ago

MC713420 - (Updated) Microsoft Viva Engage and… 7. February 2024 Administration check before: 2024-02-21 Product: Microsoft Viva, Microsoft Viva Engage, Outlook, Power Automate, SharePoint, Teams, Yammer Platform: Android, Developer, iOS, Web, Windows Desktop, World tenant Status: In development Change type: Admin impact, Feature update, Updated message,…
MC719656 - Date Dividers: New Copilot for Microsoft… 27. February 2024 Copilot check before: 2024-03-12 Product: Copilot, Microsoft 365 Copilot, Teams Platform: mobile, Web, World tenant Status: Change type: New feature, Updated message, User impact Links: Details: Microsoft Copilot for Microsoft 365 in Microsoft Teams Chat, Channel,…
383533 - Outlook: Collapsible Date Headers on… 15. February 2024 General Availability check before: 2024-03-01 Product: Outlook Platform: US Instances, Web, Windows Desktop, World tenant Status: Rolling out Change type: Links: Details: You now can collapse and expand the date headers in the Message List when you've…
380187 - Microsoft Viva: Viva Learning - Date and… 25. January 2024 Android check before: 2024-06-01 Product: Microsoft Viva, Microsoft Viva Learning Platform: Android, iOS, Mac, Web, Windows Desktop, World tenant Status: In development Change type: Links: Details: All the dates that appear in Viva Learning will match…
MC715681 - Microsoft Teams for Windows is… 14. February 2024 Administration check before: 2024-02-28 Product: Entra, Teams Platform: World tenant, Online Status: Change type: User impact, Admin impact, Retirement Links: Details: Microsoft Teams for Windows is discontinuing support for the legacy ADAL Authentication SDK. Organizations that…
MC718260 - Microsoft Entra ID: Authentication… 22. February 2024 Administration check before: 2024-03-07 Product: Azure Active Directory, Entra, Entra ID, Microsoft 365 Apps Platform: Android, iOS, Mac, mobile, US Instances, Web, Windows Desktop, World tenant Status: In development Change type: Feature update, User impact, Admin…

You must be logged in to post a comment.

Share to MS Teams

MC512168 – Date changes for new certificate-based authentication requirements on domain controllers (archived)

check before: 2023-02-20

Related Posts:

Leave a Reply

cloudscout.one

Schierding.one GmbH

become an evergreen hero

Hey there! We've got some great news - our Basic Plus plan has everything you need to succeed, and it's completely free! So, don't hesitate - take advantage of this amazing opportunity today!

Welcome Back, We Missed You!