Share via

KB5014754: Certificate-based authentication changes on Windows domain controllers. No Certificate authority

VinceV2022 65 Reputation points
2025-02-26T22:00:30.4766667+00:00

Does this KB apply to an organization that does not have PKI servers?

In reading the KB announcement it mentions, "Update all servers that run Active Directory Certificate Services and Windows domain controllers that service certificate-based authentication with the May 10, 2022 update"

We have no servers running ADCS and we aren't doing certificate based authentication.

Can we let the StrongCertificateBindingEnforcement value be enabled without issues?

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,944 questions
0 comments
Accepted answer
  1. Molly Lu-MSFT 1,101 Reputation points Microsoft Vendor
    2025-02-27T06:05:38.82+00:00

    Hello,

    Thank you for posting in Microsoft Q&A.

    Based on the description, I understand your question is related to KB5014754.

    The KB5014754 is Certificate-based authentication changes on Windows domain controllers, if your organization does not have Public Key Infrastructure (PKI) servers and does not use certificate-based authentication, the update's primary changes may not directly impact you.

    Since you are not using this type of authentication, enabling this value should not cause issues in your environment. It is still recommended to monitor your systems after making such changes to ensure there are no unexpected behaviors.

    Have a nice day.

    Best Regards,

    Molly

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.