deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-22 13:53:39 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Updated the Domain Controller requirements:

Browse Source 
added minimum hash, and public key.
This commit is contained in:
Steven Hosking
2020-09-08 11:01:27 +10:00
parent 7ef8e9ff45
commit 7ba3548021
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md
View File

@ -80,6 +80,8 @@ Windows Hello for Business enforces the strict KDC validation security feature,
- Use the **Kerberos Authentication certificate template** instead of any other older template. - Use the **Kerberos Authentication certificate template** instead of any other older template.
- The domain controller's certificate has the **KDC Authentication** enhanced key usage. - The domain controller's certificate has the **KDC Authentication** enhanced key usage.
- The domain controller's certificate's subject alternate name has a DNS Name that matches the name of the domain. - The domain controller's certificate's subject alternate name has a DNS Name that matches the name of the domain.
- The domain controller's certificate's signature hash algorithm is **sha256**.
- The domain controller's certificate's public key is **RSA (2048 Bits)**.
> [!Tip] > [!Tip]