deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

fixed capitalization

Browse Source
This commit is contained in:
Paolo Matarazzo 2024-06-20 14:22:33 -04:00
parent 90f84e45af
commit ee977cd5ee
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/identity-protection/credential-guard/considerations-known-issues.md
View File

@ -130,7 +130,7 @@ Devices that use CredSSP-based Delegation might no longer be able to use [Live M
||Description|
|-|-|
| **Affected devices**|Any server with Credential Guard enabled might encounter this issue. Starting in Windows Server 2025 (preview), [Credential Guard is enabled by default](index.md#default-enablement-on-windows-server) on all domain-joined servers that aren't Domain Controllers. Default enablement of Credential Guard can be [preemptively blocked](configure.md#default-enablement) before upgrade.|
| **Affected devices**|Any server with Credential Guard enabled might encounter this issue. Starting in Windows Server 2025 (preview), [Credential Guard is enabled by default](index.md#default-enablement-on-windows-server) on all domain-joined servers that aren't domain controllers. Default enablement of Credential Guard can be [preemptively blocked](configure.md#default-enablement) before upgrade.|
| **Cause of the issue**|Live Migration with Hyper-V, and applications and services that rely on it, are affected by the issue if one or both ends of a given connection try to use CredSSP with Credential Guard enabled. With Credential Guard enabled, CredSSP can only utilize supplied credentials, not saved or SSO credentials. <br><br>If the source machine of a Live Migration uses CredSSP for delegation with Credential Guard enabled, the Live Migration fails. In most cases, Credential Guard's enablement state on the destination machine won't impact Live Migration. Live Migration also fails in cluster scenarios (for example, SCVMM), since any device might act as a source machine.|
| **Resolution**|Instead of CredSSP Delegation, [Kerberos Constrained Delegation and Resource-Based Kerberos Constrained Delegation](/windows-server/security/kerberos/kerberos-constrained-delegation-overview) are recommended. These forms of delegation provide greater credential protections, in addition to being compatible with Credential Guard. Administrators of Hyper-V can [configure these types of delegation](/windows-server/virtualization/hyper-v/deploy/set-up-hosts-for-live-migration-without-failover-clustering#BKMK_Step1) manually or with the help of automated scripts.|

2
windows/security/identity-protection/credential-guard/index.md
View File

@ -55,7 +55,7 @@ Devices running Windows Server 2025 (preview) or later have Credential Guard ena
- Meet the [hardware and software requirements](#system-requirements)
- Aren't [explicitly configured to disable Credential Guard](configure.md#default-enablement)
- Are joined to a domain
- Aren't a Domain Controller
- Aren't a domain controller
> [!IMPORTANT]
> For information about known issues related to default enablement, see [Credential Guard: known issues](considerations-known-issues.md#known-issues).