Event banner

AD CS enhancements, innovations, and security

Event Ended
Tuesday, Apr 29, 2025, 11:30 AM PDT
Online

Event details

Explore the latest innovations in Active Directory Certificate Services (AD CS) as we delve into key areas such as CRL partitioning, the 4K extension limit, enhanced CA audit events, and ADCS security hardening techniques. Join us for an in-depth discussion on these topics and learn how to leverage them in your AD CS deployments.

Speakers: Tanya Jha, Thirunadha Reddy

 

This session is part of Windows Server Summit 2025. Have a question? Q&A is open throughout the week. Post your questions and feedback in the Comments below.

 

Pearl-Angeles
Updated Apr 29, 2025

12 Comments

Comments have been turned off for this event
  • Tanya_Jha's avatar
    Tanya_Jha
    Icon for Microsoft rankMicrosoft
    Apr 29, 2025

    Thanks for joining us for Windows Server Summit! If you have any feedback about AD, AD CS or about this session, please email ADFeedback@microsoft.com

    Here’s a list of all the links we discussed during today's session:

    1. Install the necessary Windows Updates to enable the 4K to 16K expansion: aka.ms/CertExtensionLimit
    2. All the CA audit events are documented here – aka.ms/MonitorPKI
    3. Securing Certificate Templates: Learn more at aka.ms/SecureCertTemplates
    4. Mitigating NTLM Relay Attacks on AD CS​: Apply mitigation steps published at aka.ms/KB5005413
    5. Strong Certificate Mappings:

    ​Thank you!

  • Tanya_Jha's avatar
    Tanya_Jha
    Icon for Microsoft rankMicrosoft
    Apr 29, 2025

    We are actively working on adding PQC support to ADCS. Please stay tuned to official Microsoft announcements for updates!

  • Heather_Poulsen's avatar
    Heather_Poulsen
    Icon for Community Manager rankCommunity Manager
    Apr 29, 2025

    Welcome to AD CS enhancements, innovations, and security and Windows Server Summit 2025! Have a question? Post it here in the Comments so we can help. Let’s make this an active Q&A!

    If you prefer, you can also watch it on LinkedIn: AD CS enhancements, innovations, and security | LinkedIn

    All of today's sessions will be available on demand immediately after airing. You'll see auto-generated captions during our live broadcasts, and we will update those with human-generated captions by the end of the week. Q&A will be live during the sessions, and we'll leave it open through the end of the week.

    • Tanya_Jha's avatar
      Tanya_Jha
      Icon for Microsoft rankMicrosoft
      Apr 29, 2025

      At this time, we haven’t evaluated that specifically, but I appreciate you raising it. I’ll make sure to capture this feedback and share it with my team for consideration!

    • PatrickI's avatar
      PatrickI
      Copper Contributor
      Apr 22, 2025

      Already available on GitHub (2 versions). for example, https://github.com/glatzert/ACME-Server-ADCS

      • CharlesFCPC's avatar
        CharlesFCPC
        Brass Contributor
        Apr 24, 2025

        Yes there are already custom tooled OSS solutions out on GitHub, but lots of enterprises would much rather have an in-box supported solution that gets installed with/along side ADCS.

  • poliveirasilva's avatar
    poliveirasilva
    Copper Contributor
    Apr 15, 2025

    Is there a timeline for AD CS to support Post Quantum Cryptography (PQC)? What AD CS roles will support PQC?

Date and Time
Apr 29, 202511:30 AM - 12:00 PM PDT