Share via

I am trying to find the update patch file for KB5014754, but i can't find it even in windows update catalog

Anonymous
2024-08-08T14:09:36+00:00

Do you know what is the patch that superseded KB5014754? if we can't find the patches

is it we need to do the 2 steps then will be ok?

  1. Set the time range that a certificate can predate an account to 10 years. CISA recommends this value to ensure complete coverage of active certificates. Agencies may also determine their own value (PIV/CAC certificates are valid for three years).
Registry Subkey HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Kdc
Value CertificateBackdatingCompensation
Data Type REG_DWORD
Data 0x12CC0300

2.Set the enforcement mode to 1 (Compatibility). This is the default value after installation. If enforcement is set to 2 (Full Enforcement), all authentication events without SID or strong mappings will fail.

Registry Subkey HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Kdc
Value StrongCertificateBindingEnforcement
Data Type REG_DWORD
Data 1

Regards

Vince

Windows for business | Windows Server | Directory services | Certificates and public key infrastructure (PKI)

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2024-08-09T06:29:37+00:00

    Hi Vince ng1,

    Thank you for posting in the Microsoft Community Forums.

    KB5014754: Certificate-based authentication changes on Windows domain controllers - Microsoft Support

    Best regards

    Neuvi

    0 comments
  2. Anonymous
    2024-08-09T12:25:05+00:00

    Hi Neuvi

    This is not the one i wanted, i wanted the executable file for KB5014754

    Regards

    HanSeng

    1 person found this answer helpful.
    0 comments