Hi All,
In light of Microsoft security updates KB5014754: Certificate-based authentication changes on Windows domain controllers and the 2/12/2025 KB5051979 which toggled Full Enforcement Mode as promised for February 2025 (which you can temporarily delay until September 2025):
What is Jamf's best practice guidance for implementation of Jamf SCEP Proxy? SCEP requests issued using the proxy supply RFC822 name in SCEP request and utilize a certificate template that allows that - but the resulting certificate does not have the necessary SID to work with the new Microsoft security posture outlined in the the security updates.
Any thoughts or guidance from anyone? Thanks!
