Microsoft AD DS domain controllers, Microsoft AD CS CA servers, Microsoft AD FS servers and Microsoft Entra Connect servers are only used for their designed role and no other applications or services are installed, unless they are security related.
Topic
Microsoft Active Directory services
Applicable to
all
History
Sep 2024
Microsoft AD DS domain controllers, Microsoft AD CS CA servers, Microsoft AD FS servers and Microsoft Entra Connect servers are only used for their designed role and no other applications or services are installed, unless they are security related.
A new control was added recommending that Microsoft Active Directory Domain Services (AD DS) domain controllers, Microsoft Active Directory Certificate Services (AD CS) Certification Authority (CA) servers, Microsoft Active Directory Federation Services (AD FS) servers and Microsoft Entra Connect servers be only used for their designated role and no other applications or services are to be installed, unless they are security related.