credential roaming

About this tag
Credential roaming is a Windows feature that allows Active Directory Domain Services to roam user certificates and private keys across domain-joined machines. However, it has been associated with security vulnerabilities and performance issues. A notable vulnerability, CVE-2022-30170, affects the Windows Credential Roaming Service on Windows Server 2022, 23H2 Edition, enabling elevation of privilege. Microsoft recommends patching to mitigate this risk. Additionally, enabling credential roaming can cause the AD DS database to grow significantly, leading to LDAP query delays and replication problems. Discussions on WindowsForum cover these security concerns and the operational impact of credential roaming in enterprise environments.
  1. CVE-2022-30170: Elevation of Privilege Vulnerability in Windows Server 2022

    The recent disclosure of CVE‑2022‑30170—a vulnerability in the Windows Credential Roaming Service that enables elevation of privilege—has sent ripples throughout the Windows community. The flaw, which can be exploited to escalate user rights, now specifically affects Windows Server 2022, 23H2...
  2. Roaming User Names and Password using Credential Roaming

    Credential Roaming allows organizations to use Active Directory Domain Services (AD DS) to roam a user’s certificates and private keys to any machine the user logs onto with their domain account. For more information about this feature visit... Link Removed
  3. AD DS database size increases significantly when the Credential Roaming feature is enabled in Window

    Fixes an issue in which AD DS database size increases significantly after you enable the Credential Roaming feature in a domain. Additionally, you may experience issues such as LDAP query delays and replication delays. More...