Windows validating identity parenting advice to adults who have teenagers of dating age
To learn more about Azure AD Connect, read Integrate your on-premises directories with Azure Active Directory.
If you upgraded your Active Directory schema to the Windows Server 2016 schema after installing Azure AD Connect, run Azure AD Connect and run Refresh directory schema from the list of tasks.
The preceding domain controller certificate shows a CRL distribution path (CDP) using Active Directory.
You can determine this because the value in the URL begins with ldap.
The easiest solution is to publish the CRL distribution point on a web server that uses HTTP (not HTTPS).
If your CRL distribution point does not list an HTTP distribution point, then you need to reconfigure the issuing certificate authority to include an HTTP CRL distribution point, preferably first in the list of distribution points.
, specify a default verification method and choose which method should be used to verify signatures; this default method or the method specified in the document.
If the distribution point changes, then previously issued certificates must be reissued for the certificate authority to include the new CRL distribution point.
Unlike hybrid Azure AD joined devices, Azure AD joined devices do not have a relationship with your Active Directory domain.
This factor changes the way in which users authenticate to Active Directory.
This becomes a circular problem as the user is attempting to authenticate, but must read Active Directory to complete the authentication, but the user cannot read Active Directory because they have not authenticated.
To resolve this issue, the CRL distribution point must be a location that is accessible by Azure Active Directory joined devices that does not require authentication.
For more information about device registration, read Introduction to device management in Azure Active Directory.