This article applies to:
Provides information about setting up your Microsoft Active Directory domain and Active Directory Certificate Services (ADCS) to enable certificate enrollment including enroll on behalf of and auto-enrollment for user login on Windows systems using the YubiKey as a smart card. It also covers creation of a per device PIN Unlock Key (PUK) in the event a user forgets or incorrectly enters their PIN.
Date Published: March, 2018
Download: YubiKey Smart Card Deployment Guide