Active Directory Windows 11

Windows 11 mandates TPM 2.0. This benefits AD by ensuring that BitLocker keys and virtual smart cards are stored in a hardware-protected environment. This mitigates the risk of credential theft (pass-the-hash attacks) which has historically plagued NTLM-authenticated AD environments.