Update Workflows/Windows/Windows Server/Roles/Active Directory Certificate Services/Deployment.md

Workflows/Windows/Windows Server/Roles/Active Directory Certificate Services/Deployment.md

@@ -11,12 +11,13 @@ This document outlines the Microsoft-recommended best practices for deploying a
     - You should give it at least 4GB of RAM.  
     - [Change the edition of Windows Server from "**Evaluation**" to "**Standard**" via DISM](https://docs.bunny-lab.io/Workflows/Windows/Change%20Windows%20Edition/) 
     - Ensure the server is fully updated  
-    - Ensure the server is activated
+    - [Ensure the server is activated](https://docs.bunny-lab.io/Workflows/Windows/Change%20Windows%20Edition/#force-activation-edition-switcher)
     - Ensure the timezone is correctly configured
     - Ensure the hostname is correctly configured
 
-### Offline Root CA `LAB-CA-01` Setup
-- Provision the non-domain-joined Windows Server
+### Offline Root CA `LAB-CA-01` Role Deployment
+- Provision a **non-domain-joined** Windows Server
+    - This is critical that this device is not domain-joined for security purposes
 - Navigate to "**Server Manager > Manage > Add Roles and Features**"
     - Check "**Active Directory Certificate Services**"
         - When prompted to confirm, click the "**Add Features**" button
@@ -31,7 +32,11 @@ This document outlines the Microsoft-recommended best practices for deploying a
             - When prompted to confirm multiple times, click the "**Add Features**" button
             - Ensure the "**Include management tools (if applicable)**" checkbox is checked.
     - Click "**Next**" > "**Next**" > "**Next**" > "**Install**"
+    - Restart the Server
 
+### Offline Root CA `LAB-CA-01` Role Configuration
+- Navigate to "**Server Manager > (Alert Flag) > Post-deployment Configuration: Active Directory Certificate Services**"
+    - 
 
 !!! warning "Raw Unprocessed Documentation - Do Not Use"
     Install AD CS role as a Standalone Root CA.