Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses.
This is the list of Identity-related updates and fixes we saw for April 2023:
Windows Server 2016
We observed the following update for Windows Server 2016:
KB5025228 April 11, 2023
The April 11, 2023, update for Windows Server 2016 (KB5025228), updating the OS build number to 14393.5850, is a monthly cumulative update and includes no Identity-related improvements.
Windows Server 2019
We observed the following updates for Windows Server 2019:
KB5025229 April 11, 2023
The April 11, 2023, update for Windows Server 2019 (KB5025229), updating the OS build number to 4252, is a monthly cumulative update and includes three Identity-related improvements:
- It includes the new Windows Local Administrator Password Solution (LAPS)
- It addresses an issue that affects Administrator Account Lockout policies. GPResult and Resultant Set of Policy (rsop.msc) did not report them
Windows Server 2022
We observed the following updates for Windows Server 2022:
KB5025230 April 11, 2023
The April 11, 2023, update for Windows Server 2022 (KB5025230), updating the OS build number to 20348.1668, is a monthly cumulative update and includes three Identity-related improvements:
- It includes the new Windows Local Administrator Password Solution (LAPS)
- It addresses an issue that affects the Key Distribution Center (KDC) service. When the service stops, signing in to all local Kerberos fails. The error is:
STATUS_NETLOGON_NOT_STARTED
- It addresses an issue that affects the Fast Identity Online 2.0 (FIDO2) PIN credential icon. It does not appear on the credentials screen of an external monitor
- It addresses an issue that affects domain controllers. They stop working. This occurs when they process Lightweight Directory Access Protocol (LDAP) requests
- It addresses an issue that affects Administrator Account Lockout policies. GPResult and Resultant Set of Policy (rsop.msc) did not report them
Login