Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses.
This is the list of Identity-related updates and fixes we saw for September 2023:
Windows Server 2016
We observed the following update for Windows Server 2016:
KB5030213 September 12, 2023
The September 12, 2023, update for Windows Server 2016 (KB5030213), updating the OS build number to 14393.6252, is a monthly cumulative update and includes three Identity-related improvements:
- This update addresses an issue that affects remote procedure calls (RPC) to the Win32_User or Win32_Group WMI class. The domain member that runs the RPC contacts the primary domain controller (PDC). When multiple RPCs occur at the same time on many domain members, this might overwhelm the PDC.
- This update addresses an issue that affects the LanmanServer service. It stops working in clusters that do not have an Administrative Access Point. These are also known as AD-Detached Clusters. They are recommended for Microsoft Exchange on some versions of Windows.
- This update addresses an issue that affects authentication. Using a smart card to join or rejoin a computer to an Active Directory domain might fail. This occurs after you install Windows updates dated October 2022 or later.
Windows Server 2019
We observed the following update for Windows Server 2019:
KB5030214 September 12, 2023
The September 12, 2023, update for Windows Server 2019 (KB5030214), updating the OS build number to 17763.4851, is a monthly cumulative update and includes five Identity-related improvements:
- This update addresses an issue that affects the Resultant Set of Policy (RSOP). The Windows LAPS BackupDirectory policy setting was not being reported. This occurs when the setting is set to 1, which is “Back up to AAD.”
- This update addresses an issue that affects scheduled tasks. The tasks fail when they use stored local user account credentials. This occurs when you enable Credential Guard. The error message is:
2147943726: ERROR_LOGON_FAILURE
- This update addresses an issue that affects those who use Windows Update for Business. After you are asked to change your password at sign in, the change operation fails. Then you cannot sign in. The error code is:
0xc000006d
- This update addresses an issue that affects the Group Policy Service. It will not wait for 30 seconds, which is the default wait time, for the network to be available. Because of this, policies are not correctly processed.
- This update addresses an issue that affects authentication. Using a smart card to join or rejoin a computer to an Active Directory domain might fail. This occurs after you install Windows updates dated dated October 2022 or later.
Windows Server 2022
We observed the following update for Windows Server 2022:
KB5030216 September 12, 2023
The September 12, 2023, update for Windows Server 2022 (KB5030216), updating the OS build number to 20348.1970, is a monthly cumulative update and includes two Identity-related improvements:
- This update addresses an issue that affects the Resultant Set of Policy (RSOP). The Windows LAPS BackupDirectory policy setting was not being reported. This occurs when the setting is set to 1, which is “Back up to AAD.”
- This update addresses an issue that affects scheduled tasks. The tasks fail when they use stored local user account credentials. This occurs when you enable Credential Guard. The error message is:
2147943726: ERROR_LOGON_FAILURE
- This update addresses an issue that affects those who use Windows Update for Business. After you are asked to change your password at sign in, the change operation fails. Then you cannot sign in. The error code is:
0xc000006d
- This update addresses an issue that affects the Local Security Authority Subsystem Service (LSASS) process. It might stop responding. Because of this, the machine restarts. The error is:
0xc0000005 (STATUS_ACCESS_VIOLATION)
- This update addresses an issue that affects the Group Policy Service. It will not wait for 30 seconds, which is the default wait time, for the network to be available. Because of this, policies are not correctly processed.
- This update addresses an issue that affects authentication. Using a smart card to join or rejoin a computer to an Active Directory domain might fail. This occurs after you install Windows updates dated dated October 2022 or later.
Login