IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Windows Server admins say latest Patch Tuesday broke authentication policies

Microsoft has issued a workaround for the certificate-mapping issue, but many have already rolled back the updates to avoid operational disruption

IT administrators are reporting authentication issues after installing the most recent May 2022 Patch Tuesday security updates, released this week.

Online discussions suggest that a number of businesses are experience issues, specifically those that installed the updates on Windows Servers that also serve the domain controller (DC) and Active Directory Certificate Services (ACDS) roles.

According to some admins, Network Policy Server (NPS) policies were reported to be failing, returning an error which read that ‘authentication failed due to a user credential mismatch. Either the user name provided does not map to an existing account or the password was incorrect’.

Others said their Windows Server, which was serving only the DC role, not the ACDS role too, experienced the same issues with failing NPS policies. Removing the KB5013941 update reportedly fixed the issue.

One individual reported that in their environment they run separate servers for DC and NPS, and came to the conclusion that the NPS servers may be patchable, but DC servers may need to have the update rolled back, after testing the updates on each.

“FYI we're aware of the NPS issue,” said Steve Syfuhs, senior software engineer focusing on cryptography, authentication, and identity at Microsoft. “It's not related to NPS specifically but rather with how we're distinguishing between different kinds of names in the certificates. Only a subset of folks are affected by this.”

Syfuhs addressed users in a separate Twitter discussion and confirmed that Microsoft is looking into the issues that are being reported by numerous IT admins.

“After installing updates released May 10, 2022 on your domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP),” Microsoft said in an issues document. “An issue has been found related to how the mapping of certificates to machine accounts is being handled by the domain controller.”

The issues currently experienced by Windows Server administrators are due to the way in which Microsoft fixed two ‘high severity’ privilege escalation vulnerabilities, tracked as CVE-2022-26931 and CVE-2022-26923, in Tuesday's round of monthly security fixes.

Online discussions in the early hours after the security patches were released appeared to show users were able to apply the updates without issues, only for Windows Server issues to emerge later.

Related Resource

Securing endpoints amid new threats

Ensuring employees have the flexibility and security to work remotely

Whitepaper cover with image of female employee working at home on laptopFree Download

Earlier this year, many Windows Server administrators collectively agreed to forgo the security patches issued by Microsoft, citing numerous issues that led to operational disruption so severe that they thought they were better left unprotected from the security patches than to update and apply workarounds.

Microsoft has issued a recommended mitigation for admins who want a workaround to the issue with the certificates but do not want to roll back the latest update as others already have done, leaving themselves unprotected.

The workaround involves manually mapping certificates to a machine account in Active Directory, Microsoft said. If the recommended mitigation does not work, admins are encouraged to examine the related support document for other potential methods to resolve the issues they are experiencing.

Featured Resources

2023 Strategic roadmap for data security platform convergence

Capitalise on your data and share it securely using consolidated platforms

Free Download

The 3D trends report

Presenting one of the most exciting frontiers in visual culture

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

Leverage automated APM to accelerate CI/CD and boost application performance

Constant change to meet fast-evolving application functionality

Free Download

Recommended

Microsoft Azure spending notifications unavailable until March
Cloud

Microsoft Azure spending notifications unavailable until March

2 Feb 2023
Hackers target business cloud environments by abusing Microsoft’s ‘verified publisher’ status
Security

Hackers target business cloud environments by abusing Microsoft’s ‘verified publisher’ status

1 Feb 2023
Google to cut global workforce by 12,000 roles
Careers & training

Google to cut global workforce by 12,000 roles

20 Jan 2023
Windows 11 System Restore bug preventing users from accessing apps
Microsoft Windows

Windows 11 System Restore bug preventing users from accessing apps

19 Jan 2023

Most Popular

Warning issued over ransomware attacks targeting VMware ESXi servers globally
cyber attacks

Warning issued over ransomware attacks targeting VMware ESXi servers globally

6 Feb 2023
Yandex data breach reveals source code littered with racist language
data breaches

Yandex data breach reveals source code littered with racist language

30 Jan 2023
BT Group extends Kyndryl deal to migrate legacy mainframe apps to the cloud
Business strategy

BT Group extends Kyndryl deal to migrate legacy mainframe apps to the cloud

31 Jan 2023