Microsoft confirms Kerberos authentication issues on Windows after receiving November updates

Microsoft confirms there are ongoing issues related to Kerberos authentication, a computer network security protocol authenticating service requests between two or more trusted hosts across an untrusted network, such as the internet. Microsoft said these Kerberos sign-in failures started after the November Patch Tuesday’s cumulative updates were released.

“After installing updates released on November 8, 2022 or later on Windows Servers with the Domain Controller role, you might have issues with Kerberos authentication. This issue might affect any Kerberos authentication in your environment,” explains Microsoft in a document. “When this issue is encountered you might receive a Microsoft-Windows-Kerberos-Key-Distribution-Center Event ID 14 error event in the System section of Event Log on your Domain Controller with the below text. Note: affected events will have “the missing key has an ID of 1.”

While processing an AS request for target service <service>, the account <account name> did not have a suitable key for generating a Kerberos ticket (the missing key has an ID of 1)

According to the Redmond company, the issue covers a wide variety of scenarios, including possible failure in domain user sign-in (might affect Active Directory Federation Services authentication), authentication failure of Group Managed Service Accounts for services like Internet Information Services, connection failure of Remote Desktop connections using domain users, access failure to shared folders on workstations and file shares on servers, and domain user authentication-related printing failure.

The problem affects a long list of platforms from both client and server releases. For clients, it includes Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1; and Windows 7 SP1. As for servers, the affected platforms are comprised of Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2.

On the other hand, Microsoft said that the issue does not affect Windows devices used at home by consumers or devices not part of an on-premises domain.

“This issue is not an expected part of the security hardening for Netlogon and Kerberos starting with November 2022 security update,” Microsoft adds. “We are working on a resolution and estimate a solution will be ready in the coming weeks. This known issue will be updated with more information when it is available.”

Original Article