Microsoft Confirms May 2022 Patch Tuesday Updates Cause AD Authentication Issues

Windows Server 1 Hero Approved

Microsoft has acknowledged a new issue that causes authentication failures on the server or client machines for some Windows services. The company has confirmed on the Windows Health Dashboard that it’s actively investigating the bug, and a permanent fix would be available in the upcoming release.

The first bug reports started to surface earlier this week, with several Windows Admins reporting that some Network Policy Server (NPS) policies failed to work after installing the May 2022 Patch Tuesday Updates. NPS policies allow IT Pros to create org-wide network access policies for connection request authentication.

The Reddit reports suggest that the authentication fails with the following error message: “Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing account or the password was incorrect.”

Microsoft confirmed that this issue affects Windows Servers machines used as domain controllers. However, it doesn’t impact non-domain controller Windows Servers and client Windows devices.

“After installing updates released May 10, 2022 on your domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). An issue has been found related to how the mapping of certificates to machine accounts is being handled by the domain controller,” the company explained on the Windows Health Dashboard.

Microsoft provides a workaround to fix AD authentication issues

Microsoft has also provided a few workarounds to help IT Admins fix this issue. The company recommends customers to manually map certificates to a machine account in Azure Active Directory. Microsoft has also provided additional mitigations for environments where the aforementioned workaround doesn’t resolve the issue, and you can find more details in the SChannel registry key section of this support page.

Did you encounter any issues after installing the May 2022 Patch Tuesday Updates on your Windows Server devices? Let us know in the comments section below.