[German]It seems, that the January 2022 security updates like KB5009557 bricks Active Directory Federation Services ADFS-Farm-Servers. I receive a report, where update KB5009557 breaks LDAP queries to domain controllers from a ADFS Farm Server. Here are a few details about that issue.
Advertising
I received the following comment within my German blog, regarding update KB5009557. Blog reader Phil wrote:
ADFS problem
Hello all.
I have the following problem after installing KB5009557 on an ADFS farm server.
The ADFS farm server could no longer make LDAP queries to a DC in another forest (one-way trust).
EventID 325
Microsoft.IdentityServer.Service.IssuancePipeline.CallerAuthorizationException: MSIS5007: The caller authorization failed for caller identity Domain\User for relying party trust example.com. -> Microsoft.IdentityServer.ClaimsPolicy.Language.PolicyEvaluationException: POLICY0018: Query 'SAMAccountName={0};Attribute_X' to attribute store 'examle.local' failed: 'The supplied credential is invalid.After uninstalling the patch, it worked again.
The patch was not installed on any DC, only on an ADFS farm server.
Perhaps it's helpful for administrators affected by the same issue.
Similar articles:
Windows Server: Out-of-Band Update fixes Remote Desktop issues (2022/01/04)
Microsoft Office Updates (January 4, 2022)
Microsoft Security Update Summary (January 11, 2022)
Patchday: Windows 8.1/Server 2012 R2 Updates (January 11, 2022), boot loop reported
Patchday: Windows 10 Updates (January 11, 2022)
Patchday: Windows 11 Updates (January 11, 2022)
Patchday: Updates for Windows 7/Server 2008 R2 (January 11, 2022)
Windows Server: January 2022 security updates are causing DC boot loop
Windows VPN connections (L2TP over IPSEC) broken after January 2022 update
Windows Server 2012/R2: January 2022 Update KB5009586 bricks Hyper-V Host
Microsoft patch day issues Jan. 2022: bugs confirmed, but updates not pulled
Microsoft Microsoft Januar 2022 Patchday Revisions (2022/01/14)
Windows Out-of-band Updates fixes Jan. 2022 patch day issues (Jan. 17, 2022)
Windows 10/Server: Out-of-band Updates fixes Jan. 2022 patch day issues (Jan. 17, 2022)
Out-of-band Updates for Windows Server 2019 fixes Jan. 2022 Patch day issues (Jan. 18, 2022)
Windows 7/8.1; Server 2008R2/2012R2: Out-of-band Updates with Fixes for Jan. 2022 Patch day Issues (2022/01/17)
Advertising
Review: Fix for Windows IPSec VPN Connection Issues
Out-of-Band Updates for Windows (Jan. 17/18, 2022) doesn't fixes ReFS Issues complete
Review: Fix for Hyper-V Host Startup Problem in Windows (January 2022)
Advertising
fixed possibly with newly released KB5009616 update for Server 2019
nope it does not fix the issue even after installed the OOB KB5010791 and KB5009616