Windows Server 2016: AD problems after updates KB5034862 and KB5034767 (Feb. 2024)

Windows[German]Quick question for the readership: Has anyone experienced problems after installing the February 2024 updates KB5034767 (Cumulative Security Update) and KB5034862 (Servicing Stack Update) for Windows Server 2016? I have received a reader message that there are problems with Azure AD.


Advertising

February 2024 updates Windows Server 2016

I also briefly mentioned the cumulative security update KB5034767 in the blog post Patchday: Windows 10 Updates (February 13, 2024) on February 2024 Patchday. The update is only available for Windows 10 2016 Enterprise LTSC and Windows Server 2016. The update addresses security issues and other problems. Specifically, Microsoft writes the following:

  • This update affects UEFI (Unified Extensible Firmware Interface) Secure Boot systems. A renewed signature certificate will be added to the secure boot database variable. You can opt-in to this change now. For more information, see KB5036210.
  • This update fixes a problem that affects the downloading of device metadata. Downloads from Windows Metadata and Internet Services (WMIS) via HTTPS are now more secure.

At the same time, the latest SSU (KB5034862) has been released. The standalone package for the latest SSU can also be found in the Microsoft update catalog. Microsoft is not aware of any problems with the update.

Reader report on an AD problem

On March 7, 2024, blog reader Marco. R. contacted me by email in the late afternoon. He runs a Windows Server 2016 on which the above updates from February 13, 2024 were installed. Marco wrote to tell me that he is currently experiencing a problem. For about 2 days, the log file (in the Event Viewer) has been full of the following errors on some servers.

This Device is joined to Azure AD, however, the user did not sign-in with an Azure AD account. Microsoft Passport provisioning will not be enabled. User: S-1-5-18.

Errorlog

Marco comments: Unfortunately, I have not yet been able to find what triggers this message, as servers that have nothing to do with Azure at all are also affected. Even a standalone server without a domain or AD connection throws the error. When asked if I knew anything about this, I had to answer in the negative. There is this support article from Microsoft – but I'm not sure if it helps.


Advertising


Advertising

This entry was posted in issue, Update, Windows and tagged , , . Bookmark the permalink.

One Response to Windows Server 2016: AD problems after updates KB5034862 and KB5034767 (Feb. 2024)

  1. GM says:

    Have hit the same KB5034862 on 5 2016 servers hitting the same issue as the reader-report. Struggle to uninstall this update now… any further hints on the cause and uninstall would be great.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).