Windows 11 22h2 Problem with Active directory after update

Sylv___ 66 Reputation points
2022-10-14T10:27:10.96+00:00

Hi,

After updating or installing a fresh Windows 11 22H2, the computer can't contact the active directory.
GPO seems to be not applied and it's impossible to reach any ressources on the network.

It seems that the user can't get a TGT from the domain controller.

When I do a klist it's empty.

With wireshark, I see at each attempt an "AS-REQ" but no "AS-REP".

> nltest /dclist:mydomain.local

Get list of DCs in domain 'mydomain.local' from '\\dc01.mydomain.local'.
Cannot DsBind to mydc.laz (\\dc01.mydomain.local).Status = 2148074320 0x80090350 SEC_E_DOWNGRADE_DETECTED.

> nltest /sc_query:mydomain.local

Flags: 30 HAS_IP HAS_TIMESERV Authentication Service: Netlogon
Trusted DC Name \\dc02.mydomain.local
Trusted DC Connection Status Status = 0 0x0 NERR_Success
The command completed successfully

When I try to reach an SMB share i have this message :

The sytem cannot contact a domain controller to service the authentication request. Please try again later

All the DCs are in Windows 2016.

I'm not sure where to look to fix this. I've looked everywhere but no answer.
Can you help me please?

Thank you.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,642 questions
Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
9,894 questions
{count} votes

Accepted answer
  1. nleva 126 Reputation points
    2022-11-14T15:54:01.437+00:00

    Is anyone here using Crowdstrike Falcon Identity protection? There was a post on reddit saying this Windows 11 22H2 authentication issue is caused by falcon identity.

    Release Notes | Falcon sensor for Windows 6.46.16012/6.47.16104 Hotfix  
    Fixed an issue with Falcon Identity Protection that blocked Kerberos authentications performed by hosts running Windows 11 version 22H2. This applies to all prior supported sensor versions.  
    
    3 people found this answer helpful.

17 additional answers

Sort by: Most helpful
  1. SPembo 6 Reputation points
    2022-11-09T17:41:58.297+00:00

    As I've been facing this myself and spent the day on it and there doesn't seem to be much information around.

    Would any of you be facing issue soely on sites with RODC, as adding the machine to the password replication policy of the RODC 'might' have resolved for me. Too early to confirm, but i appear to have one working this way. We've 3 sites and only facing it on the one, this the only one with the RODC as a factor.

    I'm also only so far facing it on machines on Win 11 22H2

    1 person found this answer helpful.

  2. Samy Abdellatif 6 Reputation points
    2022-11-15T09:15:50.547+00:00

    I faced the same problem, do not have crowdstrike !! I'm using simple NAS Synology Directory Server (Samba), just to control access on a file server, no group policy management, I faced this with two windows devices, was running well till the 22H2 update, I have tried removing the device from the domain, deleting it from the active directory computers, tried with same user, different users, it seems the device and DC are talking different languages now.

    hope someone come up with solution or workaround

    1 person found this answer helpful.

  3. Cameron 6 Reputation points
    2022-11-15T21:43:30.553+00:00

    This is pretty ridiculous. I've been having this issue since updating with 22H2. The only way I can access my account is by disconnecting my internet every time and logging in with saved cached passwords. How does Microsoft release a major update that majorly ruins a lot of peoples systems?

    I've tried accessing our AD and changing my password, but that has not solved anything other than a notification that says I need to lock and unlock to give windows my new password - but of course this doesn't work and I have to keep disconnecting my internet, logging in, then reconnecting.

    1 person found this answer helpful.

  4. JimmySalian-2011 42,156 Reputation points
    2022-10-14T11:11:35.777+00:00

    Hi,

    Do you have any local firewall or any AV that might be blocking the connections, please check the firewall policies and connectivity and also VPN software?

    Hope this helps.
    JS

    ==
    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.