Windows 11 22h2 Problem with Active directory after update

Sylv___ 66 Reputation points
2022-10-14T10:27:10.96+00:00

Hi,

After updating or installing a fresh Windows 11 22H2, the computer can't contact the active directory.
GPO seems to be not applied and it's impossible to reach any ressources on the network.

It seems that the user can't get a TGT from the domain controller.

When I do a klist it's empty.

With wireshark, I see at each attempt an "AS-REQ" but no "AS-REP".

> nltest /dclist:mydomain.local

Get list of DCs in domain 'mydomain.local' from '\\dc01.mydomain.local'.
Cannot DsBind to mydc.laz (\\dc01.mydomain.local).Status = 2148074320 0x80090350 SEC_E_DOWNGRADE_DETECTED.

> nltest /sc_query:mydomain.local

Flags: 30 HAS_IP HAS_TIMESERV Authentication Service: Netlogon
Trusted DC Name \\dc02.mydomain.local
Trusted DC Connection Status Status = 0 0x0 NERR_Success
The command completed successfully

When I try to reach an SMB share i have this message :

The sytem cannot contact a domain controller to service the authentication request. Please try again later

All the DCs are in Windows 2016.

I'm not sure where to look to fix this. I've looked everywhere but no answer.
Can you help me please?

Thank you.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,642 questions
Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
9,894 questions
{count} votes

Accepted answer
  1. nleva 126 Reputation points
    2022-11-14T15:54:01.437+00:00

    Is anyone here using Crowdstrike Falcon Identity protection? There was a post on reddit saying this Windows 11 22H2 authentication issue is caused by falcon identity.

    Release Notes | Falcon sensor for Windows 6.46.16012/6.47.16104 Hotfix  
    Fixed an issue with Falcon Identity Protection that blocked Kerberos authentications performed by hosts running Windows 11 version 22H2. This applies to all prior supported sensor versions.  
    
    3 people found this answer helpful.

17 additional answers

Sort by: Most helpful
  1. Sylv___ 66 Reputation points
    2022-10-17T07:26:48.643+00:00

    Hi !!

    I've tried to disable the firewall but no luck.

    For you information, everything works with other versions of windows including Windows 11 21h2. I have only this problem with 22h2. I tried to reinstall 3 time and same result.

    The AV is not the problem also, I tried without it and same problem.

    I've looked and in the firewall part and I see that i'm connected to the Public profile which mean that the computer can't logon to the DC also.

    Result of the command : Test-Computersecurechannel

    True

    Thank you for your help.

    0 comments No comments

  2. Sylv___ 66 Reputation points
    2022-10-19T15:24:13.89+00:00

    No idea from anyone?

    0 comments No comments

  3. Mike 11 Reputation points
    2022-11-05T17:09:10.787+00:00

    Don't mean to get your hopes up as I have no solution. I'm experiencing the same issue and have seen this same issue in forums everywhere with no resolution. I'm just checking in to try and get someone to help us out.

    0 comments No comments

  4. Manos Georgoudakis 1 Reputation point
    2022-11-05T22:17:48.287+00:00

    I have the same problem using IPA Kerberos (Centos - based). It used to work fine, the moment I updated to 22H2, it started displaying Date / Time error between server and client (not true, clocks are in sync). I found out that when I changed the Kerberos protocols to the two upper ones and disabled the rest, the user indeed authenticated but never got to get past the Welcome screen. Please note that Windows 11 22H2 Global Policy Editor has separate KDC and Kerberos settings for which I didn;t manage to find any documentation.

    I guess we'll have to wait till more users have the same problem or MS acknowledges the problem.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.