Security News > 2022 > October > Microsoft: Windows domain joins may fail after October updates
Microsoft says Windows domain join processes may fail with "0xaac" errors after applying this month's security updates.
The issue stems from hardening changes introduced when addressing the CVE-2022-38042 elevation of privilege vulnerability in the Active Directory Domain Services that would allow attackers to gain domain administrator privileges.
Because of these additional protections, domain join operations are intentionally prevented from re-using an existing computer account in the target domain.
Domain join operations will be blocked automatically after installing the October 2022 security updates on client computers due to additional security checks before re-using an existing computer account.
Microsoft explained that domain join processes might intentionally fail with "0xaac: NERR AccountReuseBlockedByPolicy" errors saying that "An account with the same name exists in Active Directory. Re-using the account was blocked by security policy."
"Affected scenarios include some domain join or re-imaging operations where a computer account was created or pre-staged by a different identity than the identity used to join or re-join the computer to the domain."
News URL
Related news
- Microsoft lifts Windows 11 24H2 block on PCs with USB scanners (source)
- Microsoft says Auto HDR causes game freezes on Windows 11 24H2 (source)
- Microsoft adds another problem to the Windows 11 24H2 naughty list (source)
- Microsoft may have scrapped Windows 11's dynamic wallpapers feature (source)
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
- Microsoft ends support for Office apps on Windows 10 in October (source)
- Microsoft expands testing of Windows 11 admin protection feature (source)
- Microsoft starts force upgrading Windows 11 22H2, 23H3 devices (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-11 | CVE-2022-38042 | Unspecified vulnerability in Microsoft products Active Directory Domain Services Elevation of Privilege Vulnerability | 7.1 |