Security News > 2022 > October > Microsoft: Windows domain joins may fail after October updates
Microsoft says Windows domain join processes may fail with "0xaac" errors after applying this month's security updates.
The issue stems from hardening changes introduced when addressing the CVE-2022-38042 elevation of privilege vulnerability in the Active Directory Domain Services that would allow attackers to gain domain administrator privileges.
Because of these additional protections, domain join operations are intentionally prevented from re-using an existing computer account in the target domain.
Domain join operations will be blocked automatically after installing the October 2022 security updates on client computers due to additional security checks before re-using an existing computer account.
Microsoft explained that domain join processes might intentionally fail with "0xaac: NERR AccountReuseBlockedByPolicy" errors saying that "An account with the same name exists in Active Directory. Re-using the account was blocked by security policy."
"Affected scenarios include some domain join or re-imaging operations where a computer account was created or pre-staged by a different identity than the identity used to join or re-join the computer to the domain."
News URL
Related news
- Microsoft fixes Remote Desktop issues caused by Windows updates (source)
- Microsoft's killing script used to avoid Microsoft Account in Windows 11 (source)
- Microsoft tests new Windows 11 tool to remotely fix boot crashes (source)
- New Windows 11 trick lets you bypass Microsoft Account requirement (source)
- Microsoft adds hotpatching support to Windows 11 Enterprise (source)
- Microsoft starts testing Windows 11 taskbar icon scaling (source)
- Windows 11 Forces Microsoft Account Sign In & Removes Bypass Trick Option (source)
- Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-11 | CVE-2022-38042 | Unspecified vulnerability in Microsoft products Active Directory Domain Services Elevation of Privilege Vulnerability | 7.1 |