MX84 'Unable to connect to Domain Controller' after Windows Server 6/2022 Updates

Phil-BHC
Comes here often

MX84 'Unable to connect to Domain Controller' after Windows Server 6/2022 Updates

Hello Meraki Community, has anyone experienced an MX device that failed to connect to the domain controllers after the June 2022 Windows Updates were installed on the Windows Server 2012R2 servers? If so, please share how to resolve the issue.

 

Windows updates were installed this morning on our Windows Server 2012R2 domain controllers and now the Meraki MX84 event log is reporting 'Unable to connect to Domain Controller'.

 

The MX device has been successfully connecting to the domain controllers and prior to the Windows update this morning the event log routinely reported 'Connected to Domain Controller' with the appropriate username and servers.

 

The Windows update completed at 6:25am and the the event log began reporting 'Unable to connect to Domain Controller' at 6:27am.

 

The only known change was the installation of the June 2022 Windows Updates on the Windows Server 2012R2 servers configured as domain controllers.

 

Any information on resolving this issue will be greatly appreciated. Thanks.

3 REPLIES 3
BHC_RESORTS
Head in the Cloud

Yes, we are seeing this as well, but only at a single site. DC is Server 2019 (others are a mix of 2019/2016). You can run this PS cmdlet on your DC to see if it is DCOM hardening causing the issue:

 

Invoke-Command {Get-EventLog -LogName System -Source DCOM | Where-Object {$_.EventID -match "10036|10037|10038"} | Group-Object -Property EventID -NoElement | Sort-Object -Property Count -Descending} -ComputerName your-dc-here
 
If you look in your system event log on a DC, you'll probably see a similar log to this:
 
The server-side authentication level policy does not allow the user domain\merakiaduser SID (redacted) from address 10.0.0.18 to activate DCOM server. Please raise the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application.
 
It's a minor annoyance so we haven't looked in to it further yet.
BHC Resorts IT Department
NH
Comes here often

Hello Phil,

Yes, We have the same issue with the error stating the unable to connect to the domain controller. I checked all event logs and it started on March 14, 2022.

 

Did you find any workaround to get that fixed? If you can share here that would be much appreciated.

BHC_RESORTS
Head in the Cloud

We haven't found a workaround yet but to be honest we've been pretty busy and haven't really looked. It will likely require a patch/change from Meraki. Their AD authentication method is dated anyways, and we brought it up years ago. So....

BHC Resorts IT Department
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels