@Eli Ofek The issue is fixed, but that is no way thanks to Microsoft support. That was a complete waste of time. Really looking forward to fill out the customer survey.
Anyway, it looks like we were yet another victim of the Windows Secure Time Seeding. The puzzle pieces are falling into place. The timeline is roughly like this:
1. At 5DEC2023 at 4:57 AM the time jumps to 12MAY2024-4:48 AM, logs show that W32time service did that.
2. About 6 minutes later W32time server corrects the time back to 5DEC2023 5:03 AM
3. When people come to work in the morning a lot of people cannot login with their Windows Hello PIN number.
4. Group manage service account for Windows Defender for Identity stops working
5. Audit trails on SQL production database has the wrong date
And I am pretty sure that there is a lot more to be uncovered. This will take many weeks to discover and document what went wrong.
Microsoft has made many bad products and features over the years, but Windows STS got to be on the top 5 list.
So my recommendation is to disable Windows STS ASAP.
