Hello
We have encountered some issues with KB5016623. The is causing the server, Win 2019 server running IIS, to crash after 5 to 10 minutes and to be unable to use AAD App Proxy connections that are setup to use Windows Authentication on the backend via kerberos.
We have 2 different scenarios:
- A webserver some legacy windows auth based apps, alongside newer apps that use modern auth. The AAD app proxy connector in also installed on the webserver. The newer apps using modern auth are working fine, but the old windows auth apps are failing to authenticate. Errors are:
- Microsoft AAD Application Proxy Connector cannot retrieve a Kerberos ticket on behalf of the user because of the following general API error: The handle specified is invalid
(0x80090301)
After about 5-10 minutes, the server seems to crash with this error:
A critical system process, C:\WINDOWS\system32\lsass.exe, failed with status code c0000005.The machine must now be restarted.
The process wininit.exe has initiated the restart of computer <ServerName> on behalf of user for the following reason: No title for this reason could be found
Reason Code: 0x50006
Shut-down Type: restart
Comment: The system process 'C:\WINDOWS\system32\lsass.exe' terminated unexpectedly with status code -1073741819. The system will now shut down and restart.
- Another server, this one only with AAD app proxy that accesses a separate SSRS Web Server with the same issues as above.
In both examples, uninstalling KB5016623 has resolved the issue. We don't seem to be seeing any issues with other servers e.g. DCs at present. It mainly seems to be the combination of KB5016623 and AAD App Proxy with Kerberos back ends. Anyone else seeing any similar problems?
Thanks
Andy
