@GeirF
I have removed the RunAaPPL key from some standby servers (we deploy the key as standard practice) and provisionally I think things are working. My production servers are still running without KB5016623 and I can’t risk the instability at the moment as I work in education and the next few days are the most important of the year.
However, to test, I have routed a few non essential web sites through backup servers running AAD proxy and the latest server patch (Aug 23rd - KB5016690) with RunAaPPL key removed and both Windows Auth and Modern Auth websites are working as expected. So, I feel confident that this might be the answer.
I found that servers crashed more quickly when the server was under load, so will need to see what the nest few days brings. If my fully patched servers last until Monday without crashing & rebooting, I’ll update the production servers again.
Fingers crossed
