Skip to content

Commit 53c7679

Browse files
b-ahibbardb-ahibbard
committed
revise netlogon faq
1 parent 7d7f619 commit 53c7679

File tree

2 files changed

+5
-5
lines changed

2 files changed

+5
-5
lines changed

articles/azure-netapp-files/faq-smb.md

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -34,11 +34,13 @@ If you're using Azure NetApp Files with Azure Active Directory Domain Services,
3434

3535
## How do the Netlogon protocol changes in the April 2023 Azure Update affect Azure NetApp Files?
3636

37-
The Azure April 2023 update will begin enforcing a `RequireSeal:2` for Netlogon Secure Channel beginning April 11, 2023. When Azure Netapp Files tenancies attempt to pass NTLM authentication information over Netlogon, the patched domain controller will return a message of Access Denied.
37+
The Azure April 2023 update includes initial enforcement for Netlogon protocol changes, removing the ability to disable RPC sealing by setting value 0 to the `RequireSeal` registry subkey.
38+
39+
You should not modify the `RequireSeal` value to 2 at this time. Azure NetApp Files will support modifying the `RequireSeal` to 2 in 2023. The change will occur by default with the June 2023 Azure update.
3840

3941
This update exposes vulnerability [CVE-2022-38023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38023) concerning Sealing for Netlogon Secure Channel and impacts Azure NetApp Files.
4042

41-
For a workaround, after applying the April 2023 update, set the `RequireSeal` value to 1. For more information, see [KB5021130: How to manage the Netlogon protocol changes related to CVE-2022-38023](https://support.microsoft.com/en-us/topic/kb5021130-how-to-manage-the-netlogon-protocol-changes-related-to-cve-2022-38023-46ea3067-3989-4d40-963c-680fd9e8ee25#timing5021130).
43+
For more information, see [KB5021130: How to manage the Netlogon protocol changes related to CVE-2022-38023](https://support.microsoft.com/en-us/topic/kb5021130-how-to-manage-the-netlogon-protocol-changes-related-to-cve-2022-38023-46ea3067-3989-4d40-963c-680fd9e8ee25#timing5021130).
4244

4345
## What versions of Windows Server Active Directory are supported?
4446

articles/azure-netapp-files/includes/netlogon-april-2023.md

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,4 @@ ms.custom: include file
1414
---
1515

1616
>[!IMPORTANT]
17-
>The April 2023 Azure Update includes an update to Netlogon Secure Channel that will affect Active Directory configurations in Azure NetApp Files.
18-
>
19-
>For a workaround, see [How do the Netlogon protocol changes in the April 2023 Azure Update affect Azure NetApp Files?](../faq-smb.md#how-do-the-netlogon-protocol-changes-in-the-april-2023-azure-update-affect-azure-netapp-files)
17+
>The April 2023 Azure Update includes an update to Netlogon Secure Channel. For more information about this update, see [How do the Netlogon protocol changes in the April 2023 Azure Update affect Azure NetApp Files?](../faq-smb.md#how-do-the-netlogon-protocol-changes-in-the-april-2023-azure-update-affect-azure-netapp-files)

0 commit comments

Comments
 (0)