Microsoft Issues Hotfix for Windows Server 2003 Migration Problem

Microsoft issued a hotfix late last month for a log-in problem that has affected some organizations moving from Windows Server 2003 to Windows Server 2012 R2.

The hotfix, available here, addresses a problem that occurs because of an encryption protocol mismatch between the two servers. Windows Server 2012 R2 and Windows Server 2003 have domain controllers that use different Kerberos encryption standards. Those two standards -- AES and DES, respectively -- don't play well together, which can become apparent during server migrations.

Organizations with this problem typically find that their end users can't log into the system. They get an error messaging indicating "unknown username or bad password."

Microsoft gave notice that a hotfix was coming back in late July, although it only offered workaroundsat the time. This new hotfix for Windows Server 2012 R2 is only intended for organizations that have experienced this log-in problem and are "severely affected," according to Microsoft's support article. Applying the hotfix may entail system restarts to take effect.

Back in July, Microsoft had indicated that it had received "quite a few calls" about the problem. It's possible that the end of Windows Server 2003's product support lifecycle is prompting organizations to make the move from the near 10-year-old server.

Windows Server 2003 will fall out of "extended support" on July 14, 2015. After that date, the server operating system will be considered "unsupported" by Microsoft. No more security patches will arrive, leaving the server subject to attacks that won't get patched unless an organization has a "custom support" agreement set up with Microsoft.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.


  • Vendors Issue Patches for Linux Container Runtime Flaw Enabling Host Attacks

    This week, the National Institute of Standards and Technology (NIST) described a high-risk security vulnerability (CVE-2019-5736) for organizations using containers that could lead to compromised host systems.

  • Windows 10 Version 1809 Users May Get Visual Studio Crashes

    Microsoft on Friday issued an advisory for Windows 10 version 1809 users about possible Visual Studio crashes.

  • Standardizing the Look of Outlook's Outbound Messages

    Microsoft typically gives users a blank canvas to compose new e-mails in Outlook. In some corporate environments, however, a blank canvas isn't a good thing.

  • Windows 10 'Semiannual Channel Targeted' Goes Away This Spring

    Microsoft plans to slightly alter its Windows servicing lingo and management behavior with its next Windows 10 operating system feature update release, coming this spring.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.