|
Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems. |
-
Server 2016: Is the sysvol sync bug in July showing up in August?
From @njmalm1:
Has anyone else experienced their GPOs not syncing permissions after applying KB4338814 to Server 2016?
We were getting the ACL error
“The sysvol permissions for one or more GPOs on this domain controller are not in sync with the permissions for the GPOs on the baseline domain”.
Went through an Non-authoritative SYSVOL restore, demoting and promoting a domain controller, and finally uninstalled patch KB4338814 to resolve the issue.
This problem existed on our test domain (two DCs 2012 and 2016) and our production (three DCs 1-2012 and 2-2016) The ACL sync issues only happened on one of the production 2016 DCs which was strange. Once we removed the patch we had to go to any GPOs still showing ACL errors and restore the delegation permissions to defaults in order for it to start syncing.
I have blocked patch KB4338814 from July in WSUS but the issue is now happening again in our test Active Directory after applying the August cumulative updates. I’d love to know if anyone else is seeing this issue and if Microsoft has reported it as a problem.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Steps to take before updating to 24H2
by 1 hour, 41 minutes ago
-
Which Web browser is the most secure for 2025?
by 2 hours, 4 minutes ago
-
Replacing Skype
by 55 seconds ago
-
FileOptimizer — Over 90 tools working together to squish your files
by 1 hour, 31 minutes ago
-
Excel Macro — ask for filename to be saved
by 10 hours, 20 minutes ago
-
Trying to backup Win 10 computer to iCloud
by 1 day, 7 hours ago
-
Windows 11 Insider Preview build 26200.5570 released to DEV
by 1 day, 21 hours ago
-
Windows 11 Insider Preview build 26120.3941 (24H2) released to BETA
by 1 day, 23 hours ago
-
Windows 11 Insider Preview Build 22635.5305 (23H2) released to BETA
by 1 day, 23 hours ago
-
No April cumulative update for Win 11 23H2?
by 11 hours, 1 minute ago
-
AugLoop.All (TEST Augmentation Loop MSIT)
by 1 day, 23 hours ago
-
Boot Sequence for Dell Optiplex 7070 Tower
by 2 days, 14 hours ago
-
OTT Upgrade Windows 11 to 24H2 on Unsupported Hardware
by 2 days, 18 hours ago
-
Inetpub can be tricked
by 1 day, 1 hour ago
-
How merge Outlook 2016 .pst file w/into newly created Outlook 2024 install .pst?
by 1 day, 12 hours ago
-
FBI 2024 Internet Crime Report
by 2 days, 21 hours ago
-
Perplexity CEO says its browser will track everything users do online
by 7 hours, 2 minutes ago
-
Login issues with Windows Hello
by 3 days, 9 hours ago
-
How to get into a manual setup screen in 2024 Outlook classic?
by 2 days, 20 hours ago
-
Linux : ARMO rootkit “Curing”
by 3 days, 20 hours ago
-
Employee monitoring app leaks 21 million screenshots in real time
by 3 days, 20 hours ago
-
Google AI is now hallucinating idioms
by 3 days, 21 hours ago
-
april update
by 2 days, 1 hour ago
-
Windows 11 Insider Preview build 27842 released to Canary
by 3 days, 22 hours ago
-
Quick Fix for Slowing File Explorer
by 3 days, 22 hours ago
-
WuMgr not loading?
by 2 days, 18 hours ago
-
Word crashes when accessing Help
by 8 hours, 17 minutes ago
-
New Microsoft Nag — Danger! Danger! sign-in to your Microsoft Account
by 3 days, 21 hours ago
-
Blank Inetpub folder
by 3 days, 19 hours ago
-
Google : Extended Repair Program for Pixel 7a
by 4 days, 8 hours ago
Remembering Woody
