As you know, Microsoft Netlogon protocol change process was activated with the November 8, 2022 updates (KB5021130 – CVE-2022-38023 ).
In previous announcements, “
Enforcement by Default” would be activated with the
April 11, 2023 updates, but it was postponed with new announcement which is
13 June, 2023.
By the way after the Windows updates that are dated on or after November 8, 2022 Windows updates are installed, you can add the “
RequireSeal” key below.
Data Type: REG_DWORD
Data: 0 – Disabled
1 – Compatibility mode. Windows domain controllers will require that Netlogon clients use RPC Seal if they are running Windows, or if they are acting as either domain controllers or Trust accounts.
2 – Enforcement mode. All clients are required to use RPC Seal, unless they are added to the “Domain Controller: Allow vulnerable Netlogon secure channel connections” group policy object (GPO).
Or you can choose to use Powershell :
Note: Events 5838,5839 and 5840,5841 can be checked in the System Event Log on DCs with November 2022 updates installed to detect applications that may have problems.
Have a nice day!