KB3002657: Uninstall the update if you are using Windows 2003 Domain Controller
Today we heard about an issue with the security update described in KB3002657 in a windows 2003 DC infrastructure.
Microsoft security update released on March 10, 2015 by Microsoft (KB3002657) has an authentication issue.
Network users might be prompted for usernames and passwords for outlook again and again.
Microsoft has also mentioned that after you install this security update, you cannot access data on EMC Isilon clusters
Microsoft has also mentioned an NTLM login issue in the KB which I am sharing from the KB
SMB/SMB2/SMB3 clients may experience logon failures
to an EMC Isilon cluster when they authenticate by using the NTLMSSP (NT LAN Manager Security Support Provider) provider. Data that resides on EMC Isilon clusters is unavailable to SMB/SMB2/SMB3 clients. This results in data unavailable (DU) failures. Authentication failures may also affect clients that try to access data through HTTP-based protocols such as RAN.
This issue occurs when Microsoft security update MS15-027 is installed on an Active Directory server that authenticates users and services that access an EMC Isilon cluster and when NTLM is used to authenticate these Active Directory domain users and services.
Note Authentication to an EMC Isilon cluster that uses the Kerberos protocol is not affected by this issue.
Use the Kerberos protocol to authenticate Active Directory domain users.
Microsoft has confirmed that this issue is occurring only in the Windows 2003 DC environments which are using NTLM authentication.
Microsoft has also recommended to uninstall the security patch from 2003 DC’s. Microsoft will be releasing the KB sooner.
We will update the blog as soon as we will hear more about the issue.
Microsoft MVP | Exchange Server