List of Domain Controllers (DC’s) related hotfixes post SP1 for Windows Server 2008 R2 SP1

List of Domain Controllers (DC’s) related hotfixes post SP1 for Windows Server 2008 R2 SP1

  • Comments 2
  • Likes

Applies to:
Windows Server 2008 R2 Service Pack 1
Windows Server 2008 R2 SP1
W2K8 R2 Service Pack 1
W2K8 R2 SP1

Note:  You should check http://support.microsoft.com for the latest version of the different files.

List of Domain Controllers (DC’s) related hotfixes post SP1 for Windows Server 2008 R2 SP1 as of Sep. 2012:

2698279 Settings that are driven by a Netlogon GPO do not work as expected in Windows 7 or in Windows Server 2008 R2
http://support.microsoft.com/?id=2698279

Update(s):
Netlogon.dll 6.1.7601.21958
Bootfix.bin
Nlsvc.mof
Supersede(s):
2666938 Client computer uses site-less SRV records after you restart the computer in Windows 7 or in Windows Server 2008 R2

2685888 Netlogon Semaphore performance counters display incorrect values in the Performance Monitor in a Windows Server 2008 R2-based domain environment
http://support.microsoft.com/?id=2685888

Update(s):
Expand.exe.mui 6.1.7601.21948
Netmsg.dll.mui 6.1.7601.21948
Netlogon.dll 6.1.7601.21948 (updated in 2698279)
Nlsvc.mof  (updated in 2698279)
Supersede(s):
2654097  New event log entries that track NTLM authentication delays and failures in Windows Server 2008 R2 are available
2589015 Selective authentication over a forest trust fails when Windows Server 2008 R2-based RODC and RWDC are involved in the authentication process
2580119 The operating system cannot establish a secure channel after a failed deployment of Windows 7 or Windows Server 2008 R2 on client computers
2494158 Managed service account authentication fails after its password is changed in Windows 7 or in Windows Server 2008 R2

2684982 The Lsass.exe process crashes on Windows Server 2008 R2-based domain controllers
http://support.microsoft.com/?id=2684982

Update(s):
Logoncli.dll 6.1.7601.21934
Netlogon.dll 6.1.7601.21934  (updated in 2698279)

2712286 "1101" error code when you run an esentutl /g command on a Windows 7-based or Windows Server 2008 R2-based computer
http://support.microsoft.com/?id=2712286

Update(s):
Esent.dll 6.1.7601.22013
Supersede(s):
2566592 Tuple index is corrupted in a Windows Server 2008 R2 domain

2671874 Heavy WAN usage after you restart centralized Windows Server 2008 R2-based domain controllers
http://support.microsoft.com/?id=2671874

Update(s):
Ntdsai.dll 6.1.7601.21980
Ntdsa.mof

Supersede(s):
2665616 You cannot install a new domain controller on a computer that is running Windows Server 2008 R2 because of an RPC error
2642658 You cannot create users, computers, or groups on a domain controller that is running Windows Server 2008 R2
2641962 The msDS-HasInstantiatedNCs and msDS-hasMasterNCs attributes do not replicate if an authoritative restore is performed in Windows Server 2008 R2
2621146 MS11-095: Description of the security update for Active Directory: December 13, 2011
2618669 An update is available to detect and prevent too much consumption of the global RID pool on a domain controller that is running Windows Server 2008 R2
2616886 Group membership is emptied on a Windows Server 2008 R2-based RODC after the group is converted from a universal group into a global domain group or a local domain group
2580503 The DirSync control returns more search results than expected in a Windows Server 2008 R2-based domain
2526455  You cannot open the properties of any object by using ADSI Edit after you mount a restored Active Directory database file by using the Active Directory database mounting tool in a Windows Server 2008 R2 Active Directory domain environment
2500682 NSPI query for address book information is slow and high CPU usage on domain controllers in a Windows Server 2008 R2 domain
2468316 A paged LDAP query fails on the second page and the pages that follow in Windows Server 2008 R2
2458125 The Value field under the Attribute item for event ID 5136 is empty in Windows Server 2008 and in Windows Server 2008 R2
2413670 Events 1659, 1481, and 1173 are recorded in the Directory Service event log on Windows Server 2008 R2-based domain controllers after you remove Active Directory Domain Services from the last domain controller in a tree root domain

2680097 Iscsilog.dll is not included in the system state backup files on a Windows Server 2008 R2 SP1-based computer
http://support.microsoft.com/?id=2680097

Update(s):
Crypt32.dll 6.1.7601.21935
Supersede(s):
2677070
2641690 Microsoft Security Advisory: Fraudulent digital certificates could allow spoofing
2615174 "0x80092013, CRYPT_E_REVOCATION_OFFLINEA" error message when you try to verify a certificate that has multiple chains in Windows Server 2008 R2 or in Windows 7
2507119 Outlook crashes when you try to open a compressed email message that is created by a third-party Outlook add-in in Windows Vista, in Windows Server 2008, in Windows 7 or in Windows Server 2008 R2

2545833 Slow performance occurs when many user authentication requests are handled in Windows Server 2008 R2
http://support.microsoft.com/?id=2545833

Update(s):
Cryptdll.dll 6.1.7601.21732

2695401 DPAPI keys are not synchronized when you unlock a Windows 7-based or Windows Server 2008 R2-based computer
http://support.microsoft.com/?id=2695401

Update(s):
Lsass.exe 6.1.7601.21959
ksecdd.sys
Supersede(s):
2691043 The Lsass.exe process crashes when you sign in to Lync 2010 to load a certificate from roaming profiles in Windows 7 or in Windows Server 2008 R2
2675498 "NetBIOS domain name\username" format cannot be used with the Kerberos referral mechanism to log on to a computer in a cross-forest environment
2665790 Resource-based constrained delegation KDC_ERR_POLICY failure in environments that have Windows Server 2008 R2-based domain controllers
2655992 MS12-049: Vulnerability in TLS could allow information disclosure: July 10, 2012
2585542 MS12-006: Description of the security update for Webio, Winhttp, and schannel in Windows: January 10, 2012
2545850 Users cannot access an IIS-hosted website after the computer password for the server is changed in Windows 7 or in Windows Server 2008 R2
2522623 InitializeSecurityContext function might not fall back to NTLM authentication in Windows 7 or in Windows Server 2008 R2 when Kerberos fails and has the STATUS_NO_LOGON_SERVERS status

2695401 DPAPI keys are not synchronized when you unlock a Windows 7-based or Windows Server 2008 R2-based computer
http://support.microsoft.com/?id=2695401

Update(s):
Supersede(s):
2691043 The Lsass.exe process crashes when you sign in to Lync 2010 to load a certificate from roaming profiles in Windows 7 or in Windows Server 2008 R2
2675498 "NetBIOS domain name\username" format cannot be used with the Kerberos referral mechanism to log on to a computer in a cross-forest environment
2655992 MS12-049: Vulnerability in TLS could allow information disclosure: July 10, 2012
2585542 MS12-006: Description of the security update for Webio, Winhttp, and schannel in Windows: January 10, 2012
2545850 Users cannot access an IIS-hosted website after the computer password for the server is changed in Windows 7 or in Windows Server 2008 R2

2701275 The Log On To feature does not work when the name of a Windows 7-based or Windows Server 2008 R2-based client computer contains six or more Traditional Chinese characters
http://support.microsoft.com/?id=2701275

Update(s):
Kerberos.dll 6.1.7601.21966
Supersede(s):
2678068 Remote Assistance invitation fails in an Active Directory environment in Windows 7 or in Windows Server 2008 R2
2566059 RC4 pre-authentication failure for the Network Service account in Windows Server 2008 R2 or in Windows 7
2526946 An SSO solution that calls the LsaLogonUser function to pass a KERB_TICKET_LOGON structure for Kerberos authentication does not work in Windows 7 SP1 or in Windows Server 2008 R2 SP1
2425227 MS11-013: Description of the security update for Kerberos in Windows 7 and in Windows Server 2008 R2: February 8, 2011

2425227 MS11-013: Description of the security update for Kerberos in Windows 7 and in Windows Server 2008 R2: February 8, 2011
http://support.microsoft.com/?id=2425227

Update(s):
kdcsvc.dll

2642658 You cannot create users, computers, or groups on a domain controller that is running Windows Server 2008 R2
http://support.microsoft.com/?id=2642658

Update(s):
Ntdsutil.exe 6.1.7601.21898

2696718 NTLM authentication fails intermittently after the computer password is changed through a Windows Server 2008 R2-based RODC
http://support.microsoft.com/?id=2696718

Update(s):
Samsrv.dll 6.1.7601.21970
Samsrv.mof
Samlib.dll 6.1.7601.21970
Samsrv.mof
Supersede(s):
2642658 You cannot create users, computers, or groups on a domain controller that is running Windows Server 2008 R2
2641192 The badPwdCount attribute is not reset to 0 on a Windows Server 2008 R2-based or Windows Server 2008-based PDC when the reset request is sent from an RODC
2618669 An update is available to detect and prevent too much consumption of the global RID pool on a domain controller that is running Windows Server 2008 R2
2386717 The "Enforce password history" and "Minimum password age" Group Policy settings do not work when you reset the password for a Windows Server 2008 R2-based or a Windows Server 2008-based computer

2695401 DPAPI keys are not synchronized when you unlock a Windows 7-based or Windows Server 2008 R2-based computer
http://support.microsoft.com/?id=2695401

Update(s):
Schannel.dll 6.1.7601.21959
Supersede(s):
2675498 "NetBIOS domain name\username" format cannot be used with the Kerberos referral mechanism to log on to a computer in a cross-forest environment
2665790 Resource-based constrained delegation KDC_ERR_POLICY failure in environments that have Windows Server 2008 R2-based domain controllers
2655992 MS12-049: Vulnerability in TLS could allow information disclosure: July 10, 2012
2585542 MS12-006: Description of the security update for Webio, Winhttp, and schannel in Windows: January 10, 2012
2416849 SSL authentication fails and X.509 error occurs when a WCF-enabled application performs mutual authentication in Windows 7, in Windows Server 2008 R2, in Windows Vista, or in Windows Server 2008

2695401 DPAPI keys are not synchronized when you unlock a Windows 7-based or Windows Server 2008 R2-based computer
http://support.microsoft.com/?id=2695401

Update(s):
Sspicli.dll 6.1.7601.21959
Supersede(s):
2691043 The Lsass.exe process crashes when you sign in to Lync 2010 to load a certificate from roaming profiles in Windows 7 or in Windows Server 2008 R2
2675498 "NetBIOS domain name\username" format cannot be used with the Kerberos referral mechanism to log on to a computer in a cross-forest environment
2665790 Resource-based constrained delegation KDC_ERR_POLICY failure in environments that have Windows Server 2008 R2-based domain controllers
2655992 MS12-049: Vulnerability in TLS could allow information disclosure: July 10, 2012
2585542 MS12-006: Description of the security update for Webio, Winhttp, and schannel in Windows: January 10, 2012
2545850 Users cannot access an IIS-hosted website after the computer password for the server is changed in Windows 7 or in Windows Server 2008 R2
2522623 InitializeSecurityContext function might not fall back to NTLM authentication in Windows 7 or in Windows Server 2008 R2 when Kerberos fails and has the STATUS_NO_LOGON_SERVERS status

2695401 DPAPI keys are not synchronized when you unlock a Windows 7-based or Windows Server 2008 R2-based computer
http://support.microsoft.com/?id=2695401

Update(s):
Cng.sys  6.1.7601.21959 
Secur32.dll  6.1.7601.21959 
Supersede(s):
2691043 The Lsass.exe process crashes when you sign in to Lync 2010 to load a certificate from roaming profiles in Windows 7 or in Windows Server 2008 R2
2675498 "NetBIOS domain name\username" format cannot be used with the Kerberos referral mechanism to log on to a computer in a cross-forest environment
2665790 Resource-based constrained delegation KDC_ERR_POLICY failure in environments that have Windows Server 2008 R2-based domain controllers
2585542 MS12-006: Description of the security update for Webio, Winhttp, and schannel in Windows: January 10, 2012
2545850 Users cannot access an IIS-hosted website after the computer password for the server is changed in Windows 7 or in Windows Server 2008 R2

2633205 Auto-enrollment process for computer certificates fails on a client computer that is running Windows 7 or Windows Server 2008 R2
http://support.microsoft.com/?id=2633205

Update(s):
Ncrypt.dll  6.1.7601.21872
Ncryptui.dll  6.1.7601.21872
Supersede(s):
2507840 Keys in the CNG user interface are always described as having no description in Windows 7 or in Windows Server 2008 R2

2619880 "The network path was not found" error message when you start a LDAP-related application in Windows Server 2008 R2
http://support.microsoft.com/?id=2619880

Update(s):
Wldap32.dll 6.1.7601.21822

2637692 RPC threads may stop responding in Windows 7 or in Windows Server 2008 R2
http://support.microsoft.com/?id=2637692

Update(s):
Rpcrt4.dll 6.1.7601.21849

2685088 The screen saver grace period does not work as expected if the period exceeds 60 seconds on a computer that is running Windows 7 or Windows Server 2008 R2
http://support.microsoft.com/?id=2685088

Update(s):
Winlogon.exe 6.1.7601.21980

Supersede(s):
2617878 You cannot set the LogonTimeout setting after the default RDP listener (RDP-Tcp) is deleted in Windows Server 2008 R2
2562672 Computer stops responding if the smart card is removed during hibernation in Windows 7 or in Windows Server 2008 R2
2468353 The MPR still calls the NPPasswordChangeNotify function to notify a password change event in Windows 7 or in Windows Server 2008 R2 even though the password change is unsuccessful

2600484 Certain user folders are absent from the user profile in Windows 7 or in Windows Server 2008 R2 if the folders are excluded from the roaming profile
http://support.microsoft.com/?id=2600484

Update(s):
Userenv.dll 6.1.7601.21793

2575866 RSoP shows a red X on the icons for registry settings in 64-bit Windows Vista, in 64-bit Windows 7, in 64-bit Windows Server 2008 or in 64-bit Windows Server 2008 R2
http://support.microsoft.com/?id=2575866

Update(s):
Scecli.dll 6.1.7601.21864

2537556 When you use a GPO for application deployment in Windows 7 or in Windows Server 2008 R2, the deployment fails or is delayed
http://support.microsoft.com/?id=2537556

Update(s):
Appmgmts.dll 6.1.7601.21704

2715922 Home folder is not mapped to a client computer when multiple users are logged on to a computer that is running Windows 7 or Windows Server 2008 R2
http://support.microsoft.com/?id=2715922

Update(s):
Profsvc.dll 6.1.7601.22009

Supersede(s):
2709630 Delay occurs when you log on to a domain from a computer that is running Windows 7 or Windows Server 2008 R2
2673347 Home directory settings that you defined in Group Policy are not applied on a Windows 7 SP1-based or Windows Server 2008 R2 SP1-based VDI client
2664408 Variable %userdomain% roaming profile path is not resolved correctly in Windows 7, Windows Server 2008 R2, Windows Server 2008, and Windows Vista
2661663 Stale user profile folders are not deleted completely in Windows 7 or in Windows Server 2008 R2
2600484 Certain user folders are absent from the user profile in Windows 7 or in Windows Server 2008 R2 if the folders are excluded from the roaming profile
2065362 "Unable to log you on because your profile could not be loaded, please contact your administrator" error when you try to log on to a computer in Windows Vista, in Windows Server 2008, in Windows 7 or in Windows Server 2008 R2

2581608 Logon scripts take a long time to run in Windows Vista, in Windows Server 2008, in Windows 7 or in Windows Server 2008 R2
http://support.microsoft.com/?id=2581608

Update(s):
Gpsvc.dll 6.1.7601.21830
Gpapi.dll 6.1.7601.21830

Supersede(s):
2553771 GetGPOList function does not return all GPOs in Windows 7, in Windows Server 2008 R2, in Windows Vista or in Windows Server 2008
2550944 Group Policy logon scripts do not run in Windows 7 or in Windows Server 2008 R2

2738974 Incorrect start time of Group Policy scheduled tasks on a client computer that is running Windows 7 or Windows Server 2008 R2
http://support.microsoft.com/?id=2738974

Update(s):
Microsoft.grouppolicy.reporting.resources.dll 6.1.7601.22078
Microsoft.grouppolicy.reporting.dll 6.1.7601.22078
Gpme.dll 6.1.7601.17514
Gppref.dll 6.1.7601.22078
Gpprefbr.dll 6.1.7601.22078
Gpprefcn.dll 6.1.7601.22078
Gpregistrybrowser.dll 6.1.7601.17514
Propshts.dll 6.1.7601.22078

Related list of hotfixes:
------------------------------
List of DFS related hotfixes post Service Pack 1 for Windows Server 2008 R2.
http://blogs.technet.com/b/yongrhee/archive/2011/10/21/list-of-dfs-related-hotfixes-post-service-pack-1-for-windows-server-2008-r2.aspx

List of DNS related hotfixes post SP1 for Windows Server 2008 R2 SP1
http://blogs.technet.com/b/yongrhee/archive/2012/02/18/list-of-dns-related-hotfixes-post-sp1-for-windows-server-2008-r2-sp1.aspx

List of Network related hotfixes post SP1 for Windows 7 SP1 and Windows Server 2008 R2 SP1
http://blogs.technet.com/b/yongrhee/archive/2011/06/12/list-of-network-related-hotfixes-post-sp1-for-windows-server-2008-r2-sp1.aspx

Comments
  • Very useful, thanks. Any chance the list will get updated?

  • Very useful thanks

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment