Domain Joining Issue Resolved

To use this new Group Policy, the domain controller and the member computer must consistently have the March 14, 2023, or later update installed. Some of you might have particular accounts that you use in automated computer account creation. If those accounts are safe from abuse and you trust them to create computer accounts, you can exempt them. You will still be secure against the original vulnerability mitigated by the October 11, 2022, Windows updates.

We also plan to remove the original NetJoinLegacyAccountReuse registry setting in a future Windows update. This removal is tentatively scheduled for the update dated September 9, 2023. Release dates are subject to change.

Note If you deployed the NetJoinLegacyAccountReuse key on your clients and set it to value 1, you must now remove that key (or set it to 0) to benefit from the latest changes.

——————————————————————————————————————————

Because of the new Group Policy, you should no longer use the NetJoinLegacyAccountReuse registry key. We will preserve the key for the next six (6) months in case you need workarounds. If you cannot configure the new GPO in your scenario, we strongly encourage you to contact Microsoft Support.

Path: –    HKLM\System\CurrentControlSet\Control\LSA

Type: –    REG_DWORD

Name: –   NetJoinLegacyAccountReuse

Value: –  1

Note Microsoft will remove support for the NetJoinLegacyAccountReuse registry setting in a future Windows update. This removal is tentatively scheduled for the update dated September 9, 2023. Release dates are subject to change.