HANDS ON SharePoint
HANDS ON Teams
HANDS ON Lists
HANDS ON tek
M365 Admin
Security hardening for Microsoft RPC Netlogon protocol
As part of our ongoing commitment to security, we’re introducing a hardening change to the Microsoft RPC Netlogon protocol. This update strengthens access controls by blocking anonymous RPC requests that could previously be used to locate domain controllers. This change is not configurable and cannot be reverted via policy.
When this will happen
- This change was introduced in the July 2025 Windows security update for all supported versions of Windows Server from Windows Server 2008 R2 through Window Server 2022.
- For Windows Server 2025, the change was included in the February 2025 Windows security update and subsequent updates.
How this affects your organization
After installing the applicable Windows security update, Active Directory domain controllers will reject certain anonymous RPC requests made through the Netlogon RPC server. These requests are typically used for domain controller location and may impact interoperability with some third-party file and print services, including Samba.
If your organization uses Samba or similar services, you may experience disruptions unless those services are updated to comply with the new access requirements.
What you can do to prepare
- Review your environment for dependencies on anonymous Netlogon RPC requests.
- If your organization uses Samba, please refer to the Samba release notes ​​​​​​for guidance on compatibility.
- Test the update in a staging environment before broad deployment to identify any potential service disruptions.
Additional information
This change has been documented in the KB articles associated to the updates introducing the new security hardening:
- Windows Server 2025: https://support.microsoft.com/help/5051987
- Windows Server 2025 Datacenter: Azure Edition (Hotpatch Baseline): https://support.microsoft.com/help/5051987
- Windows Server 2022: https://support.microsoft.com/help/5062572
- Windows Server 2022 Datacenter: Azure Edition (Hotpatch Baseline): https://support.microsoft.com/help/5062572
- Windows Server 2012 R2: https://support.microsoft.com/help/5062597
- Windows Server 2012: https://support.microsoft.com/help/5062592
- Windows Server 2008 R2 SP1: https://support.microsoft.com/help/5062632 / https://support.microsoft.com/help/5062619
- Windows Server 2008: SP2: https://support.microsoft.com/help/5062624 / https://support.microsoft.com/help/5062618
Message ID: MC1113050
