If using customization specs (sysprep) or templates in a virtualized environment, ensure the "Generate new identity" options are used so SIDs/UUIDs are unique. We only had issues with servers running on VMware, which also had identical SIDs (due to a failure in the cloning process), after applying the KB update. Uninstalling the update helped, but what we finally did was reinstalling the VM's affected, this means using sysprep and reinstalling the OS, software etc etc. I believe this tool was used on some servers (https://www.stratesave.com/html/sidchg.html), but we did fresh installs on SQL Server clusters to avoid any issues down the road (supportability etc).
KB5065426 Security update - SQL Server Failover cluster (AlwaysOn) problems
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(140.8, 97%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3E2%3C/text%3E%3C/svg%3E)
24551988
25
Reputation points
Hi. Has anyone else experienced problems after the september KB installation on Windows Server 2025 ? We are running SQL Server 2022 in a Always-On scenario with Failover cluster on two nodes. After the installation, we are unable to connect to the cluster, Failover Cluster manager on both nodes dot not recognize the cluster and communication between sql server nodes fails with: SSPI handshake failed with error code 0x8009030c, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. Also we see the following events in system-log: Event 6167, LSA (LsaSrv): There is a partial mismatch in the machine ID. This indicates that the ticket has either been manipulated or it belongs to a different boot session. Failing authentication. Uninstalling the KB fixes all problems.
SQL Server Database Engine
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 74%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFK%3C/text%3E%3C/svg%3E)
Francisco Künzi 5 Reputation points2025-09-18T14:21:37.9833333+00:00 We've got the same event you're describing. On our side it happens because the client connecting to the host have both the same Machine-SID (this SID is not given/created by a domain-join).
This usually happens because one machine has been setup from a clone of the other machine, or both machines have been setup using a clone from one machine.
Also only happens if both machines are running 21600.6584
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 5%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMH%3C/text%3E%3C/svg%3E)
Martin Henriksen 0 Reputation points2025-09-22T13:45:31.4233333+00:00 I did experience the same issue after installing this KB and can confirm uninstalling it works.
If MS supports sees this, please investigate and solve this issue.
-
Erland Sommarskog 127.7K Reputation points MVP Volunteer Moderator2025-09-22T20:53:28.33+00:00 It is unlikely that concerned persons at Microsoft sees this. I think that the best way to bring attention is to open a support case. While uninstalling the KB solved the immediate problem, it is not really a long-term solution.
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 25%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKN%3C/text%3E%3C/svg%3E)
Kirk Newson 5 Reputation points2025-09-22T21:38:08.3766667+00:00 I have experienced this also. It was caused by an issue where VMWare did not properly generalise our Server 2025 template and it's clones. We are still digging to find why but I suspect it is due to creating the template before official OS support was installed on the cluster - VMWare 8.0U1 and the associated vTools.This update appears to enforce Machine-ID checking. So, it is not a Microsoft issue. It is a user issue for not properly cloning Drives.
You will need to run sysprep on your machines and reconnect them to the domain etc. WARNING you need to understand the implications for this. Sysprep on a Prod server will cause destructive results so test it first and proceed with caution.
If anyone has a less intrusive method to reset machine-IDs?
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 12%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDB%3C/text%3E%3C/svg%3E)
Dan Benson 0 Reputation points2025-09-25T15:46:25.5133333+00:00 @Kirk Newson We have this issue with our SQL replication server (without failover clustering), but I checked into the VM machine-ID, and I found all of my server to have unique ids. I'm not sure how far this tracks in terms of finding a solution, but I wanted to add my findings.
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 33%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETH%3C/text%3E%3C/svg%3E)
Trevor Harris 0 Reputation points2025-10-04T23:46:22.5266667+00:00 Definitely isn't a VMWare issue. have the same issue with my Proxmox VMs suddenly.
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 17%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAR%3C/text%3E%3C/svg%3E)
Adnan Rana 0 Reputation points2025-10-14T17:50:36.95+00:00 Same issue here. I've VMware template from which I created 2 VMs. App and SQL Server (SQL was installed fresh after the VM was created from template). Both VMs have unique SID and unique UUID
SID Check from Domain Controller using the command
get-adcomputer <VM-Name> -prop sidUUID check from the VM itself using the command
wmic path win32_computersystemproduct get uuidWhen I try to connect from App server to SQL, I get the error Login failed. The login is from an untrusted domain and cannot be used with Integrated authentication. (Framework Microsoft SqlClient Data Provider)
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 12%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDH%3C/text%3E%3C/svg%3E)
Dusty Huntington 0 Reputation points2025-10-27T16:06:33.8133333+00:00 Has anyone come up with a work around or resolution to this? We have the same issue where the September CU breaks our availability groups. Actually it appears to break Windows Failover Clustering, which in turn breaks the AG's.
-
Dusty Huntington 0 Reputation points
2025-10-27T17:55:40.24+00:00 Well it looks like Microsoft acknowledges the issue, but the fix isn't so easy.
https://betanews.com/2025/10/22/microsoft-says-windows-update-may-have-caused-login-problems/
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 28.999999999999996%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Singam shetty Sri ganesh 80 Reputation points Microsoft External Staff Moderator2025-10-31T04:30:15.99+00:00 Hello @24551988,
Hope everything’s going great with you. Just checking in has the issue been resolved or are you still running into problems? Sharing an update can really help others facing the same thing.
Thank you.
Sign in to comment
Answer recommended by moderator