Microsoft KB3002657 Breaks Active Directory Authentication

Dear Clients and Friends,

We recommend that you block the installation of Microsoft KB3002657 security update because it breaks Active Directory authentication.    We ran into a couple of issues with this update this morning.  The first issue was that Outlook 2013 users connecting to Exchange 2013 kept getting prompted to provide their credentials and they could not successfully log on.   The second issue was with Okta.  Okta users could no longer do single-sign-on through Active Directory.  After speaking with Microsoft technical support, we were advised to remove KB3002657 from all the Exchange and domain controllers.  After rebooting those servers, Outlook users were able to logon to Outlook and Okta users were able to perform single-sign-on.

You can read about how this update is affecting Isilon FS users at


Marco Alcala

Marco Alcala


Marco Alcala was born in Santa Monica, California.  While growing up, he became fascinated with computers, and this interest led him to eventually start a business to help his clients manage their information technology and cybersecurity programs.  When he is not working, he is working out, cooking, reading, dancing, or spending time with his children.