KB4497935 for Windows 10 v1903 causes MIT Kerberos realms to fail
According to Microsoft’s description in the update log status page, there is a new known bug in the current cumulative update for Windows 10 Version 1903. This problem can cause the Kerberos domain to fail to connect properly. This is a bug caused by the cumulative update that Microsoft introduced last month. Affected include domain members controlled by the Kerberos domain and domain control devices. Simply put, this protocol is completely unusable.
According to Microsoft’s announcement, this problem cannot be completely fixed. Microsoft wrote:
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.Note If you are not sure if your device is affected, contact your administrator. Advanced users can check if this registry key exists HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\MitRealms or for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos.