Domain Controller Archives

Winsage

April 15, 2025

Windows Server 2025 may lose DC connectivity after restart

Microsoft has warned about potential accessibility issues with Windows Server 2025 domain controllers after a restart, where affected servers revert to the default firewall profile, disrupting applications and services. A temporary workaround involves manually restarting the network adapter on the impacted servers using the PowerShell command: Restart-NetAdapter *. This workaround needs to be reapplied after each restart of the domain controller, and Microsoft recommends setting up a scheduled task to automate this process. Windows Server 2025, launched earlier this year, introduced new features and security enhancements but has faced previous issues, including freezing Remote Desktop sessions and accidental upgrades from Windows Server 2022. Developers are currently working on a permanent solution for the domain controller issue.

Winsage

April 14, 2025

Windows Server 2025 Restart Bug Breaks Connection with Active Directory Domain Controller

Microsoft has warned IT administrators about a significant issue affecting Windows Server 2025 domain controllers, which may struggle to manage network traffic after a system restart. This problem arises because the domain controllers revert to the standard firewall profile instead of the required domain firewall profile, leading to potential inaccessibility on the domain network, application failures, and open ports that could pose security risks. The issue specifically affects Windows Server 2025 systems with the Active Directory Domain Services role, while client systems and earlier server versions remain unaffected. To address this, Microsoft recommends a temporary workaround: manually restarting the network adapter using PowerShell with the command Restart-NetAdapter * after each reboot. Administrators are advised to create a scheduled task for automation, monitor domain controllers for disruptions, and minimize unnecessary restarts. Microsoft is working on a permanent fix, with an update expected in the future.

Winsage

April 14, 2025

Windows Server 2025 domain controllers may lose connectivity after reboot, says Microsoft

Microsoft has alerted IT administrators about potential connectivity issues with Windows Server 2025 domain controllers after a restart, which may lead to network disruptions and unauthorized access. Applications and services relying on these domain controllers could fail or become unreachable. IT administrators are advised to exercise caution when planning server restarts.

Winsage

April 14, 2025

Microsoft: Windows Server 2025 restarts break connectivity on some DCs

Microsoft has warned IT administrators about a potential issue with Windows Server 2025 domain controllers (DCs) becoming inaccessible after a restart, due to defaulting to the standard firewall profile instead of domain-specific settings. This mismanagement can lead to DCs being unreachable on the domain network or improperly accessible through restricted ports and protocols. A workaround involves manually restarting the network adapter on affected servers after each reboot, and Microsoft recommends setting up a scheduled task for this. The company is working on a permanent solution for a future update. Additionally, Microsoft has alerted users to another issue with Windows Hello logins related to the KB5055523 April 2025 security update and has implemented a fix for authentication issues with Credential Guard and the Kerberos PKINIT pre-auth security protocol.

Winsage

March 26, 2025

Microsoft: Recent Windows updates cause Remote Desktop issues

Microsoft has informed users about issues with Remote Desktop and Remote Desktop Services (RDS) connections after recent Windows updates since January 2025. Users may experience unexpected disconnections during Remote Desktop Protocol (RDP) sessions following the January preview update (KB5050094) and the March 2025 security update (KB5053598). Specifically, users connecting from Windows 11 24H2 PCs to RDS hosts on Windows Server 2016 or earlier may be disconnected after about 65 seconds. Microsoft has introduced a solution through its Known Issue Rollback (KIR) feature, requiring administrators to install and configure the Windows 11 24H2 and Windows Server 2025 KB5053598 250314_20401 KIR group policy. A restart of affected devices is necessary to apply the new settings. A permanent fix will be included in a future Windows update.

Winsage

March 12, 2025

Microsoft: Recent Windows updates make USB printers print random text

Microsoft has acknowledged an issue affecting certain USB printers after the installation of Windows updates since late January 2025, impacting users on Windows 10 (version 22H2) and Windows 11 (versions 22H2 and 23H2). The latest Windows 11 version 24H2 is unaffected. Users may experience unexpected behavior with dual-mode printers using USB Print and IPP Over USB protocols, leading to random text and data being printed, including network commands. This issue arises from the interaction between the print spooler and the printer driver. Microsoft has implemented a solution through its Known Issue Rollback (KIR) feature, which will be automatically rolled out in an upcoming update. IT administrators are advised to install specific group policies to address the issue. Additionally, Microsoft lifted a compatibility hold for some AutoCAD users upgrading to Windows 11 24H2 due to previous launch and crash issues.

Winsage

December 21, 2024

How to setup IPAM on Windows Server

IP Address Management (IPAM) in Windows Server automates and centralizes the management of IP address infrastructure, allowing administrators to monitor, manage, and audit DHCP and DNS servers. Setting up IPAM involves several steps: verifying prerequisites (supported Windows Server version, active directory domain, and operational DHCP/DNS roles), installing IPAM through Server Manager or command prompt, configuring IPAM for file sharing and access settings, configuring server discovery, and managing servers and settings. To add an IP address to IPAM, users access the IPAM console, navigate to the IP Address Space section, select the desired IP Address block, and provide necessary details before saving the changes.

Winsage

December 16, 2024

The Windows Concept Journey

Active Directory (AD) is a hierarchical database that stores information about network objects such as users, computers, printers, and shared resources. Key components of AD include the schema, global catalog, query and index mechanism, and replication service. Management is typically done through the "Active Directory Users and Computers" snap-in, which enhances security and supports authentication federation. The AD database is stored in a file called "ntds.dit" on the Domain Controller (DC). Best practices for securing AD include patching, monitoring, and recovery planning. Remote access to the AD database is enabled through the Lightweight Directory Access Protocol (LDAP) over TCP port 389 or port 636 for secure LDAP (LDAPS).

Winsage

October 31, 2024

Microsoft fixes Windows 10 bug causing apps to stop working

Microsoft has addressed an issue affecting the launch of certain applications on Windows 10 22H2 systems for non-administrative users, which arose after the September 2024 preview cumulative update (KB5043131). The problem involved child processes of applications running at low Integrity levels instead of the required medium levels, impacting applications like Quick Assist, Microsoft Teams, and Windows Narrator. This issue occurs when applications with UIAccess=true attempt to run under non-admin accounts. Affected applications are typically launched from secure directories, including ProgramFiles, %systemroot%system32, and %systemroot%syswow64. Microsoft is rolling out a Known Issue Rollback (KIR) to resolve the problem, which will automatically propagate to home and non-managed enterprise devices within 24 hours. For enterprise-managed devices, administrators must apply the KIR Group Policy via the Group Policy Editor and restart affected devices. Microsoft has previously used KIR to address issues on Windows Server 2019 and Windows 11 systems.

Winsage

October 25, 2024

Windows Server 2025 Insider Preview build 26311 is now available

Microsoft has released Windows Server build 26311 for the Windows Server Insider Program, branding it as Windows Server 2025. The change log for build 26311 is similar to build 26304 and includes the Windows Defender Application Control for Business (WDAC), which enhances security by enforcing a list of authorized software. The Windows Server 2025 Security Baseline Preview allows users to apply over 350 preconfigured security settings categorized by server roles: Domain Controller, Member Server, and Workgroup Member. Known issues include incorrect labeling for the flight, problems with WinPE PowerShell scripts, intermittent upgrade failures from Windows Server 2019 or 2022, issues with archiving event logs, and installation recommendations related to Secure Launch/DRTM. Downloads are available in various formats, but may not be accessible in certain regions due to Microsoft's sales suspension in Russia. The preview is set to expire on September 15, 2025.