Windows Server 2025: Domain Controller no longer accessible after restart

Windows[German]Small addendum to a topic that has been left here for a few days. Microsoft has already confirmed a new problem with Windows Server 2025 in connection with Active Directory Domain Controllers (DC) on April 11, 2025. After restarting the server operating system, the DC is no longer accessible. This is probably due to incorrectly assigned Windows Firewall profiles after each restart.

Microsoft has posted the support article Domain controllers manage network traffic incorrectly after restarting in the Release Health status section of Windows Server 2025 under Known Issues on April 11, 2025.

Issues with DCs after restart

The support article states that Windows Server 2025 domain controllers (e.g. servers hosting the Active Directory domain controller role) may not manage network traffic correctly after a restart. As a result, Windows Server 2025 domain controllers may not be reachable in the domain network. Or the DCs are incorrectly reachable via ports and protocols that should otherwise be prevented by the domain firewall profile.

Incorrect firewall profile for the DC is the cause

Microsoft writes that this problem results from the fact that domain controllers (DCs) do not use a domain firewall profile when they are restarted. Instead, the default firewall profile is used. The immediate consequence is that applications or services running on the domain controller or on remote devices may fail or remain unreachable in the domain network.

Microsoft's developers are working on a solution and want to correct this at some point with an update. Affected administrators must perform the following workaround each time they restart Windows Server 2025, which works as a DC.

Workaround: Restart the network adapter

Microsoft has suggested a temporary workaround for those affected. Administrators can restore the expected behavior by restarting the network adapters. This can be done manually in various ways, e.g. with the following command via PowerShell:

Restart-NetAdapter *

The problem is that the error reoccurs each time the Windows Server 2025 acting as a domain controller is restarted. Microsoft suggests creating the workaround to restart the network adapters as a scheduled task that restarts the network adapter each time the domain controller is restarted.

This entry was posted in issue, Windows and tagged , . Bookmark the permalink.

5 Responses to Windows Server 2025: Domain Controller no longer accessible after restart

  1. Anonymous says:

    This has been issue since Betas!

  2. SM says:

    That was already the case with the 2022 server. Thank goodness it still worked if you stored the dependencies with the NLA service. That no longer helps with 2025.
    It's really unfortunate that Microsoft shows no interest in fixing the error. After the "Best Practices" say that you should always use 2 DC's, it kind of makes sense that Microsoft doesn't care. they want you to buy 2 server licenses if you use a smaller environment where in addition to AD you only run a small database for an industry software and file server services.

  3. Tom says:

    It impacts Windows Server 2019 AD DC as well with the latest updates from June 2025 – June 10, 2025—KB5060531 (OS Build 17763.7434) . Restart-NetAdapter * doesn't solve the issue. WTH!? Microsoft.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).