Domain User Password Reset Loop After Server 2025 Upgrade

Posted by Tob3faiiir@reddit | sysadmin | View on Reddit | 8 comments

Coworker did an in place server OS upgrade last night on two domain controllers from Server 2016 to Server 2025. Everything appears to be working but some end users using Windows 10 systems are reporting issues of being stuck in a password reset loop. Resetting their password on the DC fixes it for them. Seems to be happening on all Windows 10 systems and Windows 11 systems that don't have the March 2025 CU installed. Anyone else come across this?

[-]

Inside_Negotiation_4@reddit

Update your DC and restart it.
I had the same issue last week; it's a bug in Windows Server 2025.

[-]

Tob3faiiir@reddit (OP)

Was it the March security update that resolved it for you?

[-]

CapableWay4518@reddit

There are documented processes for in place upgrades in domain controllers. Domain controllers are easy to rebuild. I would spin another up and point machines to it. If it fixes, replace the two upgraded dcs.

[-]

t3hWheez@reddit

Never in-place a fucking DC bro.. holy mother..

[-]

Unnamed-3891@reddit

That was a bit of a dumb move. There are multiple known problems with 2025 DC role specifically. Since you can't go back/restore from backup pre-upgrade, I would replace them 1 by 1 with server 2022 DCs. And I would do this within days at most.

[-]

BlackV@reddit

fingers crossed they did not raise domain functional levels

[-]

creenis_blinkum@reddit

Dumfuck coworker IMO

[-]

CPAtech@reddit

That sounds like a terrible idea.