This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 42%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDT%3C/text%3E%3C/svg%3E)
We have two Domain Controllers. On (only one) of them, everything regarding AD sometimes freezes for over 10 seconds before being responsive again. This includes for example
The problematic domain controller is Windows Server 2016. If you work in the console actively, everything will be smooth. But leave it in the background for 10 minutes and try to click something, we get the freeze for 10 seconds.
I have cleaned up errors from the eventlog and ran repair commands like "sfc /scannow", also made sure that AD is healthy via dcdiag and the likes. However I cannot seem to find the reason for why this is happening. Any ideas?
Hello Gary,
the problem really seems to have gone away with the latest Windows Updates (I think it was cumulative Update 2021-09). The console now does not freeze anymore if left idle.
The problematic DC is indeed a physical one.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 45%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJV%3C/text%3E%3C/svg%3E)
Check power options. Check the CPU/memory usages during the time of issue, keep the task manager running and keep it idle for 10-15 minutes and try clicking on anything see if the CPU/Mem/Disk usages are higher?
A couple of questions and possible suggestion.
Which DC is the PDC? Is the domain controllers that is having the issue at a remote site on a WAN link? It might be the case that WAN link has been dropped by the routers and the 10 sec delay is the time taken to bring the link back up and delay waiting for the PDC to respond. One way to test this scenario, is leave the console for 10mins and then rather than trying to use the console, try ping the other DC which will activate the link and be used to also check if there is a delay getting the ping responses.
Gary.
All FSMO roles are taken by the problematic DC. They reside in the same LAN both, also this AD does not have any remote sites. I would have loved to also try the task manager monitoring, however I could not reproduce the problem today, which is weird. Maybe it went away, we applied Windows Updates yesterday?
Hi David,
Yep sounds a little wierd, but if you are able to reproduce the problem, it might be worth trying to understand if the delay is only impacting the foreground processes or both the foreground and background processes, i.e. does the DC still respond LDAP\AD request from network clients?
One other question while I think about, are the DCs physical or virtual, if virtual, are the resources over committed on the host?
Gary.
Hi David,
Just checking in to see if you managed to reproduce the issue, or resolve it?
Gary.