This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 31%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENN%3C/text%3E%3C/svg%3E)
Subject: Active Directory replication and secure channel failure – suspected link to recent KB updates
Hello,
I’m reporting a critical issue affecting our Active Directory infrastructure, which has occurred multiple times following cumulative updates on our two Windows Server 2025 Datacenter domain controllers (version 24H2): SERDC and SERDC2.
🔹 Environment:
🔹 Symptoms:
🔹 Timeline:
🔹 Actions taken:
🔹 Request:
We would like to know if this behavior is known, if a fix or official workaround exists, and whether the mentioned KBs could be involved.
We’ve included technical logs in the ZIP:
Thank you in advance for your assistance.
Best regards, Jean-Sébastien
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 91%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJB%3C/text%3E%3C/svg%3E)
Hello, we are experiencing the exact same problem: after installing the October 2025 security updates, one of our Active Directory servers crashed. The server was completely reinstalled, and the other was not updated. Then we installed the November 2025 security updates, and the same problem occurred. We have three domain controllers: two running Windows Server 2022 and one running Windows Server 2025. Have you found a solution?
Thank you very much.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 62%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EH%3C/text%3E%3C/svg%3E)
Hi Jean Sébastien,
Based on your description, the replication failures, secure channel errors, and SYSVOL/DFS-R issues are consistent with some known cases following certain cumulative updates on Windows Server 2025 (24H2). However, the exact root cause is often environment- or configuration-specific.
Specifically:
From the logs you provided, the replication errors are consistent with secure channel and RPC connectivity issues between the DCs. A few recommended steps:
At this stage, this behavior is known but not widespread. Careful update management is key to preventing recurrence. I recommend testing these repair steps in a lab environment before deploying in production.
I hope this information is useful.. If it is, don't forget to "Accept the answer" so that others could benefit too. Thank you :)
Hello,
Thank you for your detailed reply — it’s much appreciated.
We’ve already tried the Test-ComputerSecureChannel -Repair -Credential command on both domain controllers, but unfortunately it didn’t resolve the issue. The secure channel remains broken, and replication errors persist.
Here’s a summary of our situation:
🔹 Environment:
🔹 Timeline:
🔹 Actions taken:
wuauserv servicerepadmin, DFS-R, and Netlogon logsWe suspect KB5070881 may be involved, but we’re not entirely certain. KB5067360 is marked as required and cannot be removed. The issue reappeared after updates were automatically re-enabled.
If Microsoft has documented any registry-based workarounds for KB5070881 in this type of AD topology, I’d be very grateful to receive those details.
Thanks again for your support.