Share via

Unable logon to Domain Controller after reboot

Enrico Zocca 11 Reputation points
2020-09-24T11:00:17.843+00:00

Hello, in a large AD environment we have same issues reported on the page below:

https://social.technet.microsoft.com/Forums/en-US/912d062b-3168-4782-a128-604223fd0636/unable-to-log-into-domain-controller-after-reboot?forum=ws2016

Often when I reboot domain controller on branch office I'm not be able to logon, with the same issue:

System is restarted using the restart option in Windows. Server appears to start normally. Press CTRL-ALT-DEL to get a login prompt. User is administrator (or any other domain admin account), enter password and hit enter or click the arrow. The cursor is moved back to the beginning of the password field and the previously entered password remains.

This issue seems start happens after we raise the domain functionality level from 2003 to 2008 R2. Note: PDC is still on 2008 R2
After that no way to logon on DC's, only after many and many reboot server accepts credentials. Same issue if I try to isolate domain controller from network.
New domain controllers are also affects by this problem, immediatly after promotion still not be able to connect

Same errors in the event viewer reported on the thread.

We are working around this issue from many days, time is correct on every DC's.

Thanks in advance for the help to resolve this issue.
Enrico Z.

28023-screenshot-at-sep-24-12-53-27.png28082-screenshot-at-sep-24-12-53-11.png

Windows Server 2012
Windows Server 2012
A Microsoft server operating system that supports enterprise-level management, data storage, applications, and communications.
1,590 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,547 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,838 questions

8 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Enrico Zocca 11 Reputation points
    2020-09-28T10:22:27.177+00:00

    Hello @Daisy Zhou

    1.Do you install any third-part apps or programs on all the 2012 R2 DCs? NO, AV was removed for test purpose

    2.Or do you run any third-part services on all the 2012 R2 DCs? No

    3.Do you install all the updates on all the 2012 R2 DCs? Yes cause production DC's are up to date, and no we also test with a fresh installation without patch

    4.Do you install the same image for these 2012 R2 DCs? Fresh install with 2 different ISO

    5.Are all these 2012 R2 DCs running the same operating system (run winver to check)? Yes

    Thank you
    Enrico

  2. Enrico Zocca 11 Reputation points
    2020-09-30T10:40:12.533+00:00

    No, we don't want to add 2016 DC because it require an schema extention and, at this moment, we wouldn't like to create a new point of failure. Anyone has this kind of issue? Could you please give us some help to open a case?

    Regards
    Enrico Zocca

  3. Juan Manuel Brion 0 Reputation points
    2024-08-20T15:23:06.2933333+00:00

    Hey Guys,

    Any solution here, we are facing the same problem right now with DC 2012 R2.

    Thanks

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.