Agents not communication after promoting a Server 2025 server to a domain controller

Anonymous
2024-12-11T14:53:30+00:00

I'm playing around with Server 2025 and when I promote it to a Domain Controller I've discovered 3 programs quit communicating.

  • Threatdown/Malwarebytes Agent is unable to report to the cloud
  • NinjaRMM agent is unable to report to the cloud
  • Xen Guest Tools are unable to report to a local xcp-ng/XOA host the memory usage

If I demote the server everything starts working as it should. I've tried temporarily disabling the built-in firewall, but that didn't help. I also rebuilt the server from the ground up and that didn't help.

I recently built a 2022 Domain Controller and haven't ran into any of these issues so I don't think it's an issue with my environment.

Update: I reached out to XOA and they had ran into this issue before. Setting the related services to Automatic (Delayed Start) "fixes" it. At least for Xen Guest Tools and Ninja. I need to reach out to Malwarebytes about setting their service as a delayed start.

Windows for business | Windows Server | Directory services | Active Directory

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments No comments
{count} votes

8 answers

Sort by: Most helpful
  1. Anonymous
    2024-12-12T01:59:16+00:00

    Hello,

    Thank you for posting in the Microsoft Community Forums.

    It sounds like you're encountering some compatibility or resource contention issues when promoting your Server 2025 to a Domain Controller. Since setting services to "Automatic (Delayed Start)" has helped with Xen Guest Tools and NinjaRMM, it's possible that these services are vying for resources or network connectivity prematurely, before certain domain-related services are fully operational.

    Here are a few suggestions that might help:

    1. Service Dependencies: Ensure that the services for Threatdown/Malwarebytes, NinjaRMM, and Xen Guest Tools have the appropriate dependencies set. This can ensure they start only after the essential domain services are up and running.
    2. Network Configuration:
      • Check the network configuration and DNS settings. Ensure the server can resolve DNS queries correctly and that there are no conflicts.
      • Make sure the Domain Controller's IP address is properly set and that there are no duplicate IP addresses in the network.
    3. Firewall and Security Policies:
      • Even though you mentioned the built-in firewall was temporarily disabled, ensure that there are no Group Policy settings being applied that might affect these services when the server becomes a Domain Controller.
      • Check any security software that might be running and see if there are any strict policies being enforced upon promotion.
    4. Event Logs:Investigate the Event Viewer for any warnings or errors related to these services. There might be additional clues as to why they are unable to communicate.
    5. Service Restart Sequence:Ensure that services that depend on network connectivity or domain services are set to start after those services are guaranteed to be online. This is where "Automatic (Delayed Start)" can be helpful, but you might also consider manually specifying the service start order if needed.

    I hope the information above is helpful.

    Best regards

    Yanhong Liu

    0 comments No comments
  2. Anonymous
    2025-01-16T15:28:51+00:00

    Google brought me here. I have similar problems.

    Once 2025 is a DC, no MSI installations work, can't install windows updates nor remove any. Can't uninstall anything either. Msiexec just hangs and does nothing.

    0 comments No comments
  3. Anonymous
    2025-01-16T16:58:39+00:00

    Google brought me here. I have similar problems.

    Once 2025 is a DC, no MSI installations work, can't install windows updates nor remove any. Can't uninstall anything either. Msiexec just hangs and does nothing.

    I seem to have narrowed this down to Atera!

    1 person found this answer helpful.
    0 comments No comments
  4. Anonymous
    2025-01-31T16:14:20+00:00

    Hello TunaNoCrust,

    We have been seeing the same issues on our first Server 2025 we deployed. As soon as the server was promoted to DC, nothing installed any more and lots of various errors and issues.

    We also have Atera running. Did you contact Atera helpdesk about this?

    Rgds,
    Kristof

    0 comments No comments
  5. Anonymous
    2025-01-31T16:33:16+00:00

    Hi Kristof,

    Yes, Atera are aware if it.

    Its not atera per say, but actually splashtop (which is installed as part of atera).

    We have been given he following 'workaround' for the time being:

    REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\ATERA Networks\AlphaAgent" /v DisableRemote /d True /t REG_SZ /f sc stop AteraAgent && sc start AteraAgent

    This stops Splashtop trying to install.

    Obviously you then can't access the server via splashtop. Anydesk works.

    In our case, its a VM anyway so we can access it from Hyper Visor.

    I believe a fix is being worked on.

    1 person found this answer helpful.
    0 comments No comments