We currently have a single domain with 2 domain controllers. One DC is running Server 2012R2 and the other is running Server 2016. I am in the process of upgrading all of our servers to Server 2019. The DCs are some of the last servers to be done. I built up a new server in VMware and loaded Server 2019 Datacenter. I have it on the network and fully patched. I joined it to the domain. I went to Server Manager -> Add Roles and Features -> and selected Active Directory Domain Services and clicked next. The Roles and Feature installer added DNS and proceeded to install everything and rebooted. After reboot, Server Manager said I need to Promote to a Domain Controller so I clicked the button and went through the steps and entered a DSRM password. Server rebooted when everything was complete.
When I go to the virtual machine console, I cannot log into the server. It says "Incorrect password". I know the password is correct because I can log onto other servers using the same credentials. If I try to use any domain account, I get the same message. If I try to use RDP to log in, I get the same message. I can connect to the server using Server Manager or Powershell and manage it that way so I know authentication is working. I have built two different servers and had the same issue both times. Using Server Manager I removed the Active Directory Domain Services role and after the server rebooted, I was able to log in again. I added the role again and had the same result.
I am at a loss on this. Searching the Internet hasn't produced any useful answers.