Share via

Windows Server 2025 DC User Logon Problems

Admin Jeff 0 Reputation points
2026-03-02T04:29:00.26+00:00

I have run into a problem with a Windows Server 2025 Std Edition Server and I am hoping someone can help resolve the issue, thanks for your help in advance.

We have a 2025 Std Server running as a member file server (physical Dell server) and it was running as a file server for the past several months - no problems what so ever.

Last weekend we upgraded the Active Directory of the network from 2012 R2 to 2016 and then promoted the 2025 server as a DC. All went well until a few hours later when trying to connect to the new 2025 server, either thru RDP or on the console, we only see a black screen with the mouse pointer (no explorer, desktop, nothing).

We have physically killed the power on it and remotely restarted it but still no logon screen when it starts up - just black background with mouse pointer. During the boot process we do see the normal windows logo appear and then the spinning circle but it never gets any further than the spinning circle, which ultimately goes away as well to simply a black empty screen.

The server seems to be running fine - Active Directory syncs, DNS, file replication, file shares, etc all are working. I can do "some" remote management like accessing the Services, AD, DNS, remote Registry from another server but most remote management access like Event Viewer is not able to connect. I was also not able to add this server to another Server 2025 server manager.

Has anyone else experienced this and if so, have a fix? Figured I would check the community before opening a Microsoft case.

Thanks!

Jeff

Windows for business | Windows Server | Directory services | User logon and profiles
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Harry Phan 15,915 Reputation points Independent Advisor
    2026-03-02T06:21:08.9966667+00:00

    Hi Jeff, what you’re describing is a known post‑promotion issue where the server services continue to run but the interactive logon shell fails to load. On Windows Server 2022/2025 this is most often tied to the “black screen with cursor” condition caused by either a corrupted profile initialization, a stuck explorer.exe launch, or a GPU/display driver conflict after the role change. Since AD, DNS, and replication are functioning, the OS kernel and services are fine; the problem is isolated to the Winlogon/UI stack.

    The first thing to try is booting into Safe Mode with Networking and checking whether the desktop loads. If it does, disable or update the display adapter driver and confirm that explorer.exe is set correctly under HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell. Also check that the Userinit value points to C:\Windows\system32\userinit.exe,. If Safe Mode shows the same black screen, you’ll need to enable RDP with administrative credentials and run sfc /scannow and DISM /Online /Cleanup-Image /RestoreHealth to repair system files.

    If none of these steps restore the shell, the issue is likely tied to the promotion process itself. In that case, you should open a case with Microsoft Support, as there are documented instances where post‑promotion registry corruption or lingering GPO settings prevent the interactive shell from loading on Server 2025 DCs. Until resolved, the server will continue to function as a DC, but interactive logon will remain broken.

    If it's helpful to you, please give it a thump up or Accept the answer, appreciate it :)

    Harry.

    0 comments
  2. Q&A Assist
    2026-03-02T04:29:16.64+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    Windows Server 2025 domain controllers can show symptoms where core DC services work (AD, DNS, replication, file shares) but interactive logon and some remote management tools fail or hang. One known, recently fixed issue affects Windows Server 2025 DCs after restart: the wrong firewall profile is applied, which can break or partially block RDP and management connectivity.

    On Windows Server 2025 domain controllers, after a restart the server can incorrectly use the standard firewall profile instead of the domain firewall profile. This can cause:

    • Remote Desktop to connect but hang or appear unusable
    • Remote management tools (like Event Viewer or Server Manager) to fail to connect
    • Services on the DC to be reachable in unexpected ways, or blocked when they should be allowed

    In this state, AD DS and DNS can still function, so the DC appears healthy from a directory perspective, but interactive logon and management are impaired.

    To restore expected behavior on an affected DC:

    1. Restart the network adapter on the Windows Server 2025 DC. For example, from an elevated PowerShell session on that server (locally or via remote PowerShell): 
         Restart-NetAdapter *
      This forces the correct domain firewall profile to be applied and typically restores normal connectivity and management behavior.
    2. Because the issue reoccurs every time the DC is restarted on affected builds, configure an automated workaround until the permanent fix is installed. For example, create a scheduled task that runs at startup to execute Restart-NetAdapter * so the adapter is restarted automatically after each reboot.
    3. Install the June 2025 Windows security update or later on the Windows Server 2025 DC. The issue is fully resolved in:
      • KB5060842 (OS Build 26100.4349) and later updates.
      After installing KB5060842 or a newer cumulative update and rebooting, the DC will correctly apply the domain firewall profile on startup and the workaround (adapter restart) is no longer required.

    Summary of recommended actions for the described symptoms:

    • On the affected Windows Server 2025 DC, restart the NIC (Restart-NetAdapter *) to immediately restore proper behavior.
    • Implement a startup scheduled task to restart the NIC after each reboot if running a pre‑KB5060842 build.
    • Patch the server to at least the June 2025 security update (KB5060842) so the problem is permanently fixed.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.