Forum Discussion
WS2025 Preview (26100.1) fails to boot after joining WS2016 forest
I installed WS2025 Preview (Datacenter, 26100.1) in a virtual machine and after joining the domain, the box is rendered unbootable (boot loops). I can reinstall and do other tasks as a standalone server with no problem but joining the domain immediately bricks the VM, 100% of the time.
The forest is running at functional level WS2016. I disabled all GPs and verified with gpresult they are not applied.
Safe mode boots if you need me to poke around. Am working to get a kernel debugger attached.
No memory dump is generated and disabling reboot on errors yields nothing.
11 Replies
Hello,
Same problem with forest in 2012.
We found that the problem does not occur with AMD-based instances, only with Intel EC2 instances.
An Intel instance such as m5.xlarge can join the domain but after a manual reboot, the instance blocks at boot without visible log and AWS displays a status of 2/3 valid checks.
If we transform the instance into m5a.xlarge the instance can boot and operate in the domain again.
We have not really found an explanation for this behavior, as if joining a domain with Intel CPU blocked the instance from booting when no GPO is applied.
With WS 2022, we have no problem, only 2025 with Intel CPU...Confirmed the instance type change works! Went from t3 to t3a, success. Wow. Great catch!
We've the same Error. Setup the actual "Microsoft Windows Server 2025 Base" AMI (ami-01f52dc9cb63c603a) in EC2 and the Server works and reboots fine as long as we keep it as a standalone Server. As soon as we join the Domain the Server is stuck in the mentioned reboot loop. Out Domain is currently 2016 functional level.
Opened a ticket @ AWS Support, they mentioned the EC2Rescue Tool and I've analyzed a failing instance but there are no Eventlog Entries from the failed boots so it seems to occur before the eventlog Service starts (the reboot happened very fast tough).
As this Thread is from June 2024 I don't think there will be a solution soon....
ReachdpI'll try your settings with a Test server. Do you have a longer Time experience, that the Server runs stable? We are in the project to upgrade productive Servers....
By default 2025 boots UEFI boot mode an alternate is to use BIOS-Windows_Server-2025-English-Full-Base AMI to avoid this boot loop issue.
Some how credentials Gaurd is getting enabled but here is the work around to add below registries.
open elevated cmd or powershell prompt run reg add HKLM\System\CurrentControlSet\Control\Lsa /v LsaCfgFlags /d 0 /t REG_DWORD run reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard /v LsaCfgFlags /d 0 /t REG_DWORD
Ensure the cmd operation completes successfully for both commands then proceed with joining domain. Give thump up if it worksWorked great! Big thanks!
I've just upgraded forest and domain functional level to 2025 and provisioned anew EC2 instance, joined to the AD domain and same issue, get stuck in the AWS Logo
same issue here, I've actually built a new 2025 EC2 instance, created a new forest (with domain and forest functional level in 2016), rebooted a couple of times and is working, i've created another EC2 instance with 2025, joined to the built-from-scratch AD domain, rebooted twice and it get's stuck in the AWS logo.
Not sure what is the component failing here.
With the final version (26100.1742) available, I would try installing that updated version, and then join to the domain and see if you get better results. If you have access to Visual Studio downloads or the Volume License portal on M365 admin center, you can get an updated ISO at the October (RTM) patch level.
Seeing the similar issue in AWS Ec2 instance for windows server 2025, and it goes to boot loop and shows AWS logo
While attempting to fix bcedit it had thrown the error- the boot configuration data store could not be opened. access is deniedWithinRafael Which hypervisor is your VM running on?
