Microsoft: Domain Controller lookup may fail on Windows Server 2016

Recorded: May 26, 2026, 1:16 p.m.

Original

News

Featured
Latest

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

Laravel Lang packages hijacked to deploy credential-stealing malware

Netherlands seizes 800 servers of hosting firm enabling cyberattacks

Ubiquiti patches three max severity UniFi OS vulnerabilities

Microsoft Defender can now automatically isolate hacked endpoints

Webinar: Too many tools are slowing network incident response

This lifetime PDF editor is just $65 with code SAVE5 through 5/31

CISA orders feds to patch actively exploited Drupal vulnerability

Tutorials

Latest
Popular

How to access the Dark Web using the Tor Browser

How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11

How to use the Windows Registry Editor

How to backup and restore the Windows Registry

How to start Windows in Safe Mode

How to remove a Trojan, Virus, Worm, or other Malware

How to show hidden files in Windows 7

How to see hidden files in Windows

Webinars
Downloads

Latest
Most Downloaded

Qualys BrowserCheck

STOPDecrypter

AuroraDecrypter

FilesLockerDecrypter

AdwCleaner

ComboFix

RKill

Junkware Removal Tool

Deals

Categories

eLearning

IT Certification Courses

Gear + Gadgets

Security

VPNs

Popular

Best VPNs

How to change IP address

Access the dark web safely

Best VPN for YouTube

Forums
More

Virus Removal Guides
Startup Database
Uninstall Database
Glossary
Send us a Tip!
Welcome Guide

HomeNewsMicrosoftMicrosoft: Domain Controller lookup may fail on Windows Server 2016

Microsoft: Domain Controller lookup may fail on Windows Server 2016

By Sergiu Gatlan

May 26, 2026
03:41 AM
0

Microsoft has confirmed a new known issue affecting Windows Server 2016 systems that causes domain controller lookups to fail after installing the KB5087537 May 2026 security update.
Windows Server 2016 reached the end of mainstream support in January 2022, but Microsoft has pushed back the extended support end date by 5 years to allow customers to migrate to newer Windows Server versions.
As the company explained in an updated support document, this affects only devices with hostnames exactly 15 characters long.
"After installing this update, domain controller discovery might fail on Windows Server 2016 systems when the server hostname is 15 characters long," Microsoft said.
"When the hostname is 15 characters long, DCLocator calls (for example, using nltest /dsgetdc:<domain> /pdc) will return ERROR_INVALID_PARAMETER, preventing applications and administrative tools from locating a domain controller."
Microsoft also noted that this known issue may also affect certain administrative scenarios that require access to a domain controller.
"As a result, administrative operations that rely on domain controller lookup might fail, impacting scenarios such as DFS Namespace management," it noted.
The company is now investigating the domain controller lookup issues and has not yet provided a timeline for resolving them.
In recent weeks, Microsoft has also confirmed Windows Update failures after installing the January 2026 optional non-security preview updates in restricted network environments, as well as Windows 11 security update deployment issues due to insufficient free space on the EFI System Partition (ESP).
Last month, it warned admins that some Windows Server 2025 devices may boot into BitLocker recovery and released emergency out-of-band updates to fix issues causing Windows Server systems with domain controller roles to enter a restart loop.
In April, Microsoft also finally addressed a bug that had been plaguing Windows servers since September 2024, causing devices running Windows Server 2019 and Windows Server 2022 to upgrade to Windows Server 2025 "unexpectedly."

The Validation Gap: Automated Pentesting Answers One Question. You Need Six.

Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.This guide covers the 6 surfaces you actually need to validate.
Download Now

Related Articles:
Microsoft releases emergency updates to fix Windows Server issuesMicrosoft: Some Windows servers enter reboot loops after April patchesMicrosoft confirms April Windows updates cause backup failuresMicrosoft: April Windows Server 2025 update may fail to installMicrosoft: April updates trigger BitLocker key prompts on some servers

Domain Controller
Known Issue
Microsoft
Windows
Windows Server

Sergiu Gatlan
Sergiu is a news reporter who has covered the latest cybersecurity and technology developments for over a decade. Email or Twitter DMs for tips.

Previous Article
Next Article

Popular Stories

Laravel Lang packages hijacked to deploy credential-stealing malware

Italy disrupts CINEMAGOAL piracy app that stole streaming auth codes

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

Sponsor Posts

33% Rise in Healthcare Credential Theft in 2025: What you need to know

Protect Your Business from Ecommerce Fraud

Patch management isn't enough. See why privilege is defining security risk today.

Overdue a password health-check? Audit your Active Directory for free

Upcoming Webinar

Main Sections

News
Webinars
VPN Buyer Guides
SysAdmin Software Guides
Downloads
Virus Removal Guides
Tutorials
Startup Database
Uninstall Database
Glossary

Community

Forums
Forum Rules
Chat

Useful Resources

Welcome Guide
Sitemap

Company

About BleepingComputer
Contact Us
Send us a Tip!
Advertising
Write for BleepingComputer
Social & Feeds
Changelog

Username

Password

Remember Me

Not a member yet? Register Now

Reporter

Help us understand the problem. What is going on with this comment?

Spam

Abusive or Harmful

Inappropriate content

Strong language

Other

Read our posting guidelinese to learn what content is prohibited.

Submitting...
SUBMIT

Microsoft has confirmed a known issue affecting Windows Server 2016 systems where domain controller lookups may fail following the installation of the KB5087537 May 2026 security update. This problem is specifically triggered when the server hostname has an exact length of fifteen characters. When this condition is met, calls to domain controller discovery utilities, such as DCLocator using commands like nltest /dsgetdc:<domain> /pdc, will return an ERROR_INVALID_PARAMETER error. Consequently, this failure prevents applications and administrative tools from successfully locating a domain controller. Furthermore, Microsoft noted that this issue can extend to administrative scenarios that depend on domain controller resolution, potentially impacting critical functions such as DFS Namespace management. Microsoft is currently investigating these domain controller lookup issues but has not yet provided a timeline for resolution.

Beyond this specific domain controller concern, the text references other related software and system issues Microsoft has addressed recently. This includes reports of Windows Update failures after installing optional non-security preview updates in restricted network environments, as well as difficulties in deploying Windows 11 security updates resulting from insufficient free space on the EFI System Partition. Additionally, Microsoft has issued emergency out-of-band updates to resolve issues where certain Windows Server systems with domain controller roles enter a restart loop while attempting to boot into BitLocker recovery. A previous bug that had persisted in Windows servers running Windows Server 2019 and Windows Server 2022, causing unexpected upgrades to Windows Server 2025, was also finally addressed in April.