GoKawiilMicrosoft has confirmed a new known issue affecting Windows Server 2016 systems that causes domain controller lookups to fail after installing the KB5087537 May 2026 security update.
Windows Server 2016 reached the end of mainstream support in January 2022, but Microsoft has pushed back the extended support end date by 5 years to allow customers to migrate to newer Windows Server versions.
As the company explained in an updated support document, this affects only devices with hostnames exactly 15 characters long.
"After installing this update, domain controller discovery might fail on Windows Server 2016 systems when the server hostname is 15 characters long," Microsoft said.
"When the hostname is 15 characters long, DCLocator calls (for example, using nltest /dsgetdc:<domain> /pdc) will return ERROR_INVALID_PARAMETER, preventing applications and administrative tools from locating a domain controller."
Microsoft also noted that this known issue may also affect certain administrative scenarios that require access to a domain controller.
"As a result, administrative operations that rely on domain controller lookup might fail, impacting scenarios such as DFS Namespace management," it noted.
The company is now investigating the domain controller lookup issues and has not yet provided a timeline for resolving them.
In recent weeks, Microsoft has also confirmed Windows Update failures after installing the January 2026 optional non-security preview updates in restricted network environments, as well as Windows 11 security update deployment issues due to insufficient free space on the EFI System Partition (ESP).
Last month, it warned admins that some Windows Server 2025 devices may boot into BitLocker recovery and released emergency out-of-band updates to fix issues causing Windows Server systems with domain controller roles to enter a restart loop.
... continue reading