Microsoft’s October 2025 security update cycle introduced a problem for Windows Server 2025 administrators, causing Active Directory (AD) synchronization failures under specific conditions. The issue affects organizations with large AD environments, leading to incomplete data syncs between on-premises servers and cloud services.
A key factor in the failure is when updating AD security groups that have over 10,000 members. This results in incomplete or failed sync cycles, disrupting user access and permissions managed through these large groups.
Microsoft has confirmed the bug and provided a workaround for affected customers. The solution involves manually modifying the Windows Registry to disable the feature change that introduced the bug. Administrators should create a new REG_DWORD value with data set to 0 and restart the Microsoft Entra Connect Sync service or reboot the server for changes to take effect.
The issue is limited to Windows Server 2025 and does not affect client platforms. Microsoft’s engineering teams are actively investigating the problem to develop a permanent fix, which will be delivered in a future Windows update.
Source: https://cyberpress.org/microsoft-october-2025-security-update-triggers-ad-sync-issues