I don’t see this info anywhere so just putting it out there. Installing Tailscale directly on DCs is not a good idea. Doing so creates an additional NIC on the machine. Any form of having more than one NIC on a DC (“multihoming”) causes several known issues: extremely slow logins, replication issues, group policy problems, etc. This is not something that can be fixed by Tailscale; it is just not a configuration recommended or supported by Microsoft.