All servers I am writing about below are running Windows 2003 R2. We have a 2003 native domain with two sites (connected by VPN) and two DCs (one DC in each site).
It started a few hours ago - my database server stopped responding gradually, and I already couldn't log in by RDP at the time I discovered this. Event Viewer and Computer Management consoles didn't connect to it, producing popups with RPC 1721 & 1723 errors.
All the database-related services stopped working, and Database Mail errors weren't mailed out.
However, I could access file shares on this server and ping worked.
Then, other RDP users started complaining about the new problem: as they logged in, after the 'loading personal settings' message, the desktop just showed up blank - no icons, no Start menu and buttons.
All the existing connections worked - however, if you logged out, you also got blank screen after logging back in.
As I experimented, I found out that it only applied to domain logins - however, there was no difference between trying to login as a regular user or an administrator. You also got blank screen when trying to login with domain administrator on physical console! (well, I only tried it on an VMware virtual machine, since physical servers are very far away)
I also couldn't log out or reset my own stuck sessions using Terminal Services Management console (a message popped up, saying that I couldn't reset this session because of the error with the connected device).
However, local administrator login worked both on the console and in RDP session.
By that time I got tired of trying to access Computer Management or trying to reboot the DB server with shutdown.exe, and asked the datacenter tech support to reboot the server.
As soon as Windows loaded, I could log in not only to the DB server, but to all other servers without any problems. Other users' problems disappeared as well.
A fortunate outcome... But still, I don't know what happened, at all!
All servers have NOD32 antivirus running, though active protection is disabled on DB server and only regular scans are employed (as for now, no viruses were found).
The network as it is was running for over 6 months, and individual servers are in use for over 2 years, without major problems.
AD works fine, all related diagnostics pass without warning.
Any thoughts?
