This has been one doozy of a network problem, and I'm not sure I can even give you guys enough useful info for you to be able to throw ideas at me, but I'm gonna take a whack at it anyway...my boss and I are both stumped on this one so far, and I have a bad feeling this is some deeply rooted Active Directory problem, as Tiger has been warning me would inevitably come sooner or later given my past AD catastrophies....That said...

Yesterday, the DC just stopped working right. This is with NO changes made to it. It was just running, untouched, doing its thing, and just up and stopped. It kicked all clients off the Internet and stopped allowing clients to connect to it remotely via terminal services. Also, it's been preventing network connections to our internal database.

Now how this happened without any configuration settings ever being changed is beyond me. The last time I had problems, it was an issue with the two DCs talking to each other, so I removed the other DC and gave all roles to this one. For the past couple of months it has worked fine as the sole DC on the network, and it's been smooth sailing.

Error logs showed some KCC and RSVP errors for a while, and after trying some fixes those have disappeared. Now the event logs look clean. It looked like it was still trying to replicate to another DC out there that no longer existed, and what's really weird is that at some point it was actually trying to replicate to itself! So I went through AD and further cleaned out references to the now gone other DC and the one mysterious reference to itself.

Checked the network card and drivers, all is in order and passes all diagnostics.

To look the DC over, you'd give it a clean bill of health. Everything looks clean and in good order.

Nonetheless, no client machine can connect to the Internet (and it is a DNS issue surely -- the router looks to be working just fine), the DC keeps kicking off client connections to itself via terminal services, and the connection to the database keeps breaking, seemingly at random times.

For now we're trying to promote one of the other servers as a DC and DNS server as a temporary fix until we figure this out, and I'm about to try a Windows repair on it. Other than though, any ideas at all?