After installing the run of the mill patches today on a Windows Server 2008 (Running as an AD controller and Exchange 2007 Server) the machine came back up with "configuring updates stage 3 of 3 0% complete".
The machine had been kept reasonably up to date so this likely was caused by a very recent patch. At the leaste the following patches were installed:
KB973037
KB969947
KB973565
Restarting the server into safe mode and then subsequently rebooting (with no changes made) allowed the computer to restart and I can now log in normally.
However none of the critical services start; including but not limited to Exchange, DNS and Terminal Services (Obviously if DNS doesn't start other things will break). I am unable to run Internet Explorer but Chrome will work.
There are no meaningful errors in the event logs as to why services won't start.
Under KDC I have
The Key Distribution Center (KDC) cannot find a suitable certificate to use for smart card logons, or the KDC certificate could not be verified. Smart card logon may not function correctly if this problem is not resolved. To correct this problem, either verify the existing KDC certificate using certutil.exe or enroll for a new KDC certificate.
This is going to be an evil one to debug and I'm kinda hoping someone has encountered it and knows the answer off hand.
Thanks all.
Best Answer
This issue has now been resolved with the help of Microsoft tech support. It involved some registry changes on the part of them to svchost. It apparently is a known issue with vista/2k8 and solved in 2k8r2/win7.
More info to come, they promised to let me know more next week.