Okay, I'm really stumped here.
Only one domain controller, I didn't build the network... We ran updates on many of the member servers and noticed that many had service failures upon reboot. When we checked errors they were logon failures. We checked the accounts and passwords and everything was as it should be. We reset passwords and even created new accounts and received the same results. I was able to logon to any server with new and existing accounts, so this doesn't make any sense.
The event logs on the domain controller are squeaky clean. Dcdiag and netdiag all pass with no errors. DNS looks good... Anybody have any suggestions?