We have 8 Domain Controllers country-wide situated at 7 geagraphical locations, all of them have the Global Catalog role enabled. Five of them runs on 2008 R2 64-bit STD and three runs on 2008 R1 32-bit STD.
If they are "left alone" for long periods (+/- a month) the AD-DS Service seems to stop, one can then not login to the Server at all (Remote Desktop or at the Console), it reports an incorrect username/password (possibly because AD-DS is not running and it can't authenticate).
I've also tried to login with the "recovery account" (username: .\Administrator and our recovery password) and this is also denied (I've tried it via RDP, not sure if the recovery acc can be used with RDP or should one use it at the Server etc.)
Bottom-line: both versions of the Domain Controllers does this from time to time (2008 R2 and 2008 R1 DCs) with no specific pattern, the only common dinominator I can find is the fact that it seems to happen to DCs if we "leave them alone" for long periods without rebooting them.
When this happens it influences users logging into AD at that division as well as DHCP (as it runs on our DCs) so we need to then force a reboot by pressind the power button on the DC...
Any idea why this could happen or where one could look to confirm that the AD-DS Service is indeed the culprit and of course if it is a common problem how one resolves it?