Windows Server 2008 Services won't start after patch

windows windows-server-2008 patch-management

After installing the run of the mill patches today on a Windows Server 2008 (Running as an AD controller and Exchange 2007 Server) the machine came back up with "configuring updates stage 3 of 3 0% complete".

The machine had been kept reasonably up to date so this likely was caused by a very recent patch. At the leaste the following patches were installed:

KB973037
KB969947
KB973565

Restarting the server into safe mode and then subsequently rebooting (with no changes made) allowed the computer to restart and I can now log in normally.

However none of the critical services start; including but not limited to Exchange, DNS and Terminal Services (Obviously if DNS doesn't start other things will break). I am unable to run Internet Explorer but Chrome will work.

There are no meaningful errors in the event logs as to why services won't start.

Under KDC I have

The Key Distribution Center (KDC) cannot find a suitable certificate to use for smart     card logons, or the KDC certificate could not be verified. Smart card logon may not function correctly if this problem is not resolved. To correct this problem, either verify the existing KDC certificate using certutil.exe or enroll for a new KDC certificate.

This is going to be an evil one to debug and I'm kinda hoping someone has encountered it and knows the answer off hand.

Thanks all.


This issue has now been resolved with the help of Microsoft tech support. It involved some registry changes on the part of them to svchost. It apparently is a known issue with vista/2k8 and solved in 2k8r2/win7.

More info to come, they promised to let me know more next week.


I had the same issue and just got off the phone with Microsoft - The svchost.reg file didn't fix my issue. However, this fixed my issue maybe it'll fix yours.

Set Cryptsvc as DependOnService on HTTP driver.

HKLM\CurrentControlSet\Serivces\HTTP and create following value.

Name: DependOnService Value: reg_multi_sz (this is a multi string)

Click DependOnService Set CryptSvc on the value.

Reboot the server

Related

Detach X11 app and reattach on another?
What is the difference between `su` and `su -` in CentOS?
Memory is free, but still swapping?
Testing for a script that is waiting on stdin
Open source alternatives to twitter [closed]
Using `find` to delete
Weird symbols always appearing in command line (putty / zsh)
How do I find a word recursively in all files and all directories
Is it safe to add additional 127.0.0.1 entries to /etc/hosts?
Which common characters are illegal in Unix and Windows filesystems?
What to put on a MacOS X SSD?
How to 'source' a shell script using bash from zsh?