I have updated all 600 computers from version 3 to the latest version of 4 and started slowly on the servers. 21 file and printer servers have had no problems, so I tried one of our domain controllers.We immediately lost remote desktop to the server and file sharing and printing on the domain controllers were all disabled. I had all the exclusions but had forgotten the %systemroot%/sysvol exclusions. I am afraid to put version 4 back on their to test though. Any thoughts?

You had an exception for the C:\WINDOWS\NTDS\ and C:\WINDOWS\SYSVOL\ directories set up, correct? That is usually where the issues result from when working with domain controllers. There are also other database directories you will want to exclude depending on the other roles you DC might be running such as DNS, WINS, DHCP, or FRS points.

Yep I had all the recommended exclusions, but I had forgotten c:\windows\sysvol

I would try again with that one. Replication on shares like that combined with file locking conflicts would be enough to hose a server. I believe Microsoft has a white-paper on exactly how the exclusions should be set up for the SYSVOL directory along with other DFS shares if that applies to your environment.