LSASS.EXE Crashes Domain Controller

From: Rick (na_at_na.com)
Date: 02/19/04 

Date: Thu, 19 Feb 2004 08:40:45 -0500

Yet another issue (you have to love cleaning up someone else's mess) on the
network here. Have a windows 2003 domain controller with all current
patches. Hardware is as follows
Dell 4400 dual GHZ P3 Xeon
4 Intel cards teamed
3.5 GB memory
18GB boot mirrored pair
150 GB data Raid 5 array
 on a Cisco Catalyst 3500 XL switch.

I modified the boot.ini to include the /3GB /Usera=3030 switch per a
Microsoft KB article about AD cache in large environments. However this did
not even slow down the LSASS crashing which I thought it would do that. I
watch the memory usage and it grows steady to about 50 to 60 megs which
should not be an issue. I have not been able to catch it much above 60 megs
as it crashes close to this point. However when LSASS closes it is closing
with memory exceptions (could it be bad memory?). Or is it possible for the
AD database to get corrupted and the DC still boot.

I am seriously considering demoting this server back to a member server,
removing it from the domain and reformatting. The issue though is the
permissions for all the files on the raid data drive. I want to be sure that
those permissions are retained so that they will not have to be recreated.
If I remember correctly these permissions should be part of NTFS on that
drive so there should be no issue with formatting the system volume. If I
understand correctly I will have to recreate the shares and share
permissions after reformat because this is stored on the system volume? I am
also planning on doing a backup of the data files prior to the reformat
(always better to be safe the sorry).

Any comments or suggestions are greatly appreciated as always.

Rick

Relevant Pages

  • RE: Active Directory user enumeration
    ... Domain Controller installation. ... "Permissions compatible with pre-Windows 2000 servers" ... or "Permissions compatible only with WIndows 2000 servers."/ ... allow anonymous LDAP operations other than reading the RootDSE ...
    (Pen-Test)
  • Re: How to use a Group Distribution list inorder to send and received messages
    ... In the Permissions list, locate Send As, and then click to select the ... permission of the user account that is a member of one of administrative ... groups will be reset to match the ACL of the AdminSDHolder thread. ... Directory domain controller that holds the primary domain controller ...
    (microsoft.public.exchange.admin)
  • Re: How to use a Group Distribution list inorder to send and received messages
    ... In the Permissions list, locate Send As, and then click to select the ... permission of the user account that is a member of one of administrative ... groups will be reset to match the ACL of the AdminSDHolder thread. ... Directory domain controller that holds the primary domain controller ...
    (microsoft.public.exchange.admin)
  • Re: AD and WinXP
    ... the "Everyone" group permissions to specific objects in the tree. ... on a user object, so passwords cannot be changed over the null session ... Once you have verified propogation of the ACE, a default Domain Controller ... restricting Anonymous Access in Windows 2000. ...
    (microsoft.public.win2000.security)
  • Re: Domain controller Stop functioning
    ... What have you done to troubleshoot the memory ... > Event Type: Warning ... > Event Source: NTDS General ... Stop and restart this Windows Domain Controller and try again. ...
    (microsoft.public.windows.server.active_directory)
Loading