Re: LSASS.exe process near 100% usage
From: David Everett [MSFT] (deverett_at_online.microsoft.com)
Date: 03/19/04
- Next message: Jimmy Andersson [MVP]: "Re: Active Directory and Win98 and NT 4.0 clients"
- Previous message: Paul Felts: "Re: domain controller to a PDC"
- In reply to: JA: "Re: LSASS.exe process near 100% usage"
- Next in thread: JA: "Re: LSASS.exe process near 100% usage"
- Reply: JA: "Re: LSASS.exe process near 100% usage"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 19 Mar 2004 12:07:13 -0600
The two DCs that have the problem, are they Global Catalog servers, and the
one that is trouble free is it not?
Try pulling the network cable from the back of the server when the spike
occurs and let me know if the spike remains or goes away when the cable is
removed.
Do the DCs ever reboot on their own?
Are the DCs getting any Errors or Warnings in the Directory Services event
log? If so, let me know the Event ID and Description information.
The DC that was not gracefully demoted, was it a FSMO Role holder? To find
out you can run "netdom query fsmo" on the good DC and verify that it show
all 5 FSMO roles on DCs that are still in the domain. If the DCs still
think that server holds a FSMO Role you will have to Seize the role to a
good DC if that server has gone away for good. Also, if the DC that was
removed from the domain was not gracefully demoted you should still see it
in the Domain Controllers OU. If it is still there then you should clean it
out of metadata by following the steps outlined in 216498.
216498 HOW TO: Remove Data in Active Directory After an Unsuccessful Domain
http://support.microsoft.com/?id=216498
You can disable License Logging Service on all DCs. This service is being
disabled by default in Windows Server 2003 and will be removed from the OS
following that.
824196 Description of the License Logging Service in Windows Server
Operating
http://support.microsoft.com/?id=824196
-- David Everett Microsoft Corporation This posting is provided "AS IS" with no warranties, and confers no rights. "JA" <none@nospam.com> wrote in message news:O1dPPqWDEHA.3852@TK2MSFTNGP10.phx.gbl... > i have windows 2000 service pack 4 installed. > > two out of three DC's have this problem where the lsass.exe process would > go to near 100% usage. > > the client machines are either xp pro or windows 2000 pro. > > no sims or sms installed. > > i seem to be getting a lot of the following event log errors: > event id: 1000 > source: userenv > desc: windows cannot determine the user or computer name. return value (14) > > and > event id: 213 > source: licenseservice > desc: replication of license information failed because the license logging > service on server servername.company.com could not be contacted > > that server has been taken out of the domain and cannot be put back > into the domain. i guess it probably wasn't gracefully demoted? how would > one correct that and i'm not sure if that could be the cause of the > lsass.exe > to spike up like that. > > > "David Everett [MSFT]" <deverett@online.microsoft.com> wrote in message > news:eJ2hOmRDEHA.2076@TK2MSFTNGP09.phx.gbl... > > What Service Pack is installed on the DCs? > > > > Are you getting any errors in the Directory Services event logs of the > DCs? > > If so, what is the Event ID, Source and Description of these events? > > > > If this DC is the only one that has the problem and others do not, try > > Transferring the PDC role to a different DC and see if the CPU spike moves > > with the role. > > > > What OS do the client machines have installed? > > > > Is SIMS or another third-party solution that works like SMS in the > > environment? > > > > Follow the steps outlined in 251343 on the problem DC and see if the "DS > > Security Propagation Events" counter returns to baseline in perfmon or if > it > > stays spiked. If the process stays spiked you may need to examine > > membership of Protected Groups. > > > > 251343 Manually Initializing the SD Propagator Thread to Evaluate > Inherited > > http://support.microsoft.com/?id=251343 > > > > 811172 Lsass.exe Spikes at 100 Percent CPU Usage and Then Shows a Typical > > Load > > http://support.microsoft.com/?id=811172 > > -- > > David Everett > > Microsoft Corporation > > > > This posting is provided "AS IS" with no warranties, and confers no > rights. > > > > "JA" <none@nospam.com> wrote in message > > news:O6JYajIDEHA.3692@tk2msftngp13.phx.gbl... > > > i have a windows 2000 advanced server. it is a domain controller, as > well > > as > > > a > > > fsmo roles holder and a dns server. i have 2 other domain controllers > and > > a > > > secondary dns server. > > > > > > at least once a week, this server's cpu usage (in task manager) goes > near > > > 100% > > > and the culprit thats taking up so much cpu usage is LSASS.exe. why is > > that? > > > when i reboot, its okay again. > > > > > > i believe that process handles logons? not really sure. can anyone tell > me > > > why > > > this process goes 100% on occassions and i need to reboot? thanks. > > > > > > > > > > > >
- Next message: Jimmy Andersson [MVP]: "Re: Active Directory and Win98 and NT 4.0 clients"
- Previous message: Paul Felts: "Re: domain controller to a PDC"
- In reply to: JA: "Re: LSASS.exe process near 100% usage"
- Next in thread: JA: "Re: LSASS.exe process near 100% usage"
- Reply: JA: "Re: LSASS.exe process near 100% usage"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
