LSASS May Use a Large Amount of Memory On a Domain Controller

Last reviewed: March 20, 1998
Article ID: Q174205

The information in this article applies to:

Microsoft Windows NT Server version 4.0

SYMPTOMS

When a large number of trusted users and groups are imported to local groups within a resource domain, memory usage by Lsass.exe may be excessive, possibly causing system performance degradation. Memory usage for a process can be seen using Perfmon.exe.

CAUSE

The problem occurs when the Netlogon service is starting and fails to deallocate memory needed to process the imported accounts.

RESOLUTION

Install the updated version of Samsrv.dll.

STATUS

Microsoft has confirmed this to be a problem in Windows NT version 4.0. A supported fix is now available, but has not been fully regression tested and should be applied only to systems experiencing this specific problem. Unless you are severely impacted by this specific problem, Microsoft recommends that you wait for the next Service Pack that contains this fix. Contact Microsoft Technical Support for more information.

Additional query words: lsass leak
Keywords : ntdomain ntfault ntsecurity NTSrv
Version : WinNT:4.0
Platform : winnt
Hardware : x86

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

Last reviewed: March 20, 1998
© 1998 Microsoft Corporation. All rights reserved. Terms of Use.