question

TBvanPijkeren-9715 avatar image
0 Votes"
TBvanPijkeren-9715 asked TBvanPijkeren-9715 edited

Server 2016 DC - Lsass Crash

Hi in 2022-Jan there were issues after kb5009546.

"After installing this update on domain controllers (DCs), affected versions of Windows Servers might restart unexpectedly after receiving an Lsass.exe error.
Note: On Windows Server 2016 and later, you are more likely to be affected when DCs are using Shadow Principals in Enhanced Security Admin Environment (ESAE) or environments with Privileged Identity Management (PIM).
This issue is resolved in KB5010790."

Never had the specific patch that caused this but i have the 2 following CU updates, and suddenly got a crash this morning:

Description:
Faulting application name: lsass.exe, version: 10.0.14393.4704, time stamp: 0x615be0cd
Faulting module name: ntdll.dll, version: 10.0.14393.5006, time stamp: 0x621ef21b
Exception code: 0xc0000008
Fault offset: 0x00000000000a98fa
Faulting process id: 0x354
Faulting application start time: 0x01d86348abb2ad7e
Faulting application path: C:\Windows\system32\lsass.


Is there any news on this bug being back? or still around?
Installed build: Build number: 1607 14393.5066

windows-serverwindows-server-2016
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

DSPatrick avatar image
0 Votes"
DSPatrick answered DSPatrick commented

Not that I'm aware of. I also have a couple at Build: 1607 14393.5066 Might try standing up a new one as a test.

I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new 2019 or 2022, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.


--please don't forget to upvote and Accept as answer if the reply is helpful--





· 2
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

TBvanPijkeren-9715 avatar image TBvanPijkeren-9715 ·

Sorry not looking for a work-around, can figure out this one too.

0 Votes 0 ·
DSPatrick avatar image DSPatrick TBvanPijkeren-9715 ·

Sounds good.

0 Votes 0 ·