SYMPTOMS
A domain controller may restart and may not be able to start again because there is heap damage that forces an access violation in Lsass.exe. Also, you may receive event ID 1173:
Event Type: Warning
Event Source: NTDS General
Event Category: Internal Processing
Event ID: 1173
Date: 11/24/2000
Time: 12:52:45 PM
User: Everyone
Computer: ComputerName
Description:
Internal event: Exception c0000005 has occurred with parameters 757ddeef and 0 (Internal ID 3040442).
RESOLUTION
To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the
Microsoft Knowledge Base:
260910 How to Obtain the Latest Windows 2000 Service Pack
The English-language version of this fix should have the following file attributes or later:
Date Time Version Size File name
------------------------------------------------------
11/22/2000 10:19a 5.0.2195.2777 494,864 Lsasrv.dll
11/06/2000 03:40p 5.0.2195.2657 33,552 Lsass.exe
11/13/2000 08:04p 5.0.2195.2712 906,512 Ntdsa.dll
11/10/2000 06:56p 5.0.2195.2696 381,712 Samsrv.dll
If you use the Windows 2000 High Encryption pack (128 bit), the English-language version of this fix should have the following file attributes or later:
Date Time Version Size File name
------------------------------------------------------
11/13/00 08:04p 5.0.2195.2657 494,352 Lsasrv.dll
11/06/2000 03:40p 5.0.2195.2657 33,552 Lsass.exe
11/13/2000 08:04p 5.0.2195.2712 906,512 Ntdsa.dll
11/10/2000 06:56p 5.0.2195.2696 381,712 Samsrv.dll
NOTE: To view the version of the file, right-click the file in Windows Explorer, click
Properties, and then click the
Version tab.