Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Lsass.exe crashes and system shuts down automatically on a Windows Server 2012 R2-based server

Lsass.exe crashes and system shuts down automatically on a Windows Server 2012 R2-based server

View products that this article applies to.

Symptoms

Windows Server 2012 R2-based server restarts unexpectedly, and you may find the following events in Event Viewer:
Event ID 1015:
A critical system process, C:\Windows\system32\lsass.exe, failed with status code c0000005. The machine must now be restarted

Event ID 1000:
Faulting application name: lsass.exe, version: 6.3.9600.17415, time stamp: 0x545042fe
Faulting module name: kerberos.DLL, version: 6.3.9600.17423, time stamp: 0x545ff681
Exception code: 0xc0000005
Fault offset: 0x00000000000910b7
Faulting process id: 0x448
Faulting application start time: 0x01d029e23a389f2e
Faulting application path: C:\Windows\system32\lsass.exe
Faulting module path: C:\Windows\system32\kerberos.DLL
Report Id: 168aa2f9-95d6-11e4-80ec-a0369f05235a
Faulting package full name:
Faulting package-relative application ID:

Event ID 5000:
The security package Kerberos generated an exception. The exception information is the data.


This issue occurs if you only select the AES256_HMAC_SHA1 or AES128_HMAC_SHA1 check box in the Network security: Configure encryption types allowed for Kerberos Group Policy setting.


Note The Group Policy setting is located under Computer Configuration\Windows settings\Security Settings\Local Policies \Security Options.

↑ Back to the top

Resolution

To resolve this issue, install hotfix 2998097. For more information about hotfix 2998097, see the "Specified account does not exist" error message when domain users try to change their password in UPN format in a different domain.

Note Hotfix 2998097 fixes a different issue but also contains the fix for this issue.

↑ Back to the top

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

↑ Back to the top

References

See the terminology that Microsoft uses to describe software updates.

↑ Back to the top

Keywords: kbfix, atdownload, kbsurveynew, kbexpertiseadvanced, kb

↑ Back to the top

Article Info
Article ID : 3038261
Revision : 1
Created on : 1/7/2017
Published on : 4/21/2015
Exists online : False
Views : 423