G
Guest
Greetings!
I've searched the newsgroups & forums and found many flavors of similar
problems, but not this particular flavor.
Win2K Server, SP4, running Exchange 5.5 SP4
The unique part of this crash is the 7855f218 address. I found articles with
other crashes, but none of the addresses matched this one.
This system has been stable for years; just started getting these errors
earlier this week, and it is getting more frequent (1 Saturday, 2 yesterday,
1 today). Always the same address, unknown what is stimulating the problem.
Once this crashes, we end up having to reboot the server.
After digging, the only item I found that might relate to this issue is
MS04-11 (835732) (both LSASS.EXE and LSASRV.DLL were updated), but there is
nothing specific about the crash's address that says this is the problem and
it gets fixed.
Outside world can touch IIS, FTP, and PPTP on this server which is NATted by
the firewall. Internally, clients are all Win2K or WinXP. There is a new
Server2003 box on their network but it isn't interfacing with anything yet.
If anyone has seen this and knows what could be happening, I'd appreciate
whatever you might know.
Sample snip from the error log is below:
Event Type: Error
Event Source: LsaSrv
Event Category: Devices
Event ID: 5000
Date: 6/3/2005
Time: 7:38:06 AM
User: N/A
Computer: SERVER-E
Description:
The security package Negotiate generated an exception. The package is now
disabled. The exception information is the data.
Data:
0000: 05 00 00 c0 00 00 00 00 .......
0008: 00 00 00 00 18 f2 55 78 .....Ux
0010: 02 00 00 00 00 00 00 00 ........
0018: 0c 00 00 00 3f 00 01 00 ....?...
0020: 00 00 00 00 00 00 00 00 ........
0028: 00 00 00 00 00 00 00 00 ........
0030: 00 00 00 00 00 00 00 00 ........
0038: 7f 02 ff ff 00 00 ff ff ...
0040: ff ff ff ff 00 00 00 00 ....
0048: 00 00 00 00 00 00 00 00 ........
Version info currently running:
LSASRV.DLL: 6/19/03 1:05 pm 518,928 bytes ver: 5.0.2195.6695
LSASS.EXE: Same (33,552 bytes) ver: 5.0.2195.6695
Thanks!!
I've searched the newsgroups & forums and found many flavors of similar
problems, but not this particular flavor.
Win2K Server, SP4, running Exchange 5.5 SP4
The unique part of this crash is the 7855f218 address. I found articles with
other crashes, but none of the addresses matched this one.
This system has been stable for years; just started getting these errors
earlier this week, and it is getting more frequent (1 Saturday, 2 yesterday,
1 today). Always the same address, unknown what is stimulating the problem.
Once this crashes, we end up having to reboot the server.
After digging, the only item I found that might relate to this issue is
MS04-11 (835732) (both LSASS.EXE and LSASRV.DLL were updated), but there is
nothing specific about the crash's address that says this is the problem and
it gets fixed.
Outside world can touch IIS, FTP, and PPTP on this server which is NATted by
the firewall. Internally, clients are all Win2K or WinXP. There is a new
Server2003 box on their network but it isn't interfacing with anything yet.
If anyone has seen this and knows what could be happening, I'd appreciate
whatever you might know.
Sample snip from the error log is below:
Event Type: Error
Event Source: LsaSrv
Event Category: Devices
Event ID: 5000
Date: 6/3/2005
Time: 7:38:06 AM
User: N/A
Computer: SERVER-E
Description:
The security package Negotiate generated an exception. The package is now
disabled. The exception information is the data.
Data:
0000: 05 00 00 c0 00 00 00 00 .......
0008: 00 00 00 00 18 f2 55 78 .....Ux
0010: 02 00 00 00 00 00 00 00 ........
0018: 0c 00 00 00 3f 00 01 00 ....?...
0020: 00 00 00 00 00 00 00 00 ........
0028: 00 00 00 00 00 00 00 00 ........
0030: 00 00 00 00 00 00 00 00 ........
0038: 7f 02 ff ff 00 00 ff ff ...
0040: ff ff ff ff 00 00 00 00 ....
0048: 00 00 00 00 00 00 00 00 ........
Version info currently running:
LSASRV.DLL: 6/19/03 1:05 pm 518,928 bytes ver: 5.0.2195.6695
LSASS.EXE: Same (33,552 bytes) ver: 5.0.2195.6695
Thanks!!