Lsass.exe using 100% CPU after setting up LDAP

Article:TECH82839  |  Created: 2004-01-02  |  Updated: 2005-01-12  |  Article URL http://www.symantec.com/docs/TECH82839
Article Type
Technical Solution

Product(s)

Languages

Problem



You configured Active Directory (AD) as the Lightweight Directory Access Protocol (LDAP) server type. Users see the Lsass.exe process using 100% CPU on the Domain Controller designated in the LDAP configuration of the Brightmail Control Center. This causes a large number of queries against AD using un-indexed attribute.



Solution



There are two possible solutions to Lsass.exe using 100% CPU:
  • In the query filter replace both instances of ObjectClass with ObjectCategory. ObjectCategory is indexed.
  • Modify the Active Directory Schema to index ObjectClass.





Technical Information
For steps on indexing an attribute in Active Directory, read Getting Started with Windows 2000 Advanced server.





Legacy ID



2004120210265363


Article URL http://www.symantec.com/docs/TECH82839


Terms of use for this information are found in Legal Notices

Please Sign In

Login using SymAccount.

Knowledge Base Search

Knowledge Base Search

Rate this Article

Help us improve your support experience.

MySymantec

MySymantec

Contacting Support

Contacting Support