Your IT Consultant

Fix Stalled Windows Domain Controllers

November 29, 2022

According to a post on The Register, some Windows servers running as domain controllers had a problem with this month’s Patch Tuesday updates. Microsoft announced that “installing KB5019966 or later updates on domain controllers (DCs) could see a memory leak with the Local Security Authority Subsystem Service (LSASS).” Microsoft stated In a post on the Windows Health Dashboard, “Depending on the workload of your DCs and the amount of time since the last restart of the server, LSASS might continually increase memory usage with the up time of your server and the server might become unresponsive or automatically restart.” It has been identified that the problem impacts Windows Server versions 2008 SP2 and R2 SP1, 2012 and 2012 R2, 2016 and 2019.

For the time being, Microsoft offered a workaround. Users can open a Command Prompt as an administrator and set the registry key KrbtgtFullPacSignature to zero. Open a Command Prompt as Administrator and enter the following command:

reg add “HKLM\System\CurrentControlSet\services\KDC” -v “KrbtgtFullPacSignature” -d 0 -t REG_DWORD

Email:   Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com