FIX: Adding multiple users to Active Directory can cause memory leak when setting passwords

Article translations Article translations
Article ID: 274172 - View products that this article applies to.
This article was previously published under Q274172
Expand all | Collapse all

On This Page

SYMPTOMS

Adding many users (20,000 and more) through Active Directory Services Interface (ADSI) code may cause the Lsass.exe process to grow rapidly in size, and can result in performance problems on the client computer. A system restart may be needed to restore normal performance and to shrink Lsass.exe.

NOTE: One test found that adding 45,000 users resulted in Lsass.exe growth of 9 megabytes (MB), which is approximately 200 bytes per user.

CAUSE

The way that handles were referenced made it difficult to track for proper release. The fix changes the way that handles are referenced so that they may be released properly.

Note that even after you apply this fix, Lsass.exe will still grow as you add users. But the growth should be slower, a plateau will be reached, and memory will ultimately be recovered.

RESOLUTION

To resolve this problem, obtain the latest service pack for Windows 2000. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
260910 How to obtain the latest Windows 2000 service pack
The following files are available for download from the Microsoft Download Center:
Collapse this imageExpand this image
Download
English Language Version

Collapse this imageExpand this image
Download
Arabic Language Version

Collapse this imageExpand this image
Download
Chinese (Simplified) Language Version

Collapse this imageExpand this image
Download
Chinese (Traditional) Language Version

Collapse this imageExpand this image
Download
Czech Language Version

Collapse this imageExpand this image
Download
Danish Language Version

Collapse this imageExpand this image
Download
Dutch Language Version

Collapse this imageExpand this image
Download
Finnish Language Version

Collapse this imageExpand this image
Download
French Language Version

Collapse this imageExpand this image
Download
German Language Version

Collapse this imageExpand this image
Download
Greek Language Version

Collapse this imageExpand this image
Download
Hebrew Language Version

Collapse this imageExpand this image
Download
Hungarian Language Version

Collapse this imageExpand this image
Download
Italian Language Version

Collapse this imageExpand this image
Download
Japanese Language Version

Collapse this imageExpand this image
Download
Japanese NEC Language Version

Collapse this imageExpand this image
Download
Korean Language Version

Collapse this imageExpand this image
Download
Norwegian Language Version

Collapse this imageExpand this image
Download
Polish Language Version

Collapse this imageExpand this image
Download
Portuguese (Brazilian) Language Version

Collapse this imageExpand this image
Download
Portuguese Language Version

Collapse this imageExpand this image
Download
Russian Language Version

Collapse this imageExpand this image
Download
Spanish Language Version

Collapse this imageExpand this image
Download
Swedish Language Version

Collapse this imageExpand this image
Download
Turkish Language Version

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file. The English version of this fix should have the following file attributes or later:
Date        Time     Size      File name     
---------------------------------------------
01/09/2001  09:48a   130,320   Adsldpc.dll
01/09/2001  10:39a   348,944   Advapi32.dll
01/09/2001  10:39a   135,440   Dnsapi.dll
01/09/2001  10:39a    90,896   Dnsrslvr.dll
01/09/2001  10:40a   512,784   Instlsa5.dll
01/09/2001  10:40a   140,048   Kdcsvc.dll
11/15/2000  02:37p   207,408   Kerberos.dll
12/19/2000  09:13p    69,456   Ksecdd.sys
01/09/2001  10:39a   494,864   Lsasrv.dll
01/02/2001  08:45a    33,552   Lsass.exe
11/13/2000  02:46p   104,464   Msv1_0.dll
01/09/2001  10:40a   306,960   Netapi32.dll
01/09/2001  10:39a   355,600   Netlogon.dll
01/09/2001  10:40a   907,024   Ntdsa.dll
01/09/2001  10:39a   378,128   Samsrv.dll
01/09/2001  11:30a   753,023   Sp2.cat
01/09/2001  09:48a   123,664   Wldap32.dll
				

STATUS

Microsoft has confirmed that this is a bug in the Microsoft products that are listed in the "Applies to" section.

MORE INFORMATION

Steps to reproduce the behavior

Run code that uses a loop to add users and set the password by using the IADsUser::SetPassword method.

After 20,000 to 30,000 users have been added, Lsass.exe will have increased in size, and performance will be reduced. Memory consumption by Lsass.exe does not level off, but continues to rise slowly.

Properties

Article ID: 274172 - Last Review: October 26, 2006 - Revision: 7.2
APPLIES TO
  • Microsoft Active Directory Service Interfaces 2.5, when used with:
    • the operating system: Microsoft Windows 2000
Keywords: 
kbbug kbfix kbgraphxlinkcritical kbwin2000presp2fix KB274172

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com