You cannot log on or the system stops responding when the Stored User Names and Passwords feature is enabled on a computer that is running Windows Server 2008 or Windows Vista
Consider the following scenario. You have a computer that is running Windows Server 2008 or Windows Vista. The Stored User Names and Passwords feature is enabled. Additionally, this feature has stored various user names and passwords. In this scenerio, you encounter one or more of the following problems:
You cannot log on to the computer when you use a domain user account. The logon process stops responding while it tries to process Group Policy settings. However, you can log on to the computer when you use a local user account.
The Network Location Awareness service stops responding. Additionally, you cannot exit this service.
Several services stop responding. After a while, the system stops responding.
When you try to browse the shared SYSVOL folder on a domain controller, Windows Explorer (Explorer.exe) stops responding.
When you disable a network adapter, the disable operation stops responding.
When you work in the Network and Sharing Center, the Network and Sharing Center stops responding.
To resolve these problems, you have to restart the computer. These problems frequently occur on servers where many logon operations and many logoff operations occur. For example, this problem frequently occurs on a terminal server.
This problem occurs because of a deadlock in the Lsass.exe process.
When the Lsass.exe process accesses stored user names and passwords, the process has to decrypt the user names and passwords. The process uses the Data Protection API (DPAPI) master key to perform this operation. If the Lsass.exe process cannot decrypt the user names and passwords by using the DPAPI master key, the process requests a backup key from a domain controller. However, if another thread in the Lsass.exe process is contacting the same domain controller to perform another authentication, a deadlock situation occurs.
A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing the problem described in this article. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.
If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.
Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.
Important Windows Vista and Windows Server 2008 hotfixes are included in the same packages. However, only one of these products may be listed on the “Hotfix Request” page. To request the hotfix package that applies to both Windows Vista and Windows Server 2008, just select the product that is listed on the page.
Prerequisites
To apply this hotfix, your computer must be running one of the following operating systems:
Windows Vista Service Pack 1 (SP1)
Windows Vista Service Pack 2 (SP2)
Windows Server 2008
Windows Server 2008 Service Pack 2 (SP2)
Restart requirement
You must restart the computer after you apply this hotfix.
Hotfix replacement information
This hotfix does not replace any other hotfix.
File information
The global version of this hotfix has the file attributes (or later file attributes) that are listed in the following table.
Windows Vista and Windows Server 2008 file information notes
The files that apply to a specific product, SR_Level (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table.
Collapse this tableExpand this table
Version
Product
SR_Level
Service branch
6.0.600
0
.
16xxx
Windows Vista
RTM
GDR
6.0.600
0
.
20xxx
Windows Vista
RTM
LDR
6.0.600
1
.
18xxx
Windows Vista and Windows Server 2008
SP1
GDR
6.0.600
1
.
22xxx
Windows Vista and Windows Server 2008
SP1
LDR
6.0.600
2
.
18xxx
Windows Vista and Windows Server 2008
SP2
GDR
6.0.600
2
.
22xxx
Windows Vista and Windows Server 2008
SP2
LDR
The first release of Windows Server 2008 contains Service Pack ( SP1)
The MANIFEST files (.manifest) and the MUM files (.mum) that are installed for each environment are
listed separately
. MUM and MANIFEST files, and the associated security catalog (.cat) files, are very important to maintaining the state of the updated component. The security catalog files (attributes not listed) are signed with a Microsoft digital signature.
The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
For all supported x86-based versions of Windows Server 2008 and of Windows Vista
Collapse this tableExpand this table
File name
File version
File size
Date
Time
Platform
Ksecdd.sys
6.0.6001.22450
439,880
28-Jul-2009
06:53
x86
Lsasrv.dll
6.0.6001.22500
1,258,496
19-Aug-2009
13:31
x86
Lsasrv.mof
Not Applicable
13,780
01-Apr-2009
19:10
Not applicable
Lsass.exe
6.0.6001.22500
9,728
19-Aug-2009
11:10
x86
Secur32.dll
6.0.6001.22500
72,704
19-Aug-2009
13:31
x86
Ksecdd.sys
6.0.6002.22152
439,880
30-Jul-2009
17:42
x86
Lsasrv.dll
6.0.6002.22204
1,259,520
19-Aug-2009
12:45
x86
Lsasrv.mof
Not applicable
13,780
03-Apr-2009
21:33
Not applicable
Lsass.exe
6.0.6002.22204
9,728
19-Aug-2009
10:35
x86
Secur32.dll
6.0.6002.22204
72,704
19-Aug-2009
12:46
x86
Wdigest.dll
6.0.6001.22500
175,104
19-Aug-2009
13:32
x86
Wdigest.dll
6.0.6002.22204
175,104
19-Aug-2009
12:46
x86
Msv1_0.dll
6.0.6002.22204
217,600
19-Aug-2009
12:45
x86
Msv1_0.dll
6.0.6001.22500
213,504
19-Aug-2009
13:30
x86
For all supported x64-based versions of Windows Server 2008 and of Windows Vista
Collapse this tableExpand this table
File name
File version
File size
Date
Time
Platform
Ksecdd.sys
6.0.6001.22450
515,656
28-Jul-2009
06:54
x64
Lsasrv.dll
6.0.6001.22500
1,694,208
19-Aug-2009
13:16
x64
Lsasrv.mof
Not applicable
13,780
01-Apr-2009
16:31
Not applicable
Lsass.exe
6.0.6001.22500
11,264
19-Aug-2009
11:12
x64
Secur32.dll
6.0.6001.22500
94,720
19-Aug-2009
13:16
x64
Ksecdd.sys
6.0.6002.22152
515,656
30-Jul-2009
17:42
x64
Lsasrv.dll
6.0.6002.22204
1,690,112
19-Aug-2009
12:46
x64
Lsasrv.mof
Not applicable
13,780
03-Apr-2009
21:02
Not applicable
Lsass.exe
6.0.6002.22204
11,264
19-Aug-2009
10:48
x64
Secur32.dll
6.0.6002.22204
94,720
19-Aug-2009
12:48
x64
Wdigest.dll
6.0.6001.22500
205,312
19-Aug-2009
13:17
x64
Wdigest.dll
6.0.6002.22204
205,312
19-Aug-2009
12:49
x64
Msv1_0.dll
6.0.6001.22500
269,312
19-Aug-2009
13:15
x64
Msv1_0.dll
6.0.6002.22204
269,312
19-Aug-2009
12:47
x64
Lsasrv.mof
Not applicable
13,780
01-Apr-2009
19:10
Not applicable
Secur32.dll
6.0.6001.22500
76,800
19-Aug-2009
13:32
x86
Lsasrv.mof
Not applicable
13,780
03-Apr-2009
21:33
Not applicable
Secur32.dll
6.0.6002.22204
77,312
19-Aug-2009
12:47
x86
Wdigest.dll
6.0.6001.22500
175,104
19-Aug-2009
13:32
x86
Wdigest.dll
6.0.6002.22204
175,104
19-Aug-2009
12:46
x86
Msv1_0.dll
6.0.6001.22500
213,504
19-Aug-2009
13:30
x86
Msv1_0.dll
6.0.6002.22204
217,600
19-Aug-2009
12:45
x86
For all supported Itanium-based versions of Windows Server 2008
Back to the top
