Under specific conditions, a handle leak may occur in the Local Security Authority Subsystem Service (Lsass.exe) process on a server that is running Microsoft Forefront Unified Access Gateway (UAG) 2010. This problem can be seen in Performance Monitor by using the Process(process_name)\Handle Count counter for the Lsass object instance.


This problem occurs because of an issue in Forefront UAG. This problem causes a handle leak in the Lsass.exe process when Outlook Anywhere is published, and Kerberos constrained delegation (KCD) is used.


To resolve this problem, install Service Pack 4 for Microsoft Forefront Unified Access Gateway 2010.


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.


See the terminology Microsoft uses to describe software updates.

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

What affected your experience?

Thank you for your feedback!