I thought i would let you know it looks like this is now solved.
Firstly I tried a reboot on both boxes, after 2-3hrs lsass jumped to over
300mb on both boxes.
So I sat down for around 2-3hrs read every log and looked at every possible
cause. Then I noticed I had a strange dns error, basically windows saying it
couldn’t find the domain associated with AD.
This was odd as dcdiag and netdiag came back clean, logins were fine etc.
I tried different methods to fix the dns issue but none worked, so I deleted
the zone recreated it then windows added all the records automatically. Now
the primary DC box after restarting netlogon lsass dropped to 38mb, excellent
second box didn’t, a reboot finally sorted the second box out. The second box
was a Secondary DC.
But there was no DNS error before the July updates which was rather odd.
So far it seems everything is working both boxes are below 35mb they
sometimes drop then go up again but not over 38mb.
But there we go. At least it is fixed touch wood (3 days and counting)!!!
"Mathieu CHATEAU" wrote:
> You may try to reboot one of the two (better not the dc), to be sure it's a
> new permanent "problem".
>
>
> --
> Cordialement,
> Mathieu CHATEAU
> http://lordoftheping.blogspot.com
>
>
> "Chris Daley - Dwebs Ltd" <ChrisDaleyDwebsLtd@discussions.microsoft.com>
> wrote in message news:B3B0E4AC-0E0D-4D11-B82D-ADA4A0D74D51@microsoft.com...
> > There box is way under used, it never used to be like this only since the
> > last reboot due to the july windows updates, thats the only thing i can
> > link
> > it to. Both boxes are different specs etc so not hardware specific.
> >
> > "Mathieu CHATEAU" wrote:
> >
> >> did you try process monitor/explorer to understand what's going on (high
> >> activity...)
> >>
> >> --
> >> Cordialement,
> >> Mathieu CHATEAU
> >> http://lordoftheping.blogspot.com
> >>
> >>
> >> "Chris Daley - Dwebs Ltd" <ChrisDaleyDwebsLtd@discussions.microsoft.com>
> >> wrote in message
> >> news:AFDE161D-1E84-400D-9615-5242DDE54E59@microsoft.com...
> >> > Already read that one!
> >> >
> >> > Box has 2gb of ram,
> >> >
> >> > <100 Users in AD only used for authent, this is a hosting environment,
> >> > so
> >> > users dont physically logon to client boxes. AD size is less than <20mb
> >> > if
> >> > i
> >> > read the info correctly, adsizer predicts 23mb mem usage at the most
> >> >
> >> > "Mathieu CHATEAU" wrote:
> >> >
> >> >> for the dc one:
> >> >> Memory usage by the Lsass.exe process on domain controllers that are
> >> >> running
> >> >> Windows Server 2003 or Windows 2000 Server
> >> >> http://support.microsoft.com/?scid=kb;en-us;308356&x=8&y=16
> >> >>
> >> >>
> >> >> --
> >> >> Cordialement,
> >> >> Mathieu CHATEAU
> >> >> http://lordoftheping.blogspot.com
> >> >>
> >> >>
> >> >> "Chris Daley - Dwebs Ltd"
> >> >> <ChrisDaleyDwebsLtd@discussions.microsoft.com>
> >> >> wrote in message
> >> >> news:C5196542-F15E-45A6-80A2-A602610D476D@microsoft.com...
> >> >> > Hi,
> >> >> >
> >> >> > Bit of an odd one this, we have two windows 2003 standard edition
> >> >> > sp2
> >> >> > boxes,
> >> >> > both had been up for around 30 days, then they were rebooted for the
> >> >> > last
> >> >> > lot
> >> >> > of windows updates.
> >> >> >
> >> >> > When they came back online i started to notice the lsass process
> >> >> > using
> >> >> > large
> >> >> > amounts of memory, currently after 10 days sitting at over 400mb.
> >> >> >
> >> >> > One box is the primary domain controller the other is a secondary,
> >> >> > both
> >> >> > run
> >> >> > IIS and various other applications.
> >> >> >
> >> >> > I haven’t found as yet a way to reduce the amount of memory in use.
> >> >> >
> >> >> > Has anyone else seen this recently I did a google and a couple of
> >> >> > people
> >> >> > reported the same issue in July but didn’t find a solution.
> >> >> >
> >> >>
> >> >>
> >>
> >>
>