服务器 Gind.cn
  1. 服务器 Gind.cn
  3. LSBS.Exe使用SBS2003上的100%CPU使用率
Intereting Posts
在Amazon EC2上存储捆绑的AMI: Postfix:某些电子邮件地址的自定义拒绝消息 当没有部署CPU电源pipe理机制时,运行作业的服务器的电源图如何performance Weblogic在升级后缓解POODLE漏洞并仍然使用CBC密码 应该使用什么RAID级别 防止h / w RAID卡丢弃缓慢的JBOD磁盘 如何dynamic查找连接到系统的接口的名称和types Apache:主站点和子站点的configuration 我不明白我如何加载fastcgi模块到Apache并运行PHP:S …? MySQL停止接受通过3306的连接,仍然在本地主机上工作 Debian KVM上的主机网卡停止响应PING请求 Infiniband在Linux上? closures离线文件和文件夹的漫游configuration文件共享 searchDTS文件中的文本 运行Leopard Server和Netgear GSM7224的Xserve G4之间的链路汇聚

LSBS.Exe使用SBS2003上的100%CPU使用率

LSASS.exe在我的SBS2003 DC上使用100%的CPU使用率。

对于我的生活,我无法弄清楚是什么原因造成的。 我检查了事件日志,发现了一些事情。 我看不出有什么关系。 除了ActiveSync错误(很久以前,在发生此问题之前启动)之外,没有任何内容会定期login。

有几个日志, 

Event Type: Warning Event Source: MSDTC Event Category: SVC Event ID: 53258 Date: 02.05.2013 Time: 5:43:20 pm User: N/A Computer: SERVER Description: MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC will continue to function and will use the existing security settings. Error Specifics: %1 For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. 

 Event Type: Error Event Source: MSExchangeSA Event Category: RFR Interface Event ID: 9143 Date: 02.05.2013 Time: 5:42:58 pm User: N/A Computer: SERVER Description: Referral Interface cannot contact any Global Catalog that supports the NSPI Service. Clients making RFR requests will fail to connect until a Global Catalog becomes available again. After a Domain Controller is promoted to a Global Catalog, it must be rebooted to support MAPI Clients. For more information, click http://www.microsoft.com/contentredirect.asp.

还有一些MSExchangeAL错误; 

 Event Type: Error Event Source: MSExchangeAL Event Category: LDAP Operations Event ID: 8026 Date: 02.05.2013 Time: 5:31:32 pm User: N/A Computer: SERVER Description: LDAP Bind was unsuccessful on directory SERVER.etcetera.local for distinguished name ''. Directory returned error:[0x51] Server Down. For more information, click http://www.microsoft.com/contentredirect.asp. 

 Event Type: Error Event Source: MSExchangeAL Event Category: Service Control Event ID: 8250 Date: 02.05.2013 Time: 5:31:19 pm User: N/A Computer: SERVER Description: The Win32 API call 'DsGetDCNameW' returned error code [0x862] The specified component could not be found in the configuration information. The service could not be initialized. Make sure that the operating system was installed properly. For more information, click http://www.microsoft.com/contentredirect.asp. 

 Event Type: Error Event Source: MSExchangeAL Event Category: LDAP Operations Event ID: 8026 Date: 02.05.2013 Time: 5:31:19 pm User: N/A Computer: SERVER Description: LDAP Bind was unsuccessful on directory SERVER.etcetera.local for distinguished name ''. Directory returned error:[0x51] Server Down. For more information, click http://www.microsoft.com/contentredirect.asp.

这是这个域中唯一的服务器。 那么我假设,这个问题是来自这台机器的,所以我一直在关注这个部分。

http://blogs.technet.com/b/askds/archive/2007/08/23/troubleshooting-high-lsass-cpu-utilization-on-a-domain-controller-part-2-of-2.aspx

我已经尝试了几个我见过的选项。 我在“RASSFM KDCSVC WDIGEST scecli dsrestor”的HKLM \ System \ CurrentControlSet \ Control \ LSA中的Notification Packages中有条目。 我读过这里的标准条目不包括dsrestor条目,虽然我很犹豫,说这是问题(我有一个中断时间今晚testing删除这个+重新启动)。

任何人有任何想法,我可以尝试?

谢谢! -Ewan

好的,我发现了这个问题。 傻我 – 我没有注意到有一个重复的LSASS.exe。 原来这是恶意软件挖掘BitCoins,因此CPU使用率很高。