Microsoft KB Archive/274172

{|
 * width="100%"|

FIX: Adding Multiple Users to Active Directory Can Cause Memory Leak When Setting Passwords

 * }

Q274172

-

The information in this article applies to:


 * Microsoft Active Directory Services Interface, Microsoft Active Directory Client, used with:
 * the operating system: Microsoft Windows 2000

-

SYMPTOMS
Adding many users (20,000 and more) through Active Directory Services Interface (ADSI) code may cause the Lsass.exe process to grow rapidly in size, and can result in performance problems on the client computer. A system restart may be needed to restore normal performance and to shrink Lsass.exe.

NOTE: One test found that adding 45,000 users resulted in Lsass.exe growth of 9 megabytes (MB), which is approximately 200 bytes per user.

CAUSE
The way that handles were referenced made it difficult to track for proper release. The fix changes the way that handles are referenced so that they may be released properly.

Note that even after you apply this fix, Lsass.exe will still grow as you add users. But the growth should be slower, a plateau will be reached, and memory will ultimately be recovered.

RESOLUTION
To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, please see the following article in the Microsoft Knowledge Base:

"Q260910 How to Obtain the Latest Windows 2000 Service Pack" The following files are available for download from the Microsoft Download Center:

US English:



Arabic:



Chinese (Simplified):



Chinese (Traditional):



Czech:



Danish:



Dutch:



Finnish:



French:



German:



Greek:



Hebrew:



Hungarian:



Italian:



Japanese:



Japanese (NEC):



Korean:



Norwegian:



Polish:



Portuguese:



Portuguese (Brazil):



Russian:



Spanish:



Swedish:



Turkish:



For additional information about how to download Microsoft Support files, click the article number below to view the article in the Microsoft Knowledge Base:

"Q119591 How to Obtain Microsoft Support Files from Online Services" Microsoft used the most current virus detection software available on the date of posting to scan this file for viruses. Once posted, the file is housed on secure servers that prevent any unauthorized changes to the file.

The English version of this fix should have the following file attributes or later:

Date       Time     Size      File name - 01/09/2001 09:48a   130,320   Adsldpc.dll 01/09/2001 10:39a   348,944   Advapi32.dll 01/09/2001 10:39a   135,440   Dnsapi.dll 01/09/2001 10:39a    90,896   Dnsrslvr.dll 01/09/2001 10:40a   512,784   Instlsa5.dll 01/09/2001 10:40a   140,048   Kdcsvc.dll 11/15/2000 02:37p   207,408   Kerberos.dll 12/19/2000 09:13p    69,456   Ksecdd.sys 01/09/2001 10:39a   494,864   Lsasrv.dll 01/02/2001 08:45a    33,552   Lsass.exe 11/13/2000 02:46p   104,464   Msv1_0.dll 01/09/2001 10:40a   306,960   Netapi32.dll 01/09/2001 10:39a   355,600   Netlogon.dll 01/09/2001 10:40a   907,024   Ntdsa.dll 01/09/2001 10:39a   378,128   Samsrv.dll 01/09/2001 11:30a   753,023   Sp2.cat 01/09/2001 09:48a   123,664   Wldap32.dll

STATUS
Microsoft has confirmed this to be a bug in the Microsoft products listed at the beginning of this article.

Steps to Reproduce Behavior
Run code that uses a loop to add users and set the password by using the IADsUser::SetPassword method.

After 20,000 to 30,000 users have been added, Lsass.exe will have increased in size, and performance will be reduced. Memory consumption by Lsass.exe does not level off, but continues to rise slowly.

Additional query words: leak bloat handle resource AD balloon

Keywords : kbWin2000PreSP2Fix kbWin2000SP2Fix kbgraphxlinkcritical

Issue type : kbbug

Technology : kbAudDeveloper kbActiveDirectory kbADSISearch