No announcement yet.

IIS6 install on w2K3 DC causes lsass violation

  • Filter
  • Time
  • Show
Clear All
new posts

  • IIS6 install on w2K3 DC causes lsass violation

    I hope I have the right forum here, sorry if I do not, but here goes.

    I had a w2K3 DC (server1) that I uninstalled IIS from. This went fine until I noticed my OWA 2K3 site was down and no one could connect. It turned out to be because IIS_WPG group had been deleted\removed from AD with the IIS uninstall. I have other DCs with IIS so I need the IIS_WPG for SUS\OWA and other internal stuff.

    I then attempted to re-install IIS on Server1 but was unsuccessful, I received an error:

    Exception calling handler routine for iis.
    Handler address is 0x64a2f3c1
    Function = 0xa
    Param1=0x0 Param2=0x0
    Exception Type=0xc0000005 Addr=0x76b22c4d

    This was stressful to say the least as users and managers are now breathing down my back. I attempted to uninstall and re-install IIS on a seperate DC (Server2) thinking the problem could have been server specific. So when I was reinstalling on Server2 an Lsass violation occurred:

    Event ID:1015 A critical system process, C:\WINDOWS\system32\lsass.exe, failed with status code 128. The machine must now be restarted.

    The temporary solution was to install a new DC (Server3) and install IIS on it. This worked, so now I have an extra DC on my network only for the purpose of creating and retaing the IIS_WPG. This is not how I want to use a W2K3 license and I fear that there may be something seriously wrong with my DCs.
    I have run DCDiag and NetDiag on all DCs and they all come up with no errors.

    The only modification (I am aware of) to AD from IIS install on a DC was the creation of IUSR\IWAM users and IIS_WPG. Things were working great until this day. I maintain a healthy AD as far as I know. All DCs are W2K3 except for 1 W2K.

    I am curious why IIS_WPG was removed in the first place. And also, why does IIS install generate lsass violation on existing DCs but not the newly installed one. Wierd. If anyone has any insight I would appreciate hearing it.

    Thanks so much in advance. cc

  • #2
    You have Exchange and SUS running on your DCs ?
    Guy Teverovsky
    "Smith & Wesson - the original point and click interface"


    • #3
      What about Share Point?


      Daniel Petri
      Microsoft Most Valuable Professional - Active Directory Directory Services


      • #4
        The Exchange is on a DC that is at a remote site with only one server. as well as SUS yes. Sharepoint is installed (hahaha) on a DC here as well. There were few servers here that were doing everything. I have recently managed to get new boxes to distribute some of the services, and continue to do so (my budget is limited). I have inhereted this config from the previous IT guy and I am trying to rectify the situation.

        I am in a jam and looking for some insight into the situation. I hope I am in the right place.