Talk:Local Security Authority Subsystem Service
From Wikipedia, the free encyclopedia
 |
This article is part of WikiProject Microsoft Windows, a WikiProject devoted to maintaining and improving the informative value and quality of Wikipedia's many Microsoft Windows articles. |
| Start | This article has been rated as start-Class on the assessment scale. |
| Mid | This article has been rated as mid-importance on WikiProject Microsoft Windows's importance scale. |
[edit] LSA-Shell
According to Sysinternals (=Microsoft) Process Explorer, lsass.exe is called the LSA-Shell! Who came up with "subsystem", when microsoft itself calls it a shell(-service)? This needs to be fixed. Unfortunately i can't find the functiont rename this page. Anyone? -- 62.143.90.14 (talk) 10:02, 17 December 2007 (UTC)
- Where on Sysinternals does it say that? I searched all over the Sysinternals blogs/site, and the one place[1] I can find that mentions Lsass, it says it stands for LSA subsystem service. There are also these pages [2] [3] published by Microsoft which reaffirm that LSASS stands for local authority subsystem service (that technical bulletin in particular looks quite authoritative and reliable). The "ss" suffix is a pattern that Microsoft seem to enjoy applying with their system processes (eg. csrss is the Win32 subsystem service, psxss is the POSIX subsystem service, smss is the Session manager subsystem service). --Oshah (talk) 23:18, 6 January 2008 (UTC)
- Oh, I get it. You must have run Process Explorer yourself, looked in the Description column and saw that it said "LSA Shell (Export version)" (which is the string embedded in the lsass.exe file).
- I generally wouldn't read too much into process image file names (example: the win32 subsystem for reasons known only to Microsoft called csrss). The entire LSA subsystem consists of more than just the process executable, it also consists of the DLLs lsasrv.dll, samsrv.dll, a bit of advapi32.dll, and the relevant registry keys, and that's what this article is about. --Oshah (talk) 23:30, 6 January 2008 (UTC)
The article would be of more use to the general user if it said which parts of it refer to good aspects and which to bad ones. For example, if my virus checker says that a remote user has started an lsass process, should that be manually blocked? In general, what Microsoft might describe as "software improvements" begs the question of whom the "improvements" are meant to benefit - the user or Microsoft? —Preceding unsigned comment added by 62.30.56.43 (talk) 20:01, 8 February 2008 (UTC)
