Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-5024: Large number of CLOSE_WAIT connections for lsass.exe on DC

Centrify DirectControl ,  

26 December,14 at 09:45 PM

Problem:
A large number of connections, mostly for port 88 in the CLOSE_WAIT state are being seen on the DC tied to the lsass.exe process. Connections on the Linux side timeout in FIN-WAIT-1 state. 

Information:
 It is the DC side that is waiting for its application to close socket to transition to LAST_ACK. but the close() call never came. 
Research into the into the CLOSE_WAIT status on the DC we found lots of CLOSE_WAIT complaints on internet for MS. 
Please see the following non Centrify link for information on this issue specifically for Kerberos: 
https://social.technet.microsoft.com/Forums/en-US/ebecd16b-5d24-4782-a473-ca49771b1e3a/hundreds-of-closewait-tcp-states-kerberos?forum=winserverDS 

Resolution:
This is a known issue with MS and we respectfully request you contact MS support to see what they advise as corrective action. 

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.