LSA Secret Limitation Increased to 4096 in Windows NT 4.0 and Windows 2000
Article ID: 129815
Article Last Modified on 2/20/2007
APPLIES TO
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Professional Edition
- Microsoft Windows NT Advanced Server 3.1
- Microsoft Windows NT Server 3.5
- Microsoft Windows NT Server 3.51
- Microsoft Windows NT Server 4.0 Standard Edition
- Microsoft Windows NT Workstation 3.1
- Microsoft Windows NT Workstation 3.5
- Microsoft Windows NT Workstation 3.51
- Microsoft Windows NT Workstation 4.0 Developer Edition
- Microsoft Windows NT Advanced Server 3.1
This article was previously published under Q129815
SUMMARY
Windows NT 3.1, 3.5, and 3.51 have a limit of 256 local security authority
(LSA) secrets. This limit has been increased to 4096 in Windows NT version
4.0 and in Microsoft Windows 2000.
The client side of a trust relationship consumes one LSA secret. LSA
secrets are used for other purposes (most notably, trust relationships and
for saving service passwords), so you should not use all of them for
trusts. It is best not to consume more than half of the LSA secrets for
domain trust.
Additional query words: 3.10 status_too_many_secrets ntlsa.h
Keywords: kbinfo kbother KB129815