NT LM Security Support Provider (System Services for the Windows Server 2003 Family and Windows XP Operating Systems)
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Service Name: NtLmSsp
Executable Name: Lsass.exe
Log On As: LocalSystem
Description: The NT LM Security Support Provider service is the Local Security Authority (LSA) for the system. The NT LM Security Support Provider name used in the Services snap-in is a historical holdover.The LSA is responsible for two major tasks: authentication and management of local security policy objects.The LSA handles all authentication requests on the local system through the use of multiple security service providers. It provides interactive authentication for users in addition to noninteractive authentication for services. The LSA uses a variety of security service providers, which provide several different authentication protocols. Each of these providers is in a different DLL loaded by the LSA:
NTLM — LM, NTLM, and NTLMv2 (Msv1_0.dll)
The second major function of the LSA is to store and manage security objects. These objects include the access tokens for users, local security policy, and the trusted domains. For example, all access control list (ACL) checks use information from the LSA.
This is a critical system process. If it is stopped or disabled, all user and system authentication stops and all security policy checks fail — in short, the system no longer functions. For this reason, the administration tools do not allow an administrator to stop this process.
Available on: Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition; Windows Server 2003, Datacenter Edition and Windows Server 2003, Web Edition.
Installed through: Default operating system installation
Startup type: Manual
Service status: Stopped
This service depends on the following system components: None
The following system components depend on this service:
Windows Internet Name Service (WINS)