M  E  N  U
 - Guides
 - Links
 - Tools
 - Themes


Services Utility: Security Accounts Manager Service

Display Name (?): Security Accounts Manager
Short Name (?): SamSs
Executable (?): lsass.exe
Library (?): None.
Depends On (?): Remote Procedure Call (RPC)
Supports (?): Distributed File System, Distributed Transaction Coordinator, Intersite Messaging, SAM WinFS Account Store, Windows Internet Name Service (WINS)
Description (?): Stores security information for local user accounts.
OS (?): 2000 Professional, XP Home/Professional, Vista Home/Business, 2000 Server, Server 2003, Vista Server
Startup (?):

Explanation (?):

The security accounts manager service provides oversight on the SAM file. It provides information to other services and applications about the current lock state of the file. This simply means that it notifies programs when the file can be accessed, and when it cannot be. It also acts as an access point to other services for the SAM database.

It should be noted that many guides on the Internet state that this service is an integral part of group policies, at least the local form. But, this is incorrect. This service does not manage the group policies and by disabling it you should still have active local security policies, and the ability to save policies that you set.

However, this service is not an essential part of Windows operation. Even though it is considered a vital service it can be disabled and the computer should remain bootable. In theory it could cause serious complications by disabling this service, including the chance that you could corrupt your SAM hive and make it impossible to login. It is highly advisable that you do not disable this service as it could cause serious unforseen consequences. A possible consequence is also that this could service could increase boot times or add additional delays to programs as they wait for a response from this service and then face a timeout.

Please visit /tools/services/ for the complete Services utility.