From security bulletin MS04-11:

Local Security Authority Subsystem Service (LSASS) provides an interface for
managing local security, domain authentication, and Active Directory
processes. It handles authentication for the client and for the server. It
also contains features that are used to support Active Directory utilities.

Hello,

Lsass.exe is actually a Core Component for Windows Security
System.

Thanks

Hello Spin,

The heart of security, doesn't matter if local computer or domain member.

"Local Security Authority (LSA)
The LSA Subsystem Service (LSASS) is the security subsystem in Windows that
is responsible for:

User authentication.
Local system security policy, which controls who can log on to the computer,
password policies, privileges that are granted to users and groups, and the
system security auditing settings.
Sending security audit messages to the event log.
User authentication in the LSASS is performed with security packages that
are dynamically loaded at run time. There are two basic types of security
packages; one is an authentication package that is accessed through a set
of APIs, which are referred to as the LSA API. The other is named Security
Support Provider (SSP), which is accessed through the Security Support Provider
Interface (SSPI).

The LSA API is used for local authentication on a workstation or server.
This API is called when you enter a user name and password at the CTRL+ALT+DEL
login prompt, or when you use the Win32 LogonUser function that is available
through the advapi32dll."

From: http://msdn.microsoft.com/en-us/library/aa480609.aspx

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm